sweepstakessurvey.org/sweep.html
104.26.14.215301 Moved Permanently 0 B URL HTTP/1.1 sweepstakessurvey.org/sweep.html
IP 104.26.14.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /sweep.html HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 25 Nov 2022 13:49:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 25 Nov 2022 14:49:47 GMT
Location: https://sweepstakessurvey.org/sweep.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qsmCzTCJKh1tMZzyfDCx8sHSks3pq52G21aJ79xgz1xO2%2BwUy%2FA%2B9Pub26r95uF06o%2FL5guszP5uNWQ1GnOn%2FhYZRqjo1fONvSuz7bSaROcsDhEW%2BzPkbunU0%2Fa3I0WxLtxzFl0vjA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76fad980be1ab4f1-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3905
Expires: Fri, 25 Nov 2022 14:54:52 GMT
Date: Fri, 25 Nov 2022 13:49:47 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 10730f388c028d64e19b8a48d414768f
e43b104e57e5ea7ff8568835776858cf2ede6f00
f3c30c6d139288f1bfe13fce85c6ddc1514e1639fcf4d31a6012a3309ed1d50d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4043
Cache-Control: max-age=164930
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:49:47 GMT
Etag: "63809972-1d7"
Expires: Sun, 27 Nov 2022 11:38:37 GMT
Last-Modified: Fri, 25 Nov 2022 10:31:14 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6317
Expires: Fri, 25 Nov 2022 15:35:04 GMT
Date: Fri, 25 Nov 2022 13:49:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 13:19:07 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1840
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: IqSEQmtM4xZSomVE8iNBwESKZqe90mdcRm30VpsV0vV8T9hgiELm2p6eP9bU5HEf3cLe3VnjgzM=
x-amz-request-id: HNV5HCD9SJHYE5GZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 13:40:49 GMT
age: 538
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 3924bd313c9f3874f47d80a6f0ef255f
df7ba4ec8f8bb115170fd305d4c74ce8645767b8
0af55cfffbac9a8106b58489051d8ac6df3ae4d7206435a9cd7f8b3dc709c1ac
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=170574
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:49:47 GMT
Etag: "6380bf49-116"
Expires: Sun, 27 Nov 2022 13:12:41 GMT
Last-Modified: Fri, 25 Nov 2022 13:12:41 GMT
Server: nginx
Content-Length: 278
sweepstakessurvey.org/js/_global-config-sd.82962a7b.js
104.26.15.215200 OK 599 B URL HTTP/2 sweepstakessurvey.org/js/_global-config-sd.82962a7b.js
IP 104.26.15.215:0
File type ASCII text, with very long lines (365), with no line terminators
Hash 96e3f0a2c91493ec4d73b710df15b8dc
a5cb9fd281282904dfb4ff9dfbdcd91053a4a63e
2bb7dd771d26a40b450ffe7041e7fd0cdb7103bfeef23718c2ab6f032f95e6db
Analyzer Verdict Alert fortinet Phishing
GET /js/_global-config-sd.82962a7b.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: W/"63809bf7-16d"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GpdIfI4iy4U%2FiMqQFIowj%2FyZppKEdOj5o9CRj1VCOmG3oOIZlnR%2FB1J%2BV%2FrtNeh3G8nPHbc2q0xYShB1EMhXFRew3ibCXbgmzXibg7%2Fz0ky5mw2rG4XAePg7vE%2FXFEBiQOfl6CyuVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad984aa43b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 94d86bd8aa3fb64d5ef4ba39b2093f46
f6f8b969e6d14af88dcd584c72ad52d904d459e9
43bbb48a1a37a33c18036773457c75408e907c1fd7297a42152aee29f396066e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43BBB48A1A37A33C18036773457C75408E907C1FD7297A42152AEE29F396066E"
Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2841
Expires: Fri, 25 Nov 2022 14:37:08 GMT
Date: Fri, 25 Nov 2022 13:49:47 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash df06e70fc8a35facf1d8db463d18e231
fa8a2975566cc792898f870e48ae7518d3657326
4cef7e704f4d575ce6733f6f2d803d241b597be51ff3fb03f72e5c33a893b504
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5305
Cache-Control: max-age=161128
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:49:48 GMT
Etag: "638085ab-1d7"
Expires: Sun, 27 Nov 2022 10:35:16 GMT
Last-Modified: Fri, 25 Nov 2022 09:06:51 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43c41a27cfb94f91b82c53f813f82375
4a31b64743d1ecbbc21b4dd972710ed8be5b523e
cea985973cff7103745b7b76ae33a2016860a0e833ea33a9159788fd765fdd6d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CEA985973CFF7103745B7B76AE33A2016860A0E833EA33A9159788FD765FDD6D"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8753
Expires: Fri, 25 Nov 2022 16:15:41 GMT
Date: Fri, 25 Nov 2022 13:49:48 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43c41a27cfb94f91b82c53f813f82375
4a31b64743d1ecbbc21b4dd972710ed8be5b523e
cea985973cff7103745b7b76ae33a2016860a0e833ea33a9159788fd765fdd6d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CEA985973CFF7103745B7B76AE33A2016860A0E833EA33A9159788FD765FDD6D"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8753
Expires: Fri, 25 Nov 2022 16:15:41 GMT
Date: Fri, 25 Nov 2022 13:49:48 GMT
Connection: keep-alive
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 6118ed2ad2331496f068a7cc2d5d8e13
6cd8cc1cb9c6465e1858dbf9fd7faf975db99a93
58940a980bb718b4abbb21453128e6044ff0a868faeebf89cbd1994d83143d76
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://sweepstakessurvey.org
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=89a7c6b527724d1e97d7ace83e1faa00; expires=Sat, 25 Nov 2023 13:49:48 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.41.201.177101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.201.177:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3f6jIoJ/GIU+mA2PWeEzQg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HkQwWxVarGZDtKskSHTHj7PqPRA=
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 96b2d91c871c0a9a1ef7363a41c7226d
71da353479ff6e9e9a6a77478cab13e62af97d60
edd802cb6bcea980528286315b33f0102f0efb8ab8b9d6d2b3e0db3ee28f6a8c
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 13:49:48 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Tue, 29 Nov 2022 10:53:46 GMT
ETag: "71da353479ff6e9e9a6a77478cab13e62af97d60"
Last-Modified: Fri, 25 Nov 2022 10:53:47 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3243
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76fad9892c24b500-OSL
sweepstakessurvey.org/img/comments/person-sweep-5.jpg
104.26.15.215200 OK 3.3 kB URL HTTP/2 sweepstakessurvey.org/img/comments/person-sweep-5.jpg
IP 104.26.15.215:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2017:06:15 10:57:43], baseline, precision 8, 50x50, components 3\012- data
Hash 92c40a962aa579868b64b8b7f1b6575c
f676f1ce463a7b0b7b2c05587a9b52285e55e679
64e47fb0b1dc439d03463c15a7977d88988a4d3f7d563e3d772cc9ca8d41e414
GET /img/comments/person-sweep-5.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/jpeg
content-length: 3268
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: "63809bf7-cc4"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5c6g%2FVxktx6F0dps3tLerg08ZF1k5e7YFvnmDdRDT5Itm058AmhNj0BmHq52L6no9WlynoQLrtIO1mfYycwUcuGpvFBhqDao0XOVcpVJSOPCnKxbbmcgDj6uofVIsh%2FspzphDq0w3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad98988b2b509-OSL
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
93.158.134.119200 OK 73 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 93.158.134.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (587)
Hash 1d79426653c3b55939eaec59a2ce8ef5
c6db0314df7a4e5c08047f6306e0b79a1ad3bab2
2729cfe8b2f5142cf99734cbb4e1a3c6cd35868d279cd796db49ef62742ef993
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73267
date: Fri, 25 Nov 2022 13:49:48 GMT
access-control-allow-origin: *
etag: "637f41b2-11e33"
expires: Fri, 25 Nov 2022 14:49:48 GMT
last-modified: Thu, 24 Nov 2022 13:04:34 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
sweepstakessurvey.org/img/comments/person-sweep-10.jpg
104.26.15.215200 OK 11 kB URL HTTP/2 sweepstakessurvey.org/img/comments/person-sweep-10.jpg
IP 104.26.15.215:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:07:21 09:33:44], baseline, precision 8, 50x50, components 3\012- data
Hash 2f7d5d907d9e6d0250afbdbeb7f3cb0c
136703751a36b76b1fe599930ec855f90fde9f23
271e2dabe37ae76b27d28edfeaf49c9a4135f62dd24a3c0ff3387ea9354841f1
GET /img/comments/person-sweep-10.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/jpeg
content-length: 10828
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: "63809bf7-2a4c"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EAg8WlLc%2B3Gie530ELAVYKRXXt327l0QOT51IxCfSYvkKYu7ZLPQsX49be0yvi6sXNdfZEbb3%2BobN57uyyHzqO%2F8okdW1MRCaiilamLEkMNkSV%2BleroC9GVWzkT5OS9LUd4Ve7Sv8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad98998c4b509-OSL
X-Firefox-Spdy: h2
sweepstakessurvey.org/img/comments/person-sweep-16.jpg
104.26.15.215200 OK 1.2 kB URL HTTP/2 sweepstakessurvey.org/img/comments/person-sweep-16.jpg
IP 104.26.15.215:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 9574e9e3f629fc4cc0f470f678a232ca
89412a05077b4eaa423f7790bd5fb4ee3efc84eb
15f660e8aec56d65e9da4efcd552984e5a623c25b8484c3efbdfa7567bdab17d
GET /img/comments/person-sweep-16.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/jpeg
content-length: 1208
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: "63809bf7-4b8"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7A2XTTJA3xBca49D2RaPuuzxFINq5K9lLWCoTwj0Vcf0qLWFIbXh%2BENDFBle%2FLPfksZ96dh%2FOJV3B4hCW8h8eA55F9SP%2BKl9LloD%2FGw5j2givKUZvwuvSRDAZgoLZKKlQGge%2FEXTdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad989a8d8b509-OSL
X-Firefox-Spdy: h2
sweepstakessurvey.org/img/comments/person-sweep-15.jpg
104.26.15.215200 OK 1.1 kB URL HTTP/2 sweepstakessurvey.org/img/comments/person-sweep-15.jpg
IP 104.26.15.215:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash ca57a3f68e171ebeb7798679d5fb79ca
688e6a4ffeeae81c9e970e03081de1fe26afac9a
f739552ded4074fa25475c5a5ed9c49dc0a769e791e9916b5d8bcbc044f8818a
GET /img/comments/person-sweep-15.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/jpeg
content-length: 1067
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: "63809bf7-42b"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=co0%2FKlMRTJGr27V40ok8nF8EWRpgUOLyKZDoZ7GGR8lru%2BLMPz4nQUN%2BnK9c08ILbjPEfmOHE9OhlGbPiY3EXjy4suuvmySSeX7FPVpOCl5Trg4bIKaYf93L8Z%2Fy4OE6re8QVtt8Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad989a8d7b509-OSL
X-Firefox-Spdy: h2
cdntechone.com/stattag.js
172.67.149.153200 OK 6.4 kB URL HTTP/2 cdntechone.com/stattag.js
IP 172.67.149.153:0
File type ASCII text, with very long lines (12932), with no line terminators
Hash f0c7e9e853d79fd30c244783dd0899ae
1f23ae0a753f7621395ae9500a3599bc748ee40f
5e327d6619dceb6adecd85f66f9e80fcd110639fecb7441d6222e074e37710c5
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:35 GMT
etag: W/"637e3737-3284"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5652
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xh5a4qyGW5ejkuYoy3DoT6GUJOsaixsXo8lHPPQDpIczLQlooytjEEguCR9gADpeWHVv1j2x%2BFafoWq5pfRSWMO759lAAy0rniEo26%2BnmljaEuTQw8p8HvPplYshD%2FTUBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fad9882a43b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sweepstakessurvey.org/img/comments/person-sweep-9.jpg
104.26.15.215200 OK 12 kB URL HTTP/2 sweepstakessurvey.org/img/comments/person-sweep-9.jpg
IP 104.26.15.215:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:07:21 09:32:23], baseline, precision 8, 50x50, components 3\012- data
Hash f950070b2582c8f9202b5d084e91905f
7154a29bb2ecd778435943cf02c88fb9b0a86183
ccfcb58ee86d9df13807286e232dd153f04c84527fd80d5efc2212157cb6386e
GET /img/comments/person-sweep-9.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/jpeg
content-length: 11871
cf-bgj: h2pri
etag: "63809bf7-2e5f"
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZEVot9TjagTStD%2FkHaCWzQCFrcjs210fmRjKLQM30vJ0%2BAkvIfCcPd097nebcSp9UGT2XM%2BcIS1Mc%2F1TtdfrFuLGUbVT%2BdiZkXvq10%2Fcif0Bme036xOVeCzZBpASHuiZXye5WB6mg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad98998c3b509-OSL
X-Firefox-Spdy: h2
sweepstakessurvey.org/img/comments/person-sweep-8.jpg
104.26.15.215200 OK 1.2 kB URL HTTP/2 sweepstakessurvey.org/img/comments/person-sweep-8.jpg
IP 104.26.15.215:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash f60b9c2d018d7a29d014742ae8e36839
1b59e7eec38eb9f620256742f83ae7938ac0bb07
ed7ea3a5c85d0ba010c783b9599441ba28fb4333cf1ef534f6ec07b5d81e7fd8
GET /img/comments/person-sweep-8.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/jpeg
content-length: 1182
cf-bgj: h2pri
etag: "63809bf7-49e"
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohW8ehihu4WN3jNNVqU1oPTgHWaHriEJfKPeDr9etCxX6GSi0jAsSQQUjrre6s1IFSxaJTHgPAujb6zmoqFxARdVkA0%2F54CDMULLJBkULJij3nvYHdWdhPAFB1P2kq%2FdexAOzH6%2B9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad98998c0b509-OSL
X-Firefox-Spdy: h2
sweepstakessurvey.org/css/survey.cc3533c8.css
104.26.15.215200 OK 4.9 kB URL HTTP/2 sweepstakessurvey.org/css/survey.cc3533c8.css
IP 104.26.15.215:0
File type ASCII text, with very long lines (19889)
Hash 6888c5128dd3f127b9ad45eb282b7b44
b159df47e11ee79fe21d4f6659582d4cc05e3ca8
376e8fc3aa5d5ec9c044588d8fbe5aa006548a2ca3513c14b17a475ececd9526
GET /css/survey.cc3533c8.css HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: W/"63809bf7-4de1"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FfpMBU0Ut%2F%2BUxWZitzZR2ncaX5%2BwyKHTY5Yd%2FwVyWcPp79DIStFqc14eKG%2BszpmmHCBzZZ8UwdoakwcVpt1PVPXHNLJygO8Z9DtDj2IU5CNQq0%2Fn9RrW2Ml7%2Bqo96VcBumpibS2meQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad984aa53b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
sweepstakessurvey.org/img/comments/person-sweep-11.jpg
104.26.15.215200 OK 11 kB URL HTTP/2 sweepstakessurvey.org/img/comments/person-sweep-11.jpg
IP 104.26.15.215:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:07:21 09:32:58], baseline, precision 8, 50x50, components 3\012- data
Hash e33f2bea60761c8f1c4cf8648839692a
14a8b54006c419c85842d96a8a4aeb837f5a0a5e
9d020381e094ab0ae1556c751f9c4af6498cf12989cd9c3605ca91b856cb5951
GET /img/comments/person-sweep-11.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/jpeg
content-length: 10636
cf-bgj: h2pri
etag: "63809bf7-298c"
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c3TYQx8SijXU7%2BnfwdoXyTiZlkoq%2BNkSqm2ylkJWrcWoDiJnRRM0FZIuX07g73nKIldP9OUvtGrhxBrablp9osEJSon1R9EXZk6Il45nD6f9omkAU0HbinrckA7Tz4%2Fh4XVCrwXnXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad98998cbb509-OSL
X-Firefox-Spdy: h2
sweepstakessurvey.org/img/comments/person-sweep-13.jpg
104.26.15.215200 OK 1.1 kB URL HTTP/2 sweepstakessurvey.org/img/comments/person-sweep-13.jpg
IP 104.26.15.215:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 85059de53011f0ef712a5f4b5dd13219
481385e3fe4b3ec1fd703de246796396a33777b1
7f442be1fc6ab7aa64035207cedeff057625371b7a58d551fda451acee6b4f58
GET /img/comments/person-sweep-13.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/jpeg
content-length: 1110
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: "63809bf7-456"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y6U9bjZ%2B48PPaOOb1JrsLaZZkz8oGe40sdvZxi%2B5H5c%2BFjkuWjF3Qb7vTNqbnTdyzePQnIATZlDRIOhL6%2F92t01r%2BCFjsKBmF4ChCmCU0qoUasBT4rBcQdh0Gq0E%2ButG%2FJ4y7nTvoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad98998d0b509-OSL
X-Firefox-Spdy: h2
sweepstakessurvey.org/img/comments/person-sweep-12.jpg
104.26.15.215200 OK 11 kB URL HTTP/2 sweepstakessurvey.org/img/comments/person-sweep-12.jpg
IP 104.26.15.215:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:07:21 09:34:12], baseline, precision 8, 50x50, components 3\012- data
Hash 85b4e587433a60e7d3e98b1ef93a71f8
c4c8600ce8a5be2640aacbac866bf8b1f8192f26
65e9048c6b09381baa8056de19ad758b2a302dbbc3fb1cdb509e414ed73c69b8
GET /img/comments/person-sweep-12.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/jpeg
content-length: 11188
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: "63809bf7-2bb4"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lh0y08Ood%2FUrRABw9PYlWs9%2BzJt%2FPj%2FVRhyfQXpDZ6mg7pPM97DiTVjYe55yq55kjn%2BuHjhvy8tyql%2Bs12Hijq8sI81%2FuFHjZ1DBttg2L37JMlxngBbB33QP2Cd6EtsuP20Ty9vjxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad98998cdb509-OSL
X-Firefox-Spdy: h2
sweepstakessurvey.org/favicon.ico
104.26.15.215200 OK 67 kB URL HTTP/2 sweepstakessurvey.org/favicon.ico
IP 104.26.15.215:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash d7d8713cdbf21431e5fef26166f267e9
e9d0a993c95ea1ec8e1ad3342006f0f28a45fd02
167b5601e855748fb13dac5ad8980c916919614b0f58d3036a957528e8a1af5e
GET /favicon.ico HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/x-icon
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: W/"63809bf7-47e"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lX0UuSDm40sepqgb%2BG%2BbxTiAWKphhVCS1Pp%2Fe9gvwQIBWULg88Fca6X3c3iamHhK76Omq0k7A5HWtNPfkSmVdXg5cR%2FjFazM7Oc%2FQSNlml%2FXovvParTYrvcFvy8YtSmdI6GOrMl6Hg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad988af84b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
sweepstakessurvey.org/img/comments/person-sweep-2.jpg
104.26.15.215200 OK 1.0 kB URL HTTP/2 sweepstakessurvey.org/img/comments/person-sweep-2.jpg
IP 104.26.15.215:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash e489d022a40ba80f51fb5acc1addea46
41c334f49c248783037ceaf6fc335acff62f760c
c39b4bfbcc6aa147547ca922c4f80350b48dbfa59cbd5176f44373e3b20f3567
GET /img/comments/person-sweep-2.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/jpeg
content-length: 1042
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: "63809bf7-412"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5IFqIVTTikMOquD1ui%2FA0vRpgdiM9yLgE4jjjbQVV5wSAkJdbwBbulL9oc9KjQPz%2Bo77ao%2BPiaSiSvB4SweA4tOGmbk0lN9VXDveO55u9cisF%2FRdcOEks1ugVdbjCPvmbkiL4zViPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad98988abb509-OSL
X-Firefox-Spdy: h2
sweepstakessurvey.org/img/comments/person-sweep-3.jpg
104.26.15.215200 OK 1.1 kB URL HTTP/2 sweepstakessurvey.org/img/comments/person-sweep-3.jpg
IP 104.26.15.215:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 72ab252d8ff828965ad984b8ab16991f
e45ea3665e80feb2e6309b04e1ec2e8d41bb279b
c5d70c3abf95aecc84bcc1b1f9fc25848e690852071169bf57522fd671550291
GET /img/comments/person-sweep-3.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/jpeg
content-length: 1063
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: "63809bf7-427"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZgsY3e99ewhkkVnAoH1MdiMXE2unEiHg4asCYna%2B1eVYsqhhkW0YzkIHkaFru4u3WjKpdQVo0ySqDXCazthjJLu%2Bxd%2BI0SSKSk9Kn%2F2BZBRsl5ziCuGz3b0tA6pw1Q%2Bu%2BbIex5lo2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad98988aeb509-OSL
X-Firefox-Spdy: h2
sweepstakessurvey.org/img/comments/person-sweep-4.jpg
104.26.15.215200 OK 3.7 kB URL HTTP/2 sweepstakessurvey.org/img/comments/person-sweep-4.jpg
IP 104.26.15.215:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2017:06:15 10:57:43], baseline, precision 8, 50x50, components 3\012- data
Hash 02eebe83bc6786ef27b852477d4c4998
205314ba911137b6f6be4eefd946a2c62229e591
a0038f9d5f6fe1ce8fe1bf1cc7256f05e16c11d27041739c55918b823744753c
GET /img/comments/person-sweep-4.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/jpeg
content-length: 3694
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: "63809bf7-e6e"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sOxrEvaTzJbB2m510oJhdKfrRQt%2FPom6nR646WOJ%2FnhlV2qkaFvlNIU%2F5aFChnbVMzYq0wMnBhHs6tHlqwjqB2Q7XjkolHaH1WVAHBdiAlVxQhGOxQrMqO6NDpprle04b10yI6Ko2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad98988b0b509-OSL
X-Firefox-Spdy: h2
sweepstakessurvey.org/img/comments/person-sweep-1.jpg
104.26.15.215200 OK 3.9 kB URL HTTP/2 sweepstakessurvey.org/img/comments/person-sweep-1.jpg
IP 104.26.15.215:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2017:06:15 10:57:43], baseline, precision 8, 50x52, components 3\012- data
Hash 72c067fe856886245e7c47c7ff84e041
5210cb05f897db334c61f8971ccec9a7396ea8a7
9a106ad9f340c7bafdd365ea1ad24b9336c304b1e72653eb58e84b5604471030
GET /img/comments/person-sweep-1.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/jpeg
content-length: 3900
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: "63809bf7-f3c"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzWIyCjwKfE94jQXbxzv0lAtjsKJgDardMUNhf0JZD0oer7p7u8JONzEpQaFGPoJ3MAHjsnevTKSwDDMrxKwvgyhMZmqXS4234AhDz26MMYHQULl65rHjKQKAtx%2FMZsUSOzDsqVUYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad98988aab509-OSL
X-Firefox-Spdy: h2
sweepstakessurvey.org/img/comments/person-sweep-6.jpg
104.26.15.215200 OK 10 kB URL HTTP/2 sweepstakessurvey.org/img/comments/person-sweep-6.jpg
IP 104.26.15.215:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:07:21 09:31:13], baseline, precision 8, 50x50, components 3\012- data
Hash eecc2c7e1efc1d69f01f47b677666cf2
c4e909b86e22612ca4c5e599c7fc7204573b1baa
92aaaee44b9c6f7f69cd778106927274a9c6f0fec665555be6b020d220207fb6
GET /img/comments/person-sweep-6.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/jpeg
content-length: 10400
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: "63809bf7-28a0"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ImQ7u4QDA2PGtDXywln5Qm7n%2FpHNg%2FDtSahrvMQ4Jw%2Fk46ZiLNzsfZFASAvflX%2FxY9NGclJd7DlgVCSe7b%2BKf7J2JFXEvnMByiy6%2BZVqu0q5OYYqIEAXLtaXeDUi0%2FYQEOFXYDgSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad98988b5b509-OSL
X-Firefox-Spdy: h2
sweepstakessurvey.org/img/comments/unnamed.jpg
104.26.15.215200 OK 1.4 kB URL HTTP/2 sweepstakessurvey.org/img/comments/unnamed.jpg
IP 104.26.15.215:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash 449aaf5a54e3fe3aa4f0f5875bede090
b2b897362626700277b7f8baca8b1f292d08b7e5
4200f94af9e21196c339a50a85d3d50c769e8655857fdaf67df6e99678b9ad59
GET /img/comments/unnamed.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/jpeg
content-length: 1378
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: "63809bf7-562"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLVSZFSKn%2FNUg1x7v4ik5nhlYQkW235u7TTuuBpF%2B33nb5t07iHuMco3AKyZ7%2FRWngZlmvBU%2BFLazR3qeunmgRsbCkWmQ4XBkEFZcM4Rx%2BXKzgbVWQP3Z9zEpg9Q777hDtlOwxRjSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad98988a8b509-OSL
X-Firefox-Spdy: h2
sweepstakessurvey.org/img/comments/person-sweep-7.jpg
104.26.15.215200 OK 11 kB URL HTTP/2 sweepstakessurvey.org/img/comments/person-sweep-7.jpg
IP 104.26.15.215:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:07:21 09:30:25], baseline, precision 8, 50x50, components 3\012- data
Hash 583a669aef17441f222db5be083f3750
f869d6bf98c43f0a0a935305096fe637df202687
5afe11e79d5ce7715f2dd2a291c3841d7abc1a62ac89002214f9562f6f58865b
GET /img/comments/person-sweep-7.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: image/jpeg
content-length: 10884
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: "63809bf7-2a84"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l8IPybtx0hZOOXwRhqTkQFnD4%2FCD0lz19sZDHaUqyXwZGyUOS5NogpkQukImiT%2F5evGI%2BS%2FUI96vrlHm2lTFxHHoXJJA3f95zuyzc63HWuuNQkvBeHsWxusuE8%2B6um2BFoh1Iujudg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad98998bdb509-OSL
X-Firefox-Spdy: h2
datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a
139.45.195.253200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a
IP 139.45.195.253:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 900
Origin: https://sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 25 Nov 2022 13:49:48 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://sweepstakessurvey.org
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
mc.yandex.ru/metrika/advert.gif
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 25 Nov 2022 13:49:48 GMT
access-control-allow-origin: *
etag: "637f41b2-2b"
expires: Fri, 25 Nov 2022 14:49:48 GMT
accept-ranges: bytes
last-modified: Thu, 24 Nov 2022 13:04:34 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A219%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A468433954%3Arqn%3A1%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C80%2C0%2C%2C0%2C%2C129%2C1%2C%2C%2C%2C312%3Ans%3A1669384187273%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
93.158.134.119302 Found 400 B URL HTTP/2 mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A219%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A468433954%3Arqn%3A1%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C80%2C0%2C%2C0%2C%2C129%2C1%2C%2C%2C%2C312%3Ans%3A1669384187273%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash 8923fc07a56f4c1a39a3af383bbccf75
dcf784822d836d9063d8e94d1ca36c850a8c9a0e
d6465c1e93d8e6f292ed546d0b921a6e0385fa47867633e795402a33d6d3b40e
GET /watch/66423859?wmode=7&page-url=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A219%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A468433954%3Arqn%3A1%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C80%2C0%2C%2C0%2C%2C129%2C1%2C%2C%2C%2C312%3Ans%3A1669384187273%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A219%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A468433954%3Arqn%3A1%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C80%2C0%2C%2C0%2C%2C129%2C1%2C%2C%2C%2C312%3Ans%3A1669384187273%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Fri, 25 Nov 2022 13:49:48 GMT
access-control-allow-origin: https://sweepstakessurvey.org
set-cookie: yandexuid=670967471669384188; Expires=Sat, 25-Nov-2023 13:49:48 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=670967471669384188; Expires=Sat, 25-Nov-2023 13:49:48 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=560404251669384188; Path=/; SameSite=None; Secure
i=0tSDSpDfM8zCGoUCv5+iDrcgO5vv3yuCdD03WVV408yQxgMqiSFQgYWvfH92Kek1aZPxnyAuz8Ra+yQeNiKYSpoelks=; Expires=Mon, 22-Nov-2032 13:49:47 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1700920188.yc.1669384188#1700920188.yrts.1669384188#1700920188.yrtsi.1669384188; Expires=Sat, 25-Nov-2023 13:49:48 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 25-Nov-2022 13:49:48 GMT
last-modified: Fri, 25-Nov-2022 13:49:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonSurveyStart&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A743523037%3Arqn%3A2%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C800%2C800%2C0%2C%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(2)aw(1)fip(1)rqnl(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonSurveyStart&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A743523037%3Arqn%3A2%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C800%2C800%2C0%2C%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(2)aw(1)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonSurveyStart&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A743523037%3Arqn%3A2%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C800%2C800%2C0%2C%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(2)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 40
Origin: https://sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 25 Nov 2022 13:49:48 GMT
access-control-allow-origin: https://sweepstakessurvey.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 25-Nov-2022 13:49:48 GMT
last-modified: Fri, 25-Nov-2022 13:49:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonUnique&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A238116818%3Arqn%3A4%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(4)aw(1)fip(1)rqnl(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonUnique&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A238116818%3Arqn%3A4%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(4)aw(1)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonUnique&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A238116818%3Arqn%3A4%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(4)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 37
Origin: https://sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 25 Nov 2022 13:49:48 GMT
access-control-allow-origin: https://sweepstakessurvey.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 25-Nov-2022 13:49:48 GMT
last-modified: Fri, 25-Nov-2022 13:49:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonAdexLoad&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A827244016%3Arqn%3A6%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(6)aw(1)fip(1)rqnl(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonAdexLoad&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A827244016%3Arqn%3A6%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(6)aw(1)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonAdexLoad&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A827244016%3Arqn%3A6%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(6)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: https://sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 25 Nov 2022 13:49:48 GMT
access-control-allow-origin: https://sweepstakessurvey.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 25-Nov-2022 13:49:48 GMT
last-modified: Fri, 25-Nov-2022 13:49:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonAdexCall&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A383116929%3Arqn%3A3%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(3)aw(1)fip(1)rqnl(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonAdexCall&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A383116929%3Arqn%3A3%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(3)aw(1)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonAdexCall&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A383116929%3Arqn%3A3%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(3)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: https://sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 25 Nov 2022 13:49:48 GMT
access-control-allow-origin: https://sweepstakessurvey.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 25-Nov-2022 13:49:48 GMT
last-modified: Fri, 25-Nov-2022 13:49:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonStepChange&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A34664117%3Arqn%3A5%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(5)aw(1)fip(1)rqnl(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonStepChange&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A34664117%3Arqn%3A5%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(5)aw(1)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonStepChange&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A34664117%3Arqn%3A5%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(5)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 43
Origin: https://sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 25 Nov 2022 13:49:48 GMT
access-control-allow-origin: https://sweepstakessurvey.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 25-Nov-2022 13:49:48 GMT
last-modified: Fri, 25-Nov-2022 13:49:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A640992799%3Arqn%3A7%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(7)aw(1)fip(1)rqnl(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A640992799%3Arqn%3A7%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(7)aw(1)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669384188_1f65558ec6a777e0478390d41874735de9ff596d7c32040aa86df3aceed79bd0&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1378496161195%3Ahid%3A58263902%3Az%3A0%3Ai%3A20221125134948%3Aet%3A1669384188%3Ac%3A1%3Arn%3A640992799%3Arqn%3A7%3Au%3A1669384188157076154%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669384187273%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669384188%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(7)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 50
Origin: https://sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 25 Nov 2022 13:49:48 GMT
access-control-allow-origin: https://sweepstakessurvey.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 25-Nov-2022 13:49:48 GMT
last-modified: Fri, 25-Nov-2022 13:49:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
sweepstakessurvey.org/sweep.html?utm_content=zd_public_v2
104.26.15.215200 OK 2.6 kB URL HTTP/2 sweepstakessurvey.org/sweep.html?utm_content=zd_public_v2
IP 104.26.15.215:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 78338dcdf2567769a0d0f0d558c8d2d0
2f64d73001068fb5b0e0cecd75974ce80ac4ed9f
3c3a7b948d547e1dab318ac037cd6f89fa186e4bdefb1851da4a1c0cad366f0d
GET /sweep.html?utm_content=zd_public_v2 HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: text/html
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9ikAglJkSIFjLuA9QNe467CBK92Yk3kEoxhHd%2FG7dbCBUmDElzCT2f8DGfgVcoGd4bw5%2BwF4hvBBx1vApXnAwdf2AAooEsmpTc1XjxNiBb5YywNQQwPObZPYx688daKkD0vV5GJog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad9864ca5b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
sweepstakessurvey.org/js/v-redux-toolkit.esm.js.c3039cb3.js
104.26.15.215200 OK 6.1 kB URL HTTP/2 sweepstakessurvey.org/js/v-redux-toolkit.esm.js.c3039cb3.js
IP 104.26.15.215:0
File type ASCII text, with very long lines (10042), with no line terminators
Hash 62944c4f0e895152dd886aaf35980fc1
533a30655635f8ee8140abdaf644c842bfbe04bc
9d837a3a7c43da580d79aa279409c0fa2f1e307a3889937b6b8f7788f98f635a
Analyzer Verdict Alert fortinet Phishing
GET /js/v-redux-toolkit.esm.js.c3039cb3.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: W/"63809bf7-273a"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wq1ajiisQwYhwncXUSYQkihVH61FyCd1%2Fe6Bdbt6ejFo6WrKt%2BdQM0Q%2F2TDLAil68rIDRTirhrC6CpINEzUTetRSk%2BYblhYLlpjNhvrtYTLcmkxUpH%2FCFtoZOJuNYj8NbHzBAV%2BJPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad984aa58b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3731
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 13:49:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3731
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 13:49:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3731
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 13:49:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 02:07:28 GMT
age: 42141
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:47:08 GMT
age: 57761
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sweepstakessurvey.org/js/config/dict/cookie-consent-1.json?v=10
104.26.15.215200 OK 14 kB URL HTTP/2 sweepstakessurvey.org/js/config/dict/cookie-consent-1.json?v=10
IP 104.26.15.215:0
File type JSON data\012- HTML document, Unicode text, UTF-8 text
Hash 2be6768de5ffb71bfc6413a7a1748ba7
857213a6ae455aefd8aa91bdbbdddcee3cf3904c
5b5403ba802876e8b30b2ade211da2de676ef1a9994793a32ec4143c192eb1c1
Analyzer Verdict Alert fortinet Phishing
GET /js/config/dict/cookie-consent-1.json?v=10 HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: application/json
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: W/"63809bf7-1760"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nIGXJjX5MvhRzAJYDPFPVllS5Vn2vGwkoQ6yoAgJcGDxYiKPX2dlUGIDxcdIEzs2jwmut99W1umRUkkMe5EBhg1W0ZhagWySnhmRLfs9K%2BHa4bEr5bUYCN7fLuqPWlCWGUrnH4bldg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad9864ca9b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:38:44 GMT
age: 33065
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b6ee13d43732f7c764a49500d092865
5d15fd672e968d59b541e4d5d0d01cd5e69f4075
fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8006
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-AHSrIAMFvKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: q53jN1uOtSdeThbk2_0UF6Rl3g4_-_TW7uK1_6Z5oDwSTSRk8XRjyQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:08 GMT
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075"
content-type: image/jpeg
age: 58481
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8784bb7a8b88736a6016f712e3183bf3
b0ddc1555d2506177adcdcea77864d75f1245d07
8e331713b0ad0b5670dd33dfdadde665e076a40ddb80905d4df89876d49803d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11743
x-amzn-requestid: 9ab0aba7-5cd1-4f6c-8984-dc221e1cbf8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cICD-F7joAMFqmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe3b2-152ba5f1495a44447356cdab;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oWSNdsrz59sJC2znLnFqa_Zm3T14_d6j-rjzDQe4yV22Dy2Qc4Swaw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:45 GMT
age: 57304
etag: "b0ddc1555d2506177adcdcea77864d75f1245d07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sweepstakessurvey.org/js/v-AxiosHeaders.js.f509efe9.js
104.26.15.215200 OK 0 B URL HTTP/2 sweepstakessurvey.org/js/v-AxiosHeaders.js.f509efe9.js
IP 104.26.15.215:0
Analyzer Verdict Alert fortinet Phishing
GET /js/v-AxiosHeaders.js.f509efe9.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: W/"63809bf7-b9f"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wxcJ7ymQSkGNaKyK9kKpLVuRGiBQB2PG9r4FP7S4ufv591LNOQ%2FieohSao6%2FcxTnHSlU1r3Hv1wPqxHGlXDHMZClyLS4rBwatsY0bgydzz4lP4QGEGH7nT3UVKHcOp%2FSq4rjXn3Lwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad984aa4cb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
sweepstakessurvey.org/js/survey.12.47477b7e.js
104.26.15.215200 OK 0 B URL HTTP/2 sweepstakessurvey.org/js/survey.12.47477b7e.js
IP 104.26.15.215:0
Analyzer Verdict Alert fortinet Phishing
GET /js/survey.12.47477b7e.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: W/"63809bf7-2eaeb"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a59HSO3u3FPkA6sta%2Bi%2BMVp6cpmBsoB%2BTS%2BTOVlqgoOZQyy06iyyDfqBZsMVF%2FxpR1%2BaPoL4Qwqfcooj44vjPVFtnZiidPxF2t8i1NV%2Bs6UJeMGbAF5CxDM050RcxM2lifTIuwI9eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad984aa5cb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
sweepstakessurvey.org/js/v-index.js.7d7ee9d3.js
104.26.15.215200 OK 0 B URL HTTP/2 sweepstakessurvey.org/js/v-index.js.7d7ee9d3.js
IP 104.26.15.215:0
Analyzer Verdict Alert fortinet Phishing
GET /js/v-index.js.7d7ee9d3.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: W/"63809bf7-8bfb"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8MkBGZcYg0Lk6O3lvkNiIuh488SdAYgQglmC3R3qWBcwOLAZh4eLO61AC05ctGOTPyOdIR7RgUh33cFNmpAZJJwnhkDZNXr%2Bq%2FNPKcg5SpssRyQpDCutc8lbHO%2BNTVGe2T84Bs4KUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad984aa46b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
sweepstakessurvey.org/js/v-xhr.js.13124150.js
104.26.15.215200 OK 0 B URL HTTP/2 sweepstakessurvey.org/js/v-xhr.js.13124150.js
IP 104.26.15.215:0
Analyzer Verdict Alert fortinet Phishing
GET /js/v-xhr.js.13124150.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: W/"63809bf7-bb3"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMe6azV4sGrGo9cqNYO2E18h9DFJD7kmC364LHud4c2U81PGAfV0jQYprbCBQweTPFoEsO7odJr%2FKDplt97dqQyffS5bicJMxAQUKRFq%2B1AYZ09WXihz7EShl8FPq6rRd%2Bw1BDKtmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad984aa4bb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
sweepstakessurvey.org/js/v-react-dom.production.min.js.f6c95ef9.js
104.26.15.215200 OK 0 B URL HTTP/2 sweepstakessurvey.org/js/v-react-dom.production.min.js.f6c95ef9.js
IP 104.26.15.215:0
Analyzer Verdict Alert fortinet Phishing
GET /js/v-react-dom.production.min.js.f6c95ef9.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: W/"63809bf7-1f80c"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ByzVoiEQpVt9Lt2Ig%2FesijDJFFVa%2FPNOTN27fTOLA%2F7lMD6RQOrZ2wsYfv1lOH%2Ba0Vb0TIx3pi8U8KDAftfzskWoWvvg2vAPTS2F%2B9C5FGLBgik4%2BTUsyXbTnFOuEa6wIYXcTodbzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad984aa57b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
sweepstakessurvey.org/js/config/comments/en-sweep.json
104.26.15.215200 OK 0 B URL HTTP/2 sweepstakessurvey.org/js/config/comments/en-sweep.json
IP 104.26.15.215:0
Analyzer Verdict Alert fortinet Phishing
GET /js/config/comments/en-sweep.json HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:48 GMT
content-type: application/json
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: W/"63809bf7-12f9"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hRB8q8gEFjK0wdYYIyYQny9UYHeZuxa3ttOg9QYtBumYj0AX80MHfXN7P23GshWqkThXZayHCjK7CZRTpao5tysNfiDSaWXuFZWNysGHj9ucNxbWZV5MUDRt4pCDtHR4wgOdqcc5jA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad9882ec8b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
sweepstakessurvey.org/js/v-utils.js.f7e0c462.js
104.26.15.215200 OK 0 B URL HTTP/2 sweepstakessurvey.org/js/v-utils.js.f7e0c462.js
IP 104.26.15.215:0
Analyzer Verdict Alert fortinet Phishing
GET /js/v-utils.js.f7e0c462.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: W/"63809bf7-1bcf"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TpZSxzxMnjqjHIVcCFHObb2BI3SDJoGwxbmt7aHJXm2MzYtfRrp4TI1nhYlCHGOkX2C2470RPKQeH4530z0Ry%2F5afVM46aQqarQHXhqi%2FoVXpm%2Fimq3U2Sfj3oskpb0vD3G4%2FUbK6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad984aa49b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
sweepstakessurvey.org/css/sweep_3.4d08e7dc.css
104.26.15.215200 OK 0 B URL HTTP/2 sweepstakessurvey.org/css/sweep_3.4d08e7dc.css
IP 104.26.15.215:0
GET /css/sweep_3.4d08e7dc.css HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: W/"63809bf7-156e"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pAgx3F1u0wIlu8SwVJq2saGw1hgiZLpeq%2Fi9Jmztil3vQ61jRpT%2B%2FZceDf%2BOBynxJ6erNuR79vKg4Bg8p%2FivrjkMAQfvNSmlYiYBFFNx6h4QIbb9y0ruIi0h6OG0robi4%2FPfW94Bjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad984aa55b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
sweepstakessurvey.org/sweep.html
104.26.15.215200 OK 0 B URL HTTP/2 sweepstakessurvey.org/sweep.html
IP 104.26.15.215:0
Analyzer Verdict Alert fortinet Phishing
GET /sweep.html HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: text/html
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w6RIueVGb6MAIzSTW%2B6NqZVer1PPA6%2BHMfCRsO89i7cc0%2FnMGZhz000Ld%2F14luaA6%2BnyxJgoosfMBMoKxt%2BPliAyvq81qirjWxoLHNIRaM7t8bbVqY%2FdK0%2B2xw4FZs1ovw%2FXNQ3ayA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad98398f8b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
sweepstakessurvey.org/js/rtc.5ee66b70.js
104.26.15.215200 OK 0 B URL HTTP/2 sweepstakessurvey.org/js/rtc.5ee66b70.js
IP 104.26.15.215:0
Analyzer Verdict Alert fortinet Phishing
GET /js/rtc.5ee66b70.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: W/"63809bf7-29d4"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oz6yE%2FEMqITXPqveO6txI3aeIJ%2BNJeVL%2Bz2lBrGEiFcDGKI6Wf2MiQm8P9rvnabmaChWIPmu0O8tGKOZXs5VSBNjzsEbyuNujXMW8F43jiG9bYj8j4YVOz8CYw2SzuoSVPKCLbO0xw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad984aa44b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
sweepstakessurvey.org/css/sweep.dd84bc3b.css
104.26.15.215200 OK 0 B URL HTTP/2 sweepstakessurvey.org/css/sweep.dd84bc3b.css
IP 104.26.15.215:0
GET /css/sweep.dd84bc3b.css HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: W/"63809bf7-f533"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nV%2Fbc1cquTmro%2FbijG3ycpybushoQKhdZum6Fn0oWX%2FhuHu4BsyfNtR3%2BmgT0MiX0spuhuFmmpjbquAORELvNE4kF8yAvS7Rn9PMc0lYtrb3MyM3b2vbSMqYtomsXHcMvVhV%2BdZPZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad984aa54b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
sweepstakessurvey.org/js/sweep.380e3b87.js
104.26.15.215200 OK 0 B URL HTTP/2 sweepstakessurvey.org/js/sweep.380e3b87.js
IP 104.26.15.215:0
Analyzer Verdict Alert fortinet Phishing
GET /js/sweep.380e3b87.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:49:47 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 10:41:59 GMT
vary: Accept-Encoding
etag: W/"63809bf7-d3"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2B8bHTpfhVEdxJ5rmp0V%2F3e2MeKxrA8CjF2%2FpWQG1dQZkxQN0ZISoG65vVVhLv%2FyypukeBuCHyfmZ54x0xvaSBV4hlOafr7Vrs5sa2U9%2FCtUCI05GULh7yjlLVuPoJaJwwNRAeNMuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fad984aa5db509-OSL
content-encoding: br
X-Firefox-Spdy: h2