Report - sweepstakessurvey.org/sweep.html

Report Overview

Submitted URL
sweepstakessurvey.org/sweep.html
IP
104.26.15.215
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-25 13:49:58
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
30

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
sweepstakessurvey.org	359798	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	14 kB	204 kB	104.26.14.215
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.5 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
datatechonert.com	46154	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	463 B	489 B	139.45.195.253
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	41 kB	34.120.237.76
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.2 kB	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.41.201.177
cdntechone.com	64371	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	325 B	7.2 kB	172.67.149.153
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	385 B	750 B	139.45.195.8
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	359 B	1.4 kB	104.18.21.226
mc.yandex.ru	2672	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	11 kB	80 kB	93.158.134.119
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	337 B	1.4 kB	34.102.187.140
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-25	medium	sweepstakessurvey.org/sweep.html	Phishing
2022-11-25	medium	sweepstakessurvey.org/js/_global-config-sd.82962a7b.js	Phishing
2022-11-25	medium	sweepstakessurvey.org/js/v-redux-toolkit.esm.js.c3039cb3.js	Phishing
2022-11-25	medium	sweepstakessurvey.org/js/config/dict/cookie-consent-1.json?v=10	Phishing
2022-11-25	medium	sweepstakessurvey.org/js/v-AxiosHeaders.js.f509efe9.js	Phishing
2022-11-25	medium	sweepstakessurvey.org/js/survey.12.47477b7e.js	Phishing
2022-11-25	medium	sweepstakessurvey.org/js/v-index.js.7d7ee9d3.js	Phishing
2022-11-25	medium	sweepstakessurvey.org/js/v-xhr.js.13124150.js	Phishing
2022-11-25	medium	sweepstakessurvey.org/js/v-react-dom.production.min.js.f6c95ef9.js	Phishing
2022-11-25	medium	sweepstakessurvey.org/js/config/comments/en-sweep.json	Phishing
2022-11-25	medium	sweepstakessurvey.org/js/v-utils.js.f7e0c462.js	Phishing
2022-11-25	medium	sweepstakessurvey.org/sweep.html	Phishing
2022-11-25	medium	sweepstakessurvey.org/js/rtc.5ee66b70.js	Phishing
2022-11-25	medium	sweepstakessurvey.org/js/sweep.380e3b87.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-25	medium	datatechonert.com	Sinkholed

JavaScript (19)

	URL	Size	First Seen	Last Seen
	sweepstakessurvey.org/js/rtc.5ee66b70.js	11 kB	2023-03-08	2023-03-12
Pretty URL sweepstakessurvey.org/js/rtc.5ee66b70.js IP 104.26.15.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:01 Last Seen2023-03-12 21:16:07 Times Seen1 Hash 38f629c75b69a6d96eed768b9e38d7bd 00e96ebe297fe4eb7829bd5d260a515b58107671 58d3dfb386be8f3387c6eaf42bee668c4ea8d30aba5f2f8fe73d4e1c044658e4 Loading...

	sweepstakessurvey.org/js/v-redux-toolkit.esm.js.c3039cb3.js	10 kB	2023-03-11	2023-03-11
Pretty URL sweepstakessurvey.org/js/v-redux-toolkit.esm.js.c3039cb3.js IP 104.26.15.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:47:23 Last Seen2023-03-11 22:21:24 Times Seen1 Hash f442c7da93c27dd35de1e9a25f337e36 4d5a287bceea8d9ef9600a41771522faa31a2049 089537a06e44eda4732f6392c11c45a1f8dfdc76584a6ca29497ea180f2385cb Loading...

	sweepstakessurvey.org/js/v-react-dom.production.min.js.f6c95ef9.js	129 kB	2023-03-11	2023-03-11
Pretty URL sweepstakessurvey.org/js/v-react-dom.production.min.js.f6c95ef9.js IP 104.26.15.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:41:12 Last Seen2023-03-11 22:59:25 Times Seen1 Hash e4cacb53c063c81c647b9d9618eaf8db ea1b03d83ebb90417275102d62e15d41cbc7f292 e631f8cc4ffc369edcb8ec4389877aa4c38c959e948177a2863f16e0f9fc8f06 Loading...

	sweepstakessurvey.org/js/v-AxiosHeaders.js.f509efe9.js	3.0 kB	2023-03-11	2023-03-11
Pretty URL sweepstakessurvey.org/js/v-AxiosHeaders.js.f509efe9.js IP 104.26.15.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:47:23 Last Seen2023-03-11 21:52:08 Times Seen1 Hash 528fb449a1a1c7f74e015ed6a5401b8e e14c04645ff3760f5ea255fe94b6a9c481891ff2 9af06a87ba64ef59c1c765a2d5828a39d1c9575971f23fda139b2e646e1dbaff Loading...

	sweepstakessurvey.org/sweep.html	1.2 kB	2023-03-11	2023-03-11
Pretty URL sweepstakessurvey.org/sweep.html IP 104.26.14.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:47:23 Last Seen2023-03-11 21:52:08 Times Seen1 Hash 38ad9bf65ac82ca66705c9d93aa239e8 d8eda12bbed1f805a3624d9ecde200d0d8708bb3 25a10ce96973961d6e5e3580e8fc9e981c60ec4df35bbb0b4dab295cea59012a Loading...

	sweepstakessurvey.org/js/_global-config-sd.82962a7b.js	365 B	2023-03-08	2023-03-11
Pretty URL sweepstakessurvey.org/js/_global-config-sd.82962a7b.js IP 104.26.15.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:01 Last Seen2023-03-11 23:51:42 Times Seen1 Hash afe14b24ef2d99172e4e37d4c3185444 4b289b317d75b93ba666b5fe55ae08110f6e7f21 2b61fb3f4b27ac1ae170b37397cb88c6eaf2ac7849b943960c54762a30a049cc Loading...

	sweepstakessurvey.org/sweep.html	1.7 kB	2023-03-11	2023-03-11
Pretty URL sweepstakessurvey.org/sweep.html IP 104.26.14.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:41:12 Last Seen2023-03-11 23:32:19 Times Seen1 Hash 4a9a3b78e00ea0807d710b5749526d68 02bf956306ff281dd00400af3dadafc63b658791 cec0377e555ae3eeb46cb2217dd76da552adb73777fa05c04dd4d97f6deb0df5 Loading...

	sweepstakessurvey.org/js/v-index.js.7d7ee9d3.js	36 kB	2023-03-11	2023-03-11
Pretty URL sweepstakessurvey.org/js/v-index.js.7d7ee9d3.js IP 104.26.15.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:47:23 Last Seen2023-03-11 21:52:08 Times Seen1 Hash 7082ff5e1454fc7f86420ff2d4d4890d 98da48b7114e4afcb1c0d5fcf8e9175b6cafe4cd 0cab0448a051d4e5f2d424bce1ee8a5fcdaa32f588edd803cfa7b196b72b8707 Loading...

	cdntechone.com/stattag.js	13 kB	2023-03-08	2023-03-12
Pretty URL cdntechone.com/stattag.js IP 172.67.149.153 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:01 Last Seen2023-03-12 10:47:00 Times Seen1 Hash 06f6499fd0fa0ed3ab7e4e5220824cf4 7d46143675b281760790105a32018a6ebd62884d 2b9e2b7f5c251c5b5490e5e8adbda9acdf687b74eb8d5a8d8f2ee1a0104bae3f Loading...

	sweepstakessurvey.org/js/survey.12.47477b7e.js	191 kB	2023-03-11	2023-03-11
Pretty URL sweepstakessurvey.org/js/survey.12.47477b7e.js IP 104.26.15.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:07:14 Last Seen2023-03-11 20:39:09 Times Seen1 Hash 25043ff232e776e7a7c4b2a29d2bc863 bf4533b821d34fbf1e150ae1581256a3d33a700b 5bba6af55d55cdd0ee779bc37ed3f400ff6e6b8b1b352245c80fc4aac3150de0 Loading...

	sweepstakessurvey.org/js/sweep.380e3b87.js	211 B	2023-03-08	2023-03-11
Pretty URL sweepstakessurvey.org/js/sweep.380e3b87.js IP 104.26.15.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:28:31 Last Seen2023-03-11 23:45:50 Times Seen1 Hash ed6f24fa63dfe51eda75e71e4fac55ca ca63c6d443d2dbda1003d21b1bc9bbbd79854a3c 186afcfb978537b375b6ea270736089a7a33a36090269056a6c4a92a8601f77f Loading...

	sweepstakessurvey.org/js/v-xhr.js.13124150.js	3.0 kB	2023-03-11	2023-03-11
Pretty URL sweepstakessurvey.org/js/v-xhr.js.13124150.js IP 104.26.15.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:47:23 Last Seen2023-03-11 21:52:08 Times Seen1 Hash 866d17d389582b139363c916126cb442 ff75c4d9449b3339c3be1da18b4204c57efad456 bd50d5e827beb62b222165eb3213fb4528377933cce2eeb31cd3bbd20de5af15 Loading...

	sweepstakessurvey.org/js/config/data/sd-501.js?v=10	4.8 kB	2023-03-08	2023-04-26
Pretty URL sweepstakessurvey.org/js/config/data/sd-501.js?v=10 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:09:45 Last Seen2023-04-26 22:10:11 Times Seen53 Hash 6431aa83b841c664f8dea9137ce9eca5 569b235437700401a56a5da9a1f8bb95fe55270d 3f01b13c23edab870b39a5cf7294a65e43a7322dc75fac26d5f49e80b4896441 Loading...

	sweepstakessurvey.org/js/each-land-config.11fbe7f1.js	76 kB	2023-03-11	2023-03-11
Pretty URL sweepstakessurvey.org/js/each-land-config.11fbe7f1.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:47:23 Last Seen2023-03-11 21:52:08 Times Seen1 Hash ca7ba52ff62f59fb0bd16723fda7bd61 c3b7b3a4bb9b550da9bea5543a9249ac3e966a4a 98400f3f66e798e7f6e0afc829f18d9215b05f5c22b4a2fb53fcda6cb1b5b53b Loading...

	sweepstakessurvey.org/sweep.html	64 B	2023-03-07	2024-01-26
Pretty URL sweepstakessurvey.org/sweep.html IP 104.26.14.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:45 Last Seen2024-01-26 05:39:12 Times Seen4 Hash 2ccec2250167ac97d6b67640f4111470 decce1d07cebaa053b0811208f11a60a1f661910 d607b0aa0925b9c3d516a1facbc060571c15f029b27e4f0905f5f1dd54202f2d Loading...

	sweepstakessurvey.org/sweep.html	330 B	2023-03-11	2023-03-11
Pretty URL sweepstakessurvey.org/sweep.html IP 104.26.14.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:01:48 Last Seen2023-03-11 23:32:18 Times Seen1 Hash 4a9c32ff917c1facdb57dbc3aa40a341 793cf0e912de0e83d0f84bee6f0228f4aa58295c bd256e64393f8a5d8d85cb92c51e729c42aa2ab635e8043d6960e6f9f6c7ac7f Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 16:50:09 Times Seen36963214 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	sweepstakessurvey.org/js/v-utils.js.f7e0c462.js	7.1 kB	2023-03-11	2023-03-11
Pretty URL sweepstakessurvey.org/js/v-utils.js.f7e0c462.js IP 104.26.15.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:47:23 Last Seen2023-03-11 21:52:08 Times Seen1 Hash ce342bc34f50b2faa7dc126126d3fed6 79c536d3f0063d7a0b336f739353afb770a7a5c9 ab71bd3512963fb639f7c0c5be0be3ade3ad9b780f78e1450be15b044abd669c Loading...

		Size	First Seen	Last Seen
	#1 Write - 3a824154b16ed7dab899bf000b80eeee	4 B	2023-03-07	2024-02-13
Pretty Observations First Seen2023-03-07 01:02:03 Last Seen2024-02-13 04:29:14 Times Seen34 Hash 3a824154b16ed7dab899bf000b80eeee e575dccc71140754dd85beda5965b6a358150309 b1ab1e892617f210425f658cf1d361b5489028c8771b56d845fe1c62c1fbc8b0 Loading...

HTTP Transactions (68)

URL IP Response Size

sweepstakessurvey.org/sweep.html

104.26.14.215

301 Moved Permanently

0 B

URL HTTP/1.1
sweepstakessurvey.org/sweep.html
IP
104.26.14.215:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sweep.html HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Fri, 25 Nov 2022 13:49:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 25 Nov 2022 14:49:47 GMT
Location: https://sweepstakessurvey.org/sweep.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qsmCzTCJKh1tMZzyfDCx8sHSks3pq52G21aJ79xgz1xO2%2BwUy%2FA%2B9Pub26r95uF06o%2FL5guszP5uNWQ1GnOn%2FhYZRqjo1fONvSuz7bSaROcsDhEW%2BzPkbunU0%2Fa3I0WxLtxzFl0vjA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76fad980be1ab4f1-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3905
Expires: Fri, 25 Nov 2022 14:54:52 GMT
Date: Fri, 25 Nov 2022 13:49:47 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
10730f388c028d64e19b8a48d414768f
e43b104e57e5ea7ff8568835776858cf2ede6f00
f3c30c6d139288f1bfe13fce85c6ddc1514e1639fcf4d31a6012a3309ed1d50d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4043
Cache-Control: max-age=164930
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:49:47 GMT
Etag: "63809972-1d7"
Expires: Sun, 27 Nov 2022 11:38:37 GMT
Last-Modified: Fri, 25 Nov 2022 10:31:14 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6317
Expires: Fri, 25 Nov 2022 15:35:04 GMT
Date: Fri, 25 Nov 2022 13:49:47 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 13:19:07 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1840
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: IqSEQmtM4xZSomVE8iNBwESKZqe90mdcRm30VpsV0vV8T9hgiELm2p6eP9bU5HEf3cLe3VnjgzM=
x-amz-request-id: HNV5HCD9SJHYE5GZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 13:40:49 GMT
age: 538
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
3924bd313c9f3874f47d80a6f0ef255f
df7ba4ec8f8bb115170fd305d4c74ce8645767b8
0af55cfffbac9a8106b58489051d8ac6df3ae4d7206435a9cd7f8b3dc709c1ac

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=170574
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:49:47 GMT
Etag: "6380bf49-116"
Expires: Sun, 27 Nov 2022 13:12:41 GMT
Last-Modified: Fri, 25 Nov 2022 13:12:41 GMT
Server: nginx
Content-Length: 278

sweepstakessurvey.org/js/_global-config-sd.82962a7b.js

104.26.15.215

200 OK

599 B

URL HTTP/2
sweepstakessurvey.org/js/_global-config-sd.82962a7b.js
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (365), with no line terminators
Size
599 B (599 bytes)
Hash
96e3f0a2c91493ec4d73b710df15b8dc
a5cb9fd281282904dfb4ff9dfbdcd91053a4a63e
2bb7dd771d26a40b450ffe7041e7fd0cdb7103bfeef23718c2ab6f032f95e6db

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/_global-config-sd.82962a7b.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: W/"63809bf7-16d"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GpdIfI4iy4U%2FiMqQFIowj%2FyZppKEdOj5o9CRj1VCOmG3oOIZlnR%2FB1J%2BV%2FrtNeh3G8nPHbc2q0xYShB1EMhXFRew3ibCXbgmzXibg7%2Fz0ky5mw2rG4XAePg7vE%2FXFEBiQOfl6CyuVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad984aa43b509-OSL
content-encoding: br
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
94d86bd8aa3fb64d5ef4ba39b2093f46
f6f8b969e6d14af88dcd584c72ad52d904d459e9
43bbb48a1a37a33c18036773457c75408e907c1fd7297a42152aee29f396066e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43BBB48A1A37A33C18036773457C75408E907C1FD7297A42152AEE29F396066E"
Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2841
Expires: Fri, 25 Nov 2022 14:37:08 GMT
Date: Fri, 25 Nov 2022 13:49:47 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
df06e70fc8a35facf1d8db463d18e231
fa8a2975566cc792898f870e48ae7518d3657326
4cef7e704f4d575ce6733f6f2d803d241b597be51ff3fb03f72e5c33a893b504

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5305
Cache-Control: max-age=161128
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:49:48 GMT
Etag: "638085ab-1d7"
Expires: Sun, 27 Nov 2022 10:35:16 GMT
Last-Modified: Fri, 25 Nov 2022 09:06:51 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
43c41a27cfb94f91b82c53f813f82375
4a31b64743d1ecbbc21b4dd972710ed8be5b523e
cea985973cff7103745b7b76ae33a2016860a0e833ea33a9159788fd765fdd6d

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CEA985973CFF7103745B7B76AE33A2016860A0E833EA33A9159788FD765FDD6D"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8753
Expires: Fri, 25 Nov 2022 16:15:41 GMT
Date: Fri, 25 Nov 2022 13:49:48 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
43c41a27cfb94f91b82c53f813f82375
4a31b64743d1ecbbc21b4dd972710ed8be5b523e
cea985973cff7103745b7b76ae33a2016860a0e833ea33a9159788fd765fdd6d

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CEA985973CFF7103745B7B76AE33A2016860A0E833EA33A9159788FD765FDD6D"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8753
Expires: Fri, 25 Nov 2022 16:15:41 GMT
Date: Fri, 25 Nov 2022 13:49:48 GMT
Connection: keep-alive

my.rtmark.net/gid.js

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
6118ed2ad2331496f068a7cc2d5d8e13
6cd8cc1cb9c6465e1858dbf9fd7faf975db99a93
58940a980bb718b4abbb21453128e6044ff0a868faeebf89cbd1994d83143d76

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://sweepstakessurvey.org
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=89a7c6b527724d1e97d7ace83e1faa00; expires=Sat, 25 Nov 2023 13:49:48 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.41.201.177

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.41.201.177:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3f6jIoJ/GIU+mA2PWeEzQg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HkQwWxVarGZDtKskSHTHj7PqPRA=

ocsp.globalsign.com/gseccovsslca2018

104.18.21.226

200 OK

938 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
938 B (938 bytes)
Hash
96b2d91c871c0a9a1ef7363a41c7226d
71da353479ff6e9e9a6a77478cab13e62af97d60
edd802cb6bcea980528286315b33f0102f0efb8ab8b9d6d2b3e0db3ee28f6a8c

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 13:49:48 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Tue, 29 Nov 2022 10:53:46 GMT
ETag: "71da353479ff6e9e9a6a77478cab13e62af97d60"
Last-Modified: Fri, 25 Nov 2022 10:53:47 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3243
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76fad9892c24b500-OSL

sweepstakessurvey.org/img/comments/person-sweep-5.jpg

104.26.15.215

200 OK

3.3 kB

URL HTTP/2
sweepstakessurvey.org/img/comments/person-sweep-5.jpg
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2017:06:15 10:57:43], baseline, precision 8, 50x50, components 3\012- data
Size
3.3 kB (3268 bytes)
Hash
92c40a962aa579868b64b8b7f1b6575c
f676f1ce463a7b0b7b2c05587a9b52285e55e679
64e47fb0b1dc439d03463c15a7977d88988a4d3f7d563e3d772cc9ca8d41e414

HTTP Headers

GET /img/comments/person-sweep-5.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/jpeg
content-length: 3268
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: "63809bf7-cc4"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5c6g%2FVxktx6F0dps3tLerg08ZF1k5e7YFvnmDdRDT5Itm058AmhNj0BmHq52L6no9WlynoQLrtIO1mfYycwUcuGpvFBhqDao0XOVcpVJSOPCnKxbbmcgDj6uofVIsh%2FspzphDq0w3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad98988b2b509-OSL
X-Firefox-Spdy: h2

mc.yandex.ru/metrika/tag.js

93.158.134.119

200 OK

73 kB

URL HTTP/2
mc.yandex.ru/metrika/tag.js
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (587)
Size
73 kB (73267 bytes)
Hash
1d79426653c3b55939eaec59a2ce8ef5
c6db0314df7a4e5c08047f6306e0b79a1ad3bab2
2729cfe8b2f5142cf99734cbb4e1a3c6cd35868d279cd796db49ef62742ef993

HTTP Headers

GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 73267
date: Fri, 25 Nov 2022 13:49:48 GMT
access-control-allow-origin: *
etag: "637f41b2-11e33"
expires: Fri, 25 Nov 2022 14:49:48 GMT
last-modified: Thu, 24 Nov 2022 13:04:34 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

sweepstakessurvey.org/img/comments/person-sweep-10.jpg

104.26.15.215

200 OK

11 kB

URL HTTP/2
sweepstakessurvey.org/img/comments/person-sweep-10.jpg
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:07:21 09:33:44], baseline, precision 8, 50x50, components 3\012- data
Size
11 kB (10828 bytes)
Hash
2f7d5d907d9e6d0250afbdbeb7f3cb0c
136703751a36b76b1fe599930ec855f90fde9f23
271e2dabe37ae76b27d28edfeaf49c9a4135f62dd24a3c0ff3387ea9354841f1

HTTP Headers

GET /img/comments/person-sweep-10.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/jpeg
content-length: 10828
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: "63809bf7-2a4c"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EAg8WlLc%2B3Gie530ELAVYKRXXt327l0QOT51IxCfSYvkKYu7ZLPQsX49be0yvi6sXNdfZEbb3%2BobN57uyyHzqO%2F8okdW1MRCaiilamLEkMNkSV%2BleroC9GVWzkT5OS9LUd4Ve7Sv8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad98998c4b509-OSL
X-Firefox-Spdy: h2

sweepstakessurvey.org/img/comments/person-sweep-16.jpg

104.26.15.215

200 OK

1.2 kB

URL HTTP/2
sweepstakessurvey.org/img/comments/person-sweep-16.jpg
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size
1.2 kB (1208 bytes)
Hash
9574e9e3f629fc4cc0f470f678a232ca
89412a05077b4eaa423f7790bd5fb4ee3efc84eb
15f660e8aec56d65e9da4efcd552984e5a623c25b8484c3efbdfa7567bdab17d

HTTP Headers

GET /img/comments/person-sweep-16.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/jpeg
content-length: 1208
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: "63809bf7-4b8"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7A2XTTJA3xBca49D2RaPuuzxFINq5K9lLWCoTwj0Vcf0qLWFIbXh%2BENDFBle%2FLPfksZ96dh%2FOJV3B4hCW8h8eA55F9SP%2BKl9LloD%2FGw5j2givKUZvwuvSRDAZgoLZKKlQGge%2FEXTdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad989a8d8b509-OSL
X-Firefox-Spdy: h2

sweepstakessurvey.org/img/comments/person-sweep-15.jpg

104.26.15.215

200 OK

1.1 kB

URL HTTP/2
sweepstakessurvey.org/img/comments/person-sweep-15.jpg
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size
1.1 kB (1067 bytes)
Hash
ca57a3f68e171ebeb7798679d5fb79ca
688e6a4ffeeae81c9e970e03081de1fe26afac9a
f739552ded4074fa25475c5a5ed9c49dc0a769e791e9916b5d8bcbc044f8818a

HTTP Headers

GET /img/comments/person-sweep-15.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/jpeg
content-length: 1067
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: "63809bf7-42b"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=co0%2FKlMRTJGr27V40ok8nF8EWRpgUOLyKZDoZ7GGR8lru%2BLMPz4nQUN%2BnK9c08ILbjPEfmOHE9OhlGbPiY3EXjy4suuvmySSeX7FPVpOCl5Trg4bIKaYf93L8Z%2Fy4OE6re8QVtt8Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad989a8d7b509-OSL
X-Firefox-Spdy: h2

cdntechone.com/stattag.js

172.67.149.153

200 OK

6.4 kB

URL HTTP/2
cdntechone.com/stattag.js
IP
172.67.149.153:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (12932), with no line terminators
Size
6.4 kB (6362 bytes)
Hash
f0c7e9e853d79fd30c244783dd0899ae
1f23ae0a753f7621395ae9500a3599bc748ee40f
5e327d6619dceb6adecd85f66f9e80fcd110639fecb7441d6222e074e37710c5

HTTP Headers

GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:35 GMT
etag: W/"637e3737-3284"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5652
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xh5a4qyGW5ejkuYoy3DoT6GUJOsaixsXo8lHPPQDpIczLQlooytjEEguCR9gADpeWHVv1j2x%2BFafoWq5pfRSWMO759lAAy0rniEo26%2BnmljaEuTQw8p8HvPplYshD%2FTUBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fad9882a43b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

sweepstakessurvey.org/img/comments/person-sweep-9.jpg

104.26.15.215

200 OK

12 kB

URL HTTP/2
sweepstakessurvey.org/img/comments/person-sweep-9.jpg
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:07:21 09:32:23], baseline, precision 8, 50x50, components 3\012- data
Size
12 kB (11871 bytes)
Hash
f950070b2582c8f9202b5d084e91905f
7154a29bb2ecd778435943cf02c88fb9b0a86183
ccfcb58ee86d9df13807286e232dd153f04c84527fd80d5efc2212157cb6386e

HTTP Headers

GET /img/comments/person-sweep-9.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/jpeg
content-length: 11871
cf-bgj: h2pri
etag: "63809bf7-2e5f"
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZEVot9TjagTStD%2FkHaCWzQCFrcjs210fmRjKLQM30vJ0%2BAkvIfCcPd097nebcSp9UGT2XM%2BcIS1Mc%2F1TtdfrFuLGUbVT%2BdiZkXvq10%2Fcif0Bme036xOVeCzZBpASHuiZXye5WB6mg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad98998c3b509-OSL
X-Firefox-Spdy: h2

sweepstakessurvey.org/img/comments/person-sweep-8.jpg

104.26.15.215

200 OK

1.2 kB

URL HTTP/2
sweepstakessurvey.org/img/comments/person-sweep-8.jpg
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size
1.2 kB (1182 bytes)
Hash
f60b9c2d018d7a29d014742ae8e36839
1b59e7eec38eb9f620256742f83ae7938ac0bb07
ed7ea3a5c85d0ba010c783b9599441ba28fb4333cf1ef534f6ec07b5d81e7fd8

HTTP Headers

GET /img/comments/person-sweep-8.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/jpeg
content-length: 1182
cf-bgj: h2pri
etag: "63809bf7-49e"
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohW8ehihu4WN3jNNVqU1oPTgHWaHriEJfKPeDr9etCxX6GSi0jAsSQQUjrre6s1IFSxaJTHgPAujb6zmoqFxARdVkA0%2F54CDMULLJBkULJij3nvYHdWdhPAFB1P2kq%2FdexAOzH6%2B9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad98998c0b509-OSL
X-Firefox-Spdy: h2

sweepstakessurvey.org/css/survey.cc3533c8.css

104.26.15.215

200 OK

4.9 kB

URL HTTP/2
sweepstakessurvey.org/css/survey.cc3533c8.css
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (19889)
Size
4.9 kB (4883 bytes)
Hash
6888c5128dd3f127b9ad45eb282b7b44
b159df47e11ee79fe21d4f6659582d4cc05e3ca8
376e8fc3aa5d5ec9c044588d8fbe5aa006548a2ca3513c14b17a475ececd9526

HTTP Headers

GET /css/survey.cc3533c8.css HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: W/"63809bf7-4de1"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FfpMBU0Ut%2F%2BUxWZitzZR2ncaX5%2BwyKHTY5Yd%2FwVyWcPp79DIStFqc14eKG%2BszpmmHCBzZZ8UwdoakwcVpt1PVPXHNLJygO8Z9DtDj2IU5CNQq0%2Fn9RrW2Ml7%2Bqo96VcBumpibS2meQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad984aa53b509-OSL
content-encoding: br
X-Firefox-Spdy: h2

sweepstakessurvey.org/img/comments/person-sweep-11.jpg

104.26.15.215

200 OK

11 kB

URL HTTP/2
sweepstakessurvey.org/img/comments/person-sweep-11.jpg
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:07:21 09:32:58], baseline, precision 8, 50x50, components 3\012- data
Size
11 kB (10636 bytes)
Hash
e33f2bea60761c8f1c4cf8648839692a
14a8b54006c419c85842d96a8a4aeb837f5a0a5e
9d020381e094ab0ae1556c751f9c4af6498cf12989cd9c3605ca91b856cb5951

HTTP Headers

GET /img/comments/person-sweep-11.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/jpeg
content-length: 10636
cf-bgj: h2pri
etag: "63809bf7-298c"
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c3TYQx8SijXU7%2BnfwdoXyTiZlkoq%2BNkSqm2ylkJWrcWoDiJnRRM0FZIuX07g73nKIldP9OUvtGrhxBrablp9osEJSon1R9EXZk6Il45nD6f9omkAU0HbinrckA7Tz4%2Fh4XVCrwXnXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad98998cbb509-OSL
X-Firefox-Spdy: h2

sweepstakessurvey.org/img/comments/person-sweep-13.jpg

104.26.15.215

200 OK

1.1 kB

URL HTTP/2
sweepstakessurvey.org/img/comments/person-sweep-13.jpg
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size
1.1 kB (1110 bytes)
Hash
85059de53011f0ef712a5f4b5dd13219
481385e3fe4b3ec1fd703de246796396a33777b1
7f442be1fc6ab7aa64035207cedeff057625371b7a58d551fda451acee6b4f58

HTTP Headers

GET /img/comments/person-sweep-13.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/jpeg
content-length: 1110
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: "63809bf7-456"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y6U9bjZ%2B48PPaOOb1JrsLaZZkz8oGe40sdvZxi%2B5H5c%2BFjkuWjF3Qb7vTNqbnTdyzePQnIATZlDRIOhL6%2F92t01r%2BCFjsKBmF4ChCmCU0qoUasBT4rBcQdh0Gq0E%2ButG%2FJ4y7nTvoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad98998d0b509-OSL
X-Firefox-Spdy: h2

sweepstakessurvey.org/img/comments/person-sweep-12.jpg

104.26.15.215

200 OK

11 kB

URL HTTP/2
sweepstakessurvey.org/img/comments/person-sweep-12.jpg
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:07:21 09:34:12], baseline, precision 8, 50x50, components 3\012- data
Size
11 kB (11188 bytes)
Hash
85b4e587433a60e7d3e98b1ef93a71f8
c4c8600ce8a5be2640aacbac866bf8b1f8192f26
65e9048c6b09381baa8056de19ad758b2a302dbbc3fb1cdb509e414ed73c69b8

HTTP Headers

GET /img/comments/person-sweep-12.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/jpeg
content-length: 11188
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: "63809bf7-2bb4"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lh0y08Ood%2FUrRABw9PYlWs9%2BzJt%2FPj%2FVRhyfQXpDZ6mg7pPM97DiTVjYe55yq55kjn%2BuHjhvy8tyql%2Bs12Hijq8sI81%2FuFHjZ1DBttg2L37JMlxngBbB33QP2Cd6EtsuP20Ty9vjxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad98998cdb509-OSL
X-Firefox-Spdy: h2

sweepstakessurvey.org/favicon.ico

104.26.15.215

200 OK

67 kB

URL HTTP/2
sweepstakessurvey.org/favicon.ico
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
67 kB (67312 bytes)
Hash
d7d8713cdbf21431e5fef26166f267e9
e9d0a993c95ea1ec8e1ad3342006f0f28a45fd02
167b5601e855748fb13dac5ad8980c916919614b0f58d3036a957528e8a1af5e

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/x-icon
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: W/"63809bf7-47e"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lX0UuSDm40sepqgb%2BG%2BbxTiAWKphhVCS1Pp%2Fe9gvwQIBWULg88Fca6X3c3iamHhK76Omq0k7A5HWtNPfkSmVdXg5cR%2FjFazM7Oc%2FQSNlml%2FXovvParTYrvcFvy8YtSmdI6GOrMl6Hg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad988af84b509-OSL
content-encoding: br
X-Firefox-Spdy: h2

sweepstakessurvey.org/img/comments/person-sweep-2.jpg

104.26.15.215

200 OK

1.0 kB

URL HTTP/2
sweepstakessurvey.org/img/comments/person-sweep-2.jpg
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size
1.0 kB (1042 bytes)
Hash
e489d022a40ba80f51fb5acc1addea46
41c334f49c248783037ceaf6fc335acff62f760c
c39b4bfbcc6aa147547ca922c4f80350b48dbfa59cbd5176f44373e3b20f3567

HTTP Headers

GET /img/comments/person-sweep-2.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/jpeg
content-length: 1042
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: "63809bf7-412"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5IFqIVTTikMOquD1ui%2FA0vRpgdiM9yLgE4jjjbQVV5wSAkJdbwBbulL9oc9KjQPz%2Bo77ao%2BPiaSiSvB4SweA4tOGmbk0lN9VXDveO55u9cisF%2FRdcOEks1ugVdbjCPvmbkiL4zViPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad98988abb509-OSL
X-Firefox-Spdy: h2

sweepstakessurvey.org/img/comments/person-sweep-3.jpg

104.26.15.215

200 OK

1.1 kB

URL HTTP/2
sweepstakessurvey.org/img/comments/person-sweep-3.jpg
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size
1.1 kB (1063 bytes)
Hash
72ab252d8ff828965ad984b8ab16991f
e45ea3665e80feb2e6309b04e1ec2e8d41bb279b
c5d70c3abf95aecc84bcc1b1f9fc25848e690852071169bf57522fd671550291

HTTP Headers

GET /img/comments/person-sweep-3.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/jpeg
content-length: 1063
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: "63809bf7-427"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZgsY3e99ewhkkVnAoH1MdiMXE2unEiHg4asCYna%2B1eVYsqhhkW0YzkIHkaFru4u3WjKpdQVo0ySqDXCazthjJLu%2Bxd%2BI0SSKSk9Kn%2F2BZBRsl5ziCuGz3b0tA6pw1Q%2Bu%2BbIex5lo2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad98988aeb509-OSL
X-Firefox-Spdy: h2

sweepstakessurvey.org/img/comments/person-sweep-4.jpg

104.26.15.215

200 OK

3.7 kB

URL HTTP/2
sweepstakessurvey.org/img/comments/person-sweep-4.jpg
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2017:06:15 10:57:43], baseline, precision 8, 50x50, components 3\012- data
Size
3.7 kB (3694 bytes)
Hash
02eebe83bc6786ef27b852477d4c4998
205314ba911137b6f6be4eefd946a2c62229e591
a0038f9d5f6fe1ce8fe1bf1cc7256f05e16c11d27041739c55918b823744753c

HTTP Headers

GET /img/comments/person-sweep-4.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/jpeg
content-length: 3694
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: "63809bf7-e6e"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sOxrEvaTzJbB2m510oJhdKfrRQt%2FPom6nR646WOJ%2FnhlV2qkaFvlNIU%2F5aFChnbVMzYq0wMnBhHs6tHlqwjqB2Q7XjkolHaH1WVAHBdiAlVxQhGOxQrMqO6NDpprle04b10yI6Ko2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad98988b0b509-OSL
X-Firefox-Spdy: h2

sweepstakessurvey.org/img/comments/person-sweep-1.jpg

104.26.15.215

200 OK

3.9 kB

URL HTTP/2
sweepstakessurvey.org/img/comments/person-sweep-1.jpg
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2017:06:15 10:57:43], baseline, precision 8, 50x52, components 3\012- data
Size
3.9 kB (3900 bytes)
Hash
72c067fe856886245e7c47c7ff84e041
5210cb05f897db334c61f8971ccec9a7396ea8a7
9a106ad9f340c7bafdd365ea1ad24b9336c304b1e72653eb58e84b5604471030

HTTP Headers

GET /img/comments/person-sweep-1.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/jpeg
content-length: 3900
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: "63809bf7-f3c"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzWIyCjwKfE94jQXbxzv0lAtjsKJgDardMUNhf0JZD0oer7p7u8JONzEpQaFGPoJ3MAHjsnevTKSwDDMrxKwvgyhMZmqXS4234AhDz26MMYHQULl65rHjKQKAtx%2FMZsUSOzDsqVUYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad98988aab509-OSL
X-Firefox-Spdy: h2

sweepstakessurvey.org/img/comments/person-sweep-6.jpg

104.26.15.215

200 OK

10 kB

URL HTTP/2
sweepstakessurvey.org/img/comments/person-sweep-6.jpg
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:07:21 09:31:13], baseline, precision 8, 50x50, components 3\012- data
Size
10 kB (10400 bytes)
Hash
eecc2c7e1efc1d69f01f47b677666cf2
c4e909b86e22612ca4c5e599c7fc7204573b1baa
92aaaee44b9c6f7f69cd778106927274a9c6f0fec665555be6b020d220207fb6

HTTP Headers

GET /img/comments/person-sweep-6.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/jpeg
content-length: 10400
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: "63809bf7-28a0"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ImQ7u4QDA2PGtDXywln5Qm7n%2FpHNg%2FDtSahrvMQ4Jw%2Fk46ZiLNzsfZFASAvflX%2FxY9NGclJd7DlgVCSe7b%2BKf7J2JFXEvnMByiy6%2BZVqu0q5OYYqIEAXLtaXeDUi0%2FYQEOFXYDgSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad98988b5b509-OSL
X-Firefox-Spdy: h2

sweepstakessurvey.org/img/comments/unnamed.jpg

104.26.15.215

200 OK

1.4 kB

URL HTTP/2
sweepstakessurvey.org/img/comments/unnamed.jpg
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Size
1.4 kB (1378 bytes)
Hash
449aaf5a54e3fe3aa4f0f5875bede090
b2b897362626700277b7f8baca8b1f292d08b7e5
4200f94af9e21196c339a50a85d3d50c769e8655857fdaf67df6e99678b9ad59

HTTP Headers

GET /img/comments/unnamed.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/jpeg
content-length: 1378
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: "63809bf7-562"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLVSZFSKn%2FNUg1x7v4ik5nhlYQkW235u7TTuuBpF%2B33nb5t07iHuMco3AKyZ7%2FRWngZlmvBU%2BFLazR3qeunmgRsbCkWmQ4XBkEFZcM4Rx%2BXKzgbVWQP3Z9zEpg9Q777hDtlOwxRjSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad98988a8b509-OSL
X-Firefox-Spdy: h2

sweepstakessurvey.org/img/comments/person-sweep-7.jpg

104.26.15.215

200 OK

11 kB

URL HTTP/2
sweepstakessurvey.org/img/comments/person-sweep-7.jpg
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:07:21 09:30:25], baseline, precision 8, 50x50, components 3\012- data
Size
11 kB (10884 bytes)
Hash
583a669aef17441f222db5be083f3750
f869d6bf98c43f0a0a935305096fe637df202687
5afe11e79d5ce7715f2dd2a291c3841d7abc1a62ac89002214f9562f6f58865b

HTTP Headers

GET /img/comments/person-sweep-7.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/jpeg
content-length: 10884
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: "63809bf7-2a84"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l8IPybtx0hZOOXwRhqTkQFnD4%2FCD0lz19sZDHaUqyXwZGyUOS5NogpkQukImiT%2F5evGI%2BS%2FUI96vrlHm2lTFxHHoXJJA3f95zuyzc63HWuuNQkvBeHsWxusuE8%2B6um2BFoh1Iujudg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad98998bdb509-OSL
X-Firefox-Spdy: h2

datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a

139.45.195.253

200 OK

12 B

URL HTTP/1.1
datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a
IP
139.45.195.253:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 900
Origin: https://sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 25 Nov 2022 13:49:48 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://sweepstakessurvey.org
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

mc.yandex.ru/metrika/advert.gif

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/metrika/advert.gif
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 25 Nov 2022 13:49:48 GMT
access-control-allow-origin: *
etag: "637f41b2-2b"
expires: Fri, 25 Nov 2022 14:49:48 GMT
accept-ranges: bytes
last-modified: Thu, 24 Nov 2022 13:04:34 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A219%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A468433954%3Arqn%3A1%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C80%2C0%2C%2C0%2C%2C129%2C1%2C%2C%2C%2C312%3Ans%3A1669384187273%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)

93.158.134.119

302 Found

400 B

URL HTTP/2
mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A219%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A468433954%3Arqn%3A1%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C80%2C0%2C%2C0%2C%2C129%2C1%2C%2C%2C%2C312%3Ans%3A1669384187273%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Size
400 B (400 bytes)
Hash
8923fc07a56f4c1a39a3af383bbccf75
dcf784822d836d9063d8e94d1ca36c850a8c9a0e
d6465c1e93d8e6f292ed546d0b921a6e0385fa47867633e795402a33d6d3b40e

HTTP Headers

GET /watch/66423859?wmode=7&page-url=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A219%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A468433954%3Arqn%3A1%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C80%2C0%2C%2C0%2C%2C129%2C1%2C%2C%2C%2C312%3Ans%3A1669384187273%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
location: /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A219%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A468433954%3Arqn%3A1%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C80%2C0%2C%2C0%2C%2C129%2C1%2C%2C%2C%2C312%3Ans%3A1669384187273%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Fri, 25 Nov 2022 13:49:48 GMT
access-control-allow-origin: https://sweepstakessurvey.org
set-cookie: yandexuid=670967471669384188; Expires=Sat, 25-Nov-2023 13:49:48 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=670967471669384188; Expires=Sat, 25-Nov-2023 13:49:48 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=560404251669384188; Path=/; SameSite=None; Secure
i=0tSDSpDfM8zCGoUCv5+iDrcgO5vv3yuCdD03WVV408yQxgMqiSFQgYWvfH92Kek1aZPxnyAuz8Ra+yQeNiKYSpoelks=; Expires=Mon, 22-Nov-2032 13:49:47 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1700920188.yc.1669384188#1700920188.yrts.1669384188#1700920188.yrtsi.1669384188; Expires=Sat, 25-Nov-2023 13:49:48 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 25-Nov-2022 13:49:48 GMT
last-modified: Fri, 25-Nov-2022 13:49:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonSurveyStart&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A743523037%3Arqn%3A2%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C800%2C800%2C0%2C%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(2)aw(1)fip(1)rqnl(1)ti(2)

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonSurveyStart&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A743523037%3Arqn%3A2%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C800%2C800%2C0%2C%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(2)aw(1)fip(1)rqnl(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonSurveyStart&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A743523037%3Arqn%3A2%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C800%2C800%2C0%2C%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(2)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 40
Origin: https://sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 25 Nov 2022 13:49:48 GMT
access-control-allow-origin: https://sweepstakessurvey.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 25-Nov-2022 13:49:48 GMT
last-modified: Fri, 25-Nov-2022 13:49:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonUnique&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A238116818%3Arqn%3A4%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(4)aw(1)fip(1)rqnl(1)ti(2)

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonUnique&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A238116818%3Arqn%3A4%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(4)aw(1)fip(1)rqnl(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonUnique&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A238116818%3Arqn%3A4%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(4)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 37
Origin: https://sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 25 Nov 2022 13:49:48 GMT
access-control-allow-origin: https://sweepstakessurvey.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 25-Nov-2022 13:49:48 GMT
last-modified: Fri, 25-Nov-2022 13:49:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonAdexLoad&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A827244016%3Arqn%3A6%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(6)aw(1)fip(1)rqnl(1)ti(2)

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonAdexLoad&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A827244016%3Arqn%3A6%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(6)aw(1)fip(1)rqnl(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonAdexLoad&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A827244016%3Arqn%3A6%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(6)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: https://sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 25 Nov 2022 13:49:48 GMT
access-control-allow-origin: https://sweepstakessurvey.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 25-Nov-2022 13:49:48 GMT
last-modified: Fri, 25-Nov-2022 13:49:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonAdexCall&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A383116929%3Arqn%3A3%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(3)aw(1)fip(1)rqnl(1)ti(2)

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonAdexCall&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A383116929%3Arqn%3A3%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(3)aw(1)fip(1)rqnl(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonAdexCall&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A383116929%3Arqn%3A3%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(3)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: https://sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 25 Nov 2022 13:49:48 GMT
access-control-allow-origin: https://sweepstakessurvey.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 25-Nov-2022 13:49:48 GMT
last-modified: Fri, 25-Nov-2022 13:49:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonStepChange&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A34664117%3Arqn%3A5%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(5)aw(1)fip(1)rqnl(1)ti(2)

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonStepChange&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A34664117%3Arqn%3A5%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(5)aw(1)fip(1)rqnl(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonStepChange&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A34664117%3Arqn%3A5%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(5)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 43
Origin: https://sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 25 Nov 2022 13:49:48 GMT
access-control-allow-origin: https://sweepstakessurvey.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 25-Nov-2022 13:49:48 GMT
last-modified: Fri, 25-Nov-2022 13:49:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A640992799%3Arqn%3A7%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(7)aw(1)fip(1)rqnl(1)ti(2)

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A640992799%3Arqn%3A7%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(7)aw(1)fip(1)rqnl(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A640992799%3Arqn%3A7%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(7)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 50
Origin: https://sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 25 Nov 2022 13:49:48 GMT
access-control-allow-origin: https://sweepstakessurvey.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 25-Nov-2022 13:49:48 GMT
last-modified: Fri, 25-Nov-2022 13:49:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

sweepstakessurvey.org/sweep.html?utm_content=zd_public_v2

104.26.15.215

200 OK

2.6 kB

URL HTTP/2
sweepstakessurvey.org/sweep.html?utm_content=zd_public_v2
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
2.6 kB (2641 bytes)
Hash
78338dcdf2567769a0d0f0d558c8d2d0
2f64d73001068fb5b0e0cecd75974ce80ac4ed9f
3c3a7b948d547e1dab318ac037cd6f89fa186e4bdefb1851da4a1c0cad366f0d

HTTP Headers

GET /sweep.html?utm_content=zd_public_v2 HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: text/html
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9ikAglJkSIFjLuA9QNe467CBK92Yk3kEoxhHd%2FG7dbCBUmDElzCT2f8DGfgVcoGd4bw5%2BwF4hvBBx1vApXnAwdf2AAooEsmpTc1XjxNiBb5YywNQQwPObZPYx688daKkD0vV5GJog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad9864ca5b509-OSL
content-encoding: br
X-Firefox-Spdy: h2

sweepstakessurvey.org/js/v-redux-toolkit.esm.js.c3039cb3.js

104.26.15.215

200 OK

6.1 kB

URL HTTP/2
sweepstakessurvey.org/js/v-redux-toolkit.esm.js.c3039cb3.js
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (10042), with no line terminators
Size
6.1 kB (6060 bytes)
Hash
62944c4f0e895152dd886aaf35980fc1
533a30655635f8ee8140abdaf644c842bfbe04bc
9d837a3a7c43da580d79aa279409c0fa2f1e307a3889937b6b8f7788f98f635a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/v-redux-toolkit.esm.js.c3039cb3.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: W/"63809bf7-273a"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wq1ajiisQwYhwncXUSYQkihVH61FyCd1%2Fe6Bdbt6ejFo6WrKt%2BdQM0Q%2F2TDLAil68rIDRTirhrC6CpINEzUTetRSk%2BYblhYLlpjNhvrtYTLcmkxUpH%2FCFtoZOJuNYj8NbHzBAV%2BJPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad984aa58b509-OSL
content-encoding: br
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3731
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 13:49:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3731
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 13:49:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3731
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 13:49:49 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg

34.120.237.76

200 OK

4.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.0 kB (3955 bytes)
Hash
4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 02:07:28 GMT
age: 42141
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7993 bytes)
Hash
92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:47:08 GMT
age: 57761
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

sweepstakessurvey.org/js/config/dict/cookie-consent-1.json?v=10

104.26.15.215

200 OK

14 kB

URL HTTP/2
sweepstakessurvey.org/js/config/dict/cookie-consent-1.json?v=10
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- HTML document, Unicode text, UTF-8 text
Size
14 kB (14521 bytes)
Hash
2be6768de5ffb71bfc6413a7a1748ba7
857213a6ae455aefd8aa91bdbbdddcee3cf3904c
5b5403ba802876e8b30b2ade211da2de676ef1a9994793a32ec4143c192eb1c1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/config/dict/cookie-consent-1.json?v=10 HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: application/json
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: W/"63809bf7-1760"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nIGXJjX5MvhRzAJYDPFPVllS5Vn2vGwkoQ6yoAgJcGDxYiKPX2dlUGIDxcdIEzs2jwmut99W1umRUkkMe5EBhg1W0ZhagWySnhmRLfs9K%2BHa4bEr5bUYCN7fLuqPWlCWGUrnH4bldg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad9864ca9b509-OSL
content-encoding: br
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4309 bytes)
Hash
841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:38:44 GMT
age: 33065
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8006 bytes)
Hash
8b6ee13d43732f7c764a49500d092865
5d15fd672e968d59b541e4d5d0d01cd5e69f4075
fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8006
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-AHSrIAMFvKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: q53jN1uOtSdeThbk2_0UF6Rl3g4_-_TW7uK1_6Z5oDwSTSRk8XRjyQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:08 GMT
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075"
content-type: image/jpeg
age: 58481
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11743 bytes)
Hash
8784bb7a8b88736a6016f712e3183bf3
b0ddc1555d2506177adcdcea77864d75f1245d07
8e331713b0ad0b5670dd33dfdadde665e076a40ddb80905d4df89876d49803d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11743
x-amzn-requestid: 9ab0aba7-5cd1-4f6c-8984-dc221e1cbf8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cICD-F7joAMFqmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe3b2-152ba5f1495a44447356cdab;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oWSNdsrz59sJC2znLnFqa_Zm3T14_d6j-rjzDQe4yV22Dy2Qc4Swaw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:45 GMT
age: 57304
etag: "b0ddc1555d2506177adcdcea77864d75f1245d07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

sweepstakessurvey.org/js/v-AxiosHeaders.js.f509efe9.js

104.26.15.215

200 OK

0 B

URL HTTP/2
sweepstakessurvey.org/js/v-AxiosHeaders.js.f509efe9.js
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/v-AxiosHeaders.js.f509efe9.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: W/"63809bf7-b9f"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wxcJ7ymQSkGNaKyK9kKpLVuRGiBQB2PG9r4FP7S4ufv591LNOQ%2FieohSao6%2FcxTnHSlU1r3Hv1wPqxHGlXDHMZClyLS4rBwatsY0bgydzz4lP4QGEGH7nT3UVKHcOp%2FSq4rjXn3Lwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad984aa4cb509-OSL
content-encoding: br
X-Firefox-Spdy: h2

sweepstakessurvey.org/js/survey.12.47477b7e.js

104.26.15.215

200 OK

0 B

URL HTTP/2
sweepstakessurvey.org/js/survey.12.47477b7e.js
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/survey.12.47477b7e.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: W/"63809bf7-2eaeb"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a59HSO3u3FPkA6sta%2Bi%2BMVp6cpmBsoB%2BTS%2BTOVlqgoOZQyy06iyyDfqBZsMVF%2FxpR1%2BaPoL4Qwqfcooj44vjPVFtnZiidPxF2t8i1NV%2Bs6UJeMGbAF5CxDM050RcxM2lifTIuwI9eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad984aa5cb509-OSL
content-encoding: br
X-Firefox-Spdy: h2

sweepstakessurvey.org/js/v-index.js.7d7ee9d3.js

104.26.15.215

200 OK

0 B

URL HTTP/2
sweepstakessurvey.org/js/v-index.js.7d7ee9d3.js
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/v-index.js.7d7ee9d3.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: W/"63809bf7-8bfb"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8MkBGZcYg0Lk6O3lvkNiIuh488SdAYgQglmC3R3qWBcwOLAZh4eLO61AC05ctGOTPyOdIR7RgUh33cFNmpAZJJwnhkDZNXr%2Bq%2FNPKcg5SpssRyQpDCutc8lbHO%2BNTVGe2T84Bs4KUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad984aa46b509-OSL
content-encoding: br
X-Firefox-Spdy: h2

sweepstakessurvey.org/js/v-xhr.js.13124150.js

104.26.15.215

200 OK

0 B

URL HTTP/2
sweepstakessurvey.org/js/v-xhr.js.13124150.js
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/v-xhr.js.13124150.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: W/"63809bf7-bb3"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMe6azV4sGrGo9cqNYO2E18h9DFJD7kmC364LHud4c2U81PGAfV0jQYprbCBQweTPFoEsO7odJr%2FKDplt97dqQyffS5bicJMxAQUKRFq%2B1AYZ09WXihz7EShl8FPq6rRd%2Bw1BDKtmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad984aa4bb509-OSL
content-encoding: br
X-Firefox-Spdy: h2

sweepstakessurvey.org/js/v-react-dom.production.min.js.f6c95ef9.js

104.26.15.215

200 OK

0 B

URL HTTP/2
sweepstakessurvey.org/js/v-react-dom.production.min.js.f6c95ef9.js
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/v-react-dom.production.min.js.f6c95ef9.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: W/"63809bf7-1f80c"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ByzVoiEQpVt9Lt2Ig%2FesijDJFFVa%2FPNOTN27fTOLA%2F7lMD6RQOrZ2wsYfv1lOH%2Ba0Vb0TIx3pi8U8KDAftfzskWoWvvg2vAPTS2F%2B9C5FGLBgik4%2BTUsyXbTnFOuEa6wIYXcTodbzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad984aa57b509-OSL
content-encoding: br
X-Firefox-Spdy: h2

sweepstakessurvey.org/js/config/comments/en-sweep.json

104.26.15.215

200 OK

0 B

URL HTTP/2
sweepstakessurvey.org/js/config/comments/en-sweep.json
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/config/comments/en-sweep.json HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: application/json
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: W/"63809bf7-12f9"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hRB8q8gEFjK0wdYYIyYQny9UYHeZuxa3ttOg9QYtBumYj0AX80MHfXN7P23GshWqkThXZayHCjK7CZRTpao5tysNfiDSaWXuFZWNysGHj9ucNxbWZV5MUDRt4pCDtHR4wgOdqcc5jA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad9882ec8b509-OSL
content-encoding: br
X-Firefox-Spdy: h2

sweepstakessurvey.org/js/v-utils.js.f7e0c462.js

104.26.15.215

200 OK

0 B

URL HTTP/2
sweepstakessurvey.org/js/v-utils.js.f7e0c462.js
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/v-utils.js.f7e0c462.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: W/"63809bf7-1bcf"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TpZSxzxMnjqjHIVcCFHObb2BI3SDJoGwxbmt7aHJXm2MzYtfRrp4TI1nhYlCHGOkX2C2470RPKQeH4530z0Ry%2F5afVM46aQqarQHXhqi%2FoVXpm%2Fimq3U2Sfj3oskpb0vD3G4%2FUbK6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad984aa49b509-OSL
content-encoding: br
X-Firefox-Spdy: h2

sweepstakessurvey.org/css/sweep_3.4d08e7dc.css

104.26.15.215

200 OK

0 B

URL HTTP/2
sweepstakessurvey.org/css/sweep_3.4d08e7dc.css
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/sweep_3.4d08e7dc.css HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: W/"63809bf7-156e"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pAgx3F1u0wIlu8SwVJq2saGw1hgiZLpeq%2Fi9Jmztil3vQ61jRpT%2B%2FZceDf%2BOBynxJ6erNuR79vKg4Bg8p%2FivrjkMAQfvNSmlYiYBFFNx6h4QIbb9y0ruIi0h6OG0robi4%2FPfW94Bjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad984aa55b509-OSL
content-encoding: br
X-Firefox-Spdy: h2

sweepstakessurvey.org/sweep.html

104.26.15.215

200 OK

0 B

URL HTTP/2
sweepstakessurvey.org/sweep.html
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sweep.html HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: text/html
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w6RIueVGb6MAIzSTW%2B6NqZVer1PPA6%2BHMfCRsO89i7cc0%2FnMGZhz000Ld%2F14luaA6%2BnyxJgoosfMBMoKxt%2BPliAyvq81qirjWxoLHNIRaM7t8bbVqY%2FdK0%2B2xw4FZs1ovw%2FXNQ3ayA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad98398f8b509-OSL
content-encoding: br
X-Firefox-Spdy: h2

sweepstakessurvey.org/js/rtc.5ee66b70.js

104.26.15.215

200 OK

0 B

URL HTTP/2
sweepstakessurvey.org/js/rtc.5ee66b70.js
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/rtc.5ee66b70.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: W/"63809bf7-29d4"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oz6yE%2FEMqITXPqveO6txI3aeIJ%2BNJeVL%2Bz2lBrGEiFcDGKI6Wf2MiQm8P9rvnabmaChWIPmu0O8tGKOZXs5VSBNjzsEbyuNujXMW8F43jiG9bYj8j4YVOz8CYw2SzuoSVPKCLbO0xw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad984aa44b509-OSL
content-encoding: br
X-Firefox-Spdy: h2

sweepstakessurvey.org/css/sweep.dd84bc3b.css

104.26.15.215

200 OK

0 B

URL HTTP/2
sweepstakessurvey.org/css/sweep.dd84bc3b.css
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/sweep.dd84bc3b.css HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: W/"63809bf7-f533"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nV%2Fbc1cquTmro%2FbijG3ycpybushoQKhdZum6Fn0oWX%2FhuHu4BsyfNtR3%2BmgT0MiX0spuhuFmmpjbquAORELvNE4kF8yAvS7Rn9PMc0lYtrb3MyM3b2vbSMqYtomsXHcMvVhV%2BdZPZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad984aa54b509-OSL
content-encoding: br
X-Firefox-Spdy: h2

sweepstakessurvey.org/js/sweep.380e3b87.js

104.26.15.215

200 OK

0 B

URL HTTP/2
sweepstakessurvey.org/js/sweep.380e3b87.js
IP
104.26.15.215:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/sweep.380e3b87.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: W/"63809bf7-d3"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2B8bHTpfhVEdxJ5rmp0V%2F3e2MeKxrA8CjF2%2FpWQG1dQZkxQN0ZISoG65vVVhLv%2FyypukeBuCHyfmZ54x0xvaSBV4hlOafr7Vrs5sa2U9%2FCtUCI05GULh7yjlLVuPoJaJwwNRAeNMuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad984aa5db509-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations