GET /4533056/ HTTP/1.1
Host: inoradde.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
|
search
 139.45.197.238
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
Server: nginx
Date: Mon, 28 Nov 2022 21:43:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 090a73caae920e04d7a6a5eed62234ee
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://sweepstakessurvey.org>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=d3f003b01f6249c697e60d04d3bebc8b; expires=Tue, 28 Nov 2023 21:43:23 GMT; path=/
oaidts=1669671803; expires=Tue, 28 Nov 2023 21:43:23 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
 23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5200
Expires: Mon, 28 Nov 2022 23:10:03 GMT
Date: Mon, 28 Nov 2022 21:43:23 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 2281
Cache-Control: 'max-age=158059'
Date: Mon, 28 Nov 2022 21:43:23 GMT
Last-Modified: Mon, 28 Nov 2022 21:05:22 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
|
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
 34.102.187.140
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 21:17:49 GMT
cache-control: public,max-age=3600
age: 1534
alt-svc: clear
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4026
Expires: Mon, 28 Nov 2022 22:50:29 GMT
Date: Mon, 28 Nov 2022 21:43:23 GMT
Connection: keep-alive
|
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
x-amz-id-2: 7FRiqsKDMVHZYj5ujQE57nyVNW1flda4znfuA78j4BK25lGKRVQ+madtfNpqQFPoUcIZDy8ca2wR7jcc0zah7Q==
x-amz-request-id: MKBR7BJVVENXRE5K
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 20:45:10 GMT
age: 3493
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.117.237.239
HTTP/2 200 OK
content-type: application/json
server: nginx
date: Mon, 28 Nov 2022 21:43:23 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Cache-Control: max-age=142156
Date: Mon, 28 Nov 2022 21:43:23 GMT
Etag: "6384b3c7-117"
Expires: Wed, 30 Nov 2022 13:12:39 GMT
Last-Modified: Mon, 28 Nov 2022 13:12:39 GMT
Server: nginx
Content-Length: 279
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "BE524E069364F1231FF9F6F8A5CA6AE8AA4353BA95FA7913C30C13ED008AB8FD"
Last-Modified: Sat, 26 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7031
Expires: Mon, 28 Nov 2022 23:40:34 GMT
Date: Mon, 28 Nov 2022 21:43:23 GMT
Connection: keep-alive
|
GET /favicon.ico HTTP/1.1
Host: inoradde.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: OAID=d3f003b01f6249c697e60d04d3bebc8b; oaidts=1669671803
|
search
139.45.197.238
HTTP/1.1 204 No Content
Server: nginx
Date: Mon, 28 Nov 2022 21:43:23 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
|
POST /img.gif?f=merge&userId=d3f003b01f6249c697e60d04d3bebc8b HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
|
search
139.45.195.8
HTTP/2 200 OK
content-type: image/gif
server: nginx
date: Mon, 28 Nov 2022 21:43:23 GMT
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=d3f003b01f6249c697e60d04d3bebc8b; expires=Tue, 28 Nov 2023 21:43:23 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
GET /js/v-xhr.js.0ca1157c.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
172.67.75.79
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 21:43:23 GMT
cf-bgj: minify
etag: W/"6384a52b-bb3"
last-modified: Mon, 28 Nov 2022 12:10:19 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5766
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJ5RXKeJb%2BWTHXgb8wxSanxsHeBuPWeR0TTac3lhSN0gzfrfV%2Fq7FwFuxiWHHtGFfz7BK4Y%2FRVkVkDMRbZnihbMSxmSFJXI2GWN2hyjtursoZ0Y5otGUcfmD3FCStuFj3tu7UgRbwA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77164766286f0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
GET /js/v-utils.js.69d892f9.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
172.67.75.79
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 21:43:23 GMT
cf-bgj: minify
cf-polished: origSize=7119
etag: W/"6384a52b-1bcf"
last-modified: Mon, 28 Nov 2022 12:10:19 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5766
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBjKff54QDIWHEwFYbH988sYnIyq33zkjV5wCy8ceIlssaLutfLrMg24owXx0JZ5LXJ%2FBTm03PAEaxDY4dB1MSuF5jkWsAzBjYwAtRlE1euDBSVzAM7QRgo3JpthRugGNpgeJqAyfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77164766286c0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
 104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:43:24 GMT
Content-Length: 938
Connection: keep-alive
Expires: Fri, 02 Dec 2022 20:11:53 GMT
ETag: "738e5aabf268142bb8ad1db2c951d47dc4236abf"
Last-Modified: Mon, 28 Nov 2022 20:11:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2315
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771647695ba60b65-OSL
|
GET /js/rtc.5ee66b70.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
172.67.75.79
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 21:43:23 GMT
cf-bgj: minify
etag: W/"6384a52b-29d4"
last-modified: Mon, 28 Nov 2022 12:10:19 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5767
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5WuDtc9hoHPWY%2BGZ5h6jOQtuzz%2BrCBElozP3LITAOeVQwbDj668RL0sWDgmF7bvYoFoy7ELvTPo591vOnMW4vDcmGGx7ZcxHI44OS3aTO6QUetMPH%2Bjw8teZ37bG1i6pIc7FJ3Jc%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716476628670b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
GET /js/v-redux-toolkit.esm.js.c3039cb3.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
172.67.75.79
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 21:43:23 GMT
cf-bgj: minify
etag: W/"6384a52b-273a"
last-modified: Mon, 28 Nov 2022 12:10:19 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5766
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LvVRSJzuyx7YteYTHTS1OVa37l6b4QqpJHpBHHNuar17ZAg9cIK5PEGtOtM8L%2FYyhfeqIypONQfB%2BvUSFI3rxsU8z2XcqHig7PSStj8lxxLcQ4ipm4d4mZv9JOlaPl0UWvd6ttuPcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77164766389e0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 3157
Cache-Control: max-age=130568
Date: Mon, 28 Nov 2022 21:43:24 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 09:59:32 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
|
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
 87.250.250.119
HTTP/2 200 OK
content-type: image/gif
content-length: 43
date: Mon, 28 Nov 2022 21:43:24 GMT
access-control-allow-origin: *
etag: "6384bff1-2b"
expires: Mon, 28 Nov 2022 22:43:24 GMT
accept-ranges: bytes
last-modified: Mon, 28 Nov 2022 17:04:33 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
GET /js/v-react-dom.production.min.js.f6c95ef9.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
172.67.75.79
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 21:43:23 GMT
cf-bgj: minify
etag: W/"6384a52b-1f80c"
last-modified: Mon, 28 Nov 2022 12:10:19 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5766
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oe2pJulL9LmtolAY0IUJSHAM%2F3Hxex48BdTYmBtepT4hsf8wAB3AHuADp11xFqo%2B3Kr6XTQSpD2XSEWJo9PffEyt37xonMWEr9AtPx2E%2FuiBv7sNlYiPm3NZmeu3y58VAEQXUZcMNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77164766389c0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
GET /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Fsurvey_id%3D999901%26comments%3Den-sweep%26geo%3DNO%26oaid%3Dd3f003b01f6249c697e60d04d3bebc8b%26s%3D621211165208621898%26z%3D4533056%26b%3D10037337%26var%3D%26campaignid%3D4634920%26utm_campaign%3D%26utm_medium%3D4533056%26utm_source%3Dzd_4634920%26utm_term%3D10037337%26utm_content%3Dzd_public_v2%26rdk%3Drk1&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A596%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1417290901486%3Ahid%3A942976321%3Az%3A0%3Ai%3A20221128214324%3Aet%3A1669671804%3Ac%3A1%3Arn%3A155884222%3Arqn%3A1%3Au%3A1669671804886376222%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C168%2C82%2C0%2C%2C0%2C%2C165%2C12%2C%2C%2C%2C612%3Ans%3A1669671802745%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669671804%3At%3AOnline%20Test%20%24%24%24&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
87.250.250.119
HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-length: 400
date: Mon, 28 Nov 2022 21:43:24 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://sweepstakessurvey.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 28-Nov-2022 21:43:24 GMT
last-modified: Mon, 28-Nov-2022 21:43:24 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
POST /watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonSurveyStart&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Fsurvey_id%3D999901%26comments%3Den-sweep%26geo%3DNO%26oaid%3Dd3f003b01f6249c697e60d04d3bebc8b%26s%3D621211165208621898%26z%3D4533056%26b%3D10037337%26var%3D%26campaignid%3D4634920%26utm_campaign%3D%26utm_medium%3D4533056%26utm_source%3Dzd_4634920%26utm_term%3D10037337%26utm_content%3Dzd_public_v2%26rdk%3Drk1&charset=utf-8&hittoken=1669671804_7e8c56f01714688d38f590833a581c6e2a7ce0e729010ca3e08d8c11e784814e&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1417290901486%3Ahid%3A942976321%3Az%3A0%3Ai%3A20221128214324%3Aet%3A1669671804%3Ac%3A1%3Arn%3A745294943%3Arqn%3A2%3Au%3A1669671804886376222%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1359%2C1359%2C0%2C%3Ans%3A1669671802745%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669671804%3At%3AOnline%20Test%20%24%24%24&t=gdpr(14)mc(g-1)clc(0-0-0)rqnt(2)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 49
Origin: https://sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
87.250.250.119
HTTP/2 200 OK
content-type: image/gif
content-length: 43
date: Mon, 28 Nov 2022 21:43:24 GMT
access-control-allow-origin: https://sweepstakessurvey.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 28-Nov-2022 21:43:24 GMT
last-modified: Mon, 28-Nov-2022 21:43:24 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12922
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Mon, 28 Nov 2022 21:43:26 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12922
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Mon, 28 Nov 2022 21:43:26 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12922
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Mon, 28 Nov 2022 21:43:26 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12922
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Mon, 28 Nov 2022 21:43:26 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12922
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Mon, 28 Nov 2022 21:43:26 GMT
Connection: keep-alive
|
GET /watch/66423859?wmode=7&page-url=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Fsurvey_id%3D999901%26comments%3Den-sweep%26geo%3DNO%26oaid%3Dd3f003b01f6249c697e60d04d3bebc8b%26s%3D621211165208621898%26z%3D4533056%26b%3D10037337%26var%3D%26campaignid%3D4634920%26utm_campaign%3D%26utm_medium%3D4533056%26utm_source%3Dzd_4634920%26utm_term%3D10037337%26utm_content%3Dzd_public_v2%26rdk%3Drk1&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A596%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1417290901486%3Ahid%3A942976321%3Az%3A0%3Ai%3A20221128214324%3Aet%3A1669671804%3Ac%3A1%3Arn%3A155884222%3Arqn%3A1%3Au%3A1669671804886376222%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C168%2C82%2C0%2C%2C0%2C%2C165%2C12%2C%2C%2C%2C612%3Ans%3A1669671802745%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669671804%3At%3AOnline%20Test%20%24%24%24&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
87.250.250.119
HTTP/2 302 Found
location: /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Fsurvey_id%3D999901%26comments%3Den-sweep%26geo%3DNO%26oaid%3Dd3f003b01f6249c697e60d04d3bebc8b%26s%3D621211165208621898%26z%3D4533056%26b%3D10037337%26var%3D%26campaignid%3D4634920%26utm_campaign%3D%26utm_medium%3D4533056%26utm_source%3Dzd_4634920%26utm_term%3D10037337%26utm_content%3Dzd_public_v2%26rdk%3Drk1&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A596%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1417290901486%3Ahid%3A942976321%3Az%3A0%3Ai%3A20221128214324%3Aet%3A1669671804%3Ac%3A1%3Arn%3A155884222%3Arqn%3A1%3Au%3A1669671804886376222%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C168%2C82%2C0%2C%2C0%2C%2C165%2C12%2C%2C%2C%2C612%3Ans%3A1669671802745%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669671804%3At%3AOnline%20Test%20%24%24%24&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Mon, 28 Nov 2022 21:43:24 GMT
access-control-allow-origin: https://sweepstakessurvey.org
set-cookie: yandexuid=4920655141669671804; Expires=Tue, 28-Nov-2023 21:43:24 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=4920655141669671804; Expires=Tue, 28-Nov-2023 21:43:24 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=403510361669671804; Path=/; SameSite=None; Secure
i=97FMZEZfRhucvihKzePbtY5GZJEYv8ywcup6nijI/5X2Mk8vKwp5Krd/b/kOZPvi/0cCTSwyxtOb0CIo8swMaa3Op4Q=; Expires=Thu, 25-Nov-2032 21:43:00 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1701207804.yc.1669671804#1701207804.yrts.1669671804#1701207804.yrtsi.1669671804; Expires=Tue, 28-Nov-2023 21:43:24 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 28-Nov-2022 21:43:24 GMT
last-modified: Mon, 28-Nov-2022 21:43:24 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 8885
x-amzn-requestid: 71b8367f-f79f-42a7-bcb8-c441a154babf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGDTEFSeIAMF3rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f18e0-631b775d3430a8c30c3b4420;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 07:10:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jsmd6yxjJxLMEgv1jDa87iEoZXL2OuALsmUZ9Nxx1rUN-xOTdtN1-A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 08:11:39 GMT
age: 48707
etag: "70c2a238f06ca7e56ef80c83738e081bf0de3330"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 8817
x-amzn-requestid: 31bd21c7-1d75-4159-af51-52035da16da4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-krGE6AIAMF2Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c1b13-32a7b9c6642592c70783a0cf;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 00:42:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZJu4cMNnQTavxqB1MnRFluzfZC59BcUnIHgXh9h6LJWYgsFL83rHoQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 16:15:25 GMT
age: 19681
etag: "308c08784ce4a0757cbd112807555b83e17a1d56"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56d2fad-ed89-4d96-831f-7f8467b7079b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 10119
x-amzn-requestid: 20bfd6a6-2981-42ca-8997-9363676773c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR782HEZIAMFTKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9eb-552581a92a69d6cd322bf334;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U_gitOWWMPO7M5Dd0WktaigfRERa93d86MhziLjZ2qnuON_K5NauyQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:54:37 GMT
age: 85729
etag: "9a3ca698ca1aeae695923277ed2244465e01a1ea"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:43 GMT
age: 85903
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 6376
x-amzn-requestid: 25b82353-9c15-44c0-ada5-55f4697de935
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KGeaoAMFb_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-71711cca7c063030292c5e47;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: odmAWkNyUMevvXStu7zRJyckokhyBjUwu7-JSvj8by-JWJ9eAm9P5Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:26 GMT
age: 85320
etag: "53b12a8702f7c5b7cc697e2a24da824d9434be65"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /js/_global-config-sd.82962a7b.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
172.67.75.79
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 21:43:23 GMT
cf-bgj: minify
etag: W/"6384a52b-16d"
last-modified: Mon, 28 Nov 2022 12:10:19 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5767
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJst1sphlGlj1mDu8PYP3A7U4XhoShNLd6dF4BKOPonP47T5Sm603Ip0JIuPziBMOdmCTJVCG4o7wiy6fffwdLehl1rTLOWZatJ4YaNUZIV9LKIKM5%2FD7YQ1YL0fgOMsJw66d69%2FMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716476628660b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
--- Additional Info ---
Alerts:
Blocklists:
- fortinet: Phishing
|
GET /js/sweep.380e3b87.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
172.67.75.79
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 21:43:23 GMT
cf-bgj: minify
etag: W/"6384a52b-d3"
last-modified: Mon, 28 Nov 2022 12:10:19 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5766
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M8Z2G6%2BMXXuo4HazaJ9AuEL4r0BMl%2BObVVt2gpBjk4TlRmeG72JtBneECbPK6IzZ0qZFgWu9QBtVB6KfzTtDlPnQjd27oS17TYHMFMwJPZxLFPwGYhjYcRMQ%2BZziblqT1Jk6TiYjng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716476648a00b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
--- Additional Info ---
Alerts:
Blocklists:
- fortinet: Phishing
|
GET /css/sweep.4324b35b.css HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
172.67.75.79
HTTP/2 200 OK
content-type: text/css
date: Mon, 28 Nov 2022 21:43:23 GMT
cf-bgj: minify
cf-polished: origSize=63373
etag: W/"6384a52b-f78d"
last-modified: Mon, 28 Nov 2022 12:10:19 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5766
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5kLsS9nM%2BabtKVkhjBc4eghdCEADczT1HagdayNY9KBlukts9lnD5YIg7ElR8hfaXboQyDtaKzxPVFDWvHKwhzgYjnVKyK0NfPxSWIlKvsZ9yd8BO%2BvPBadNClxbLWAaGMowliR5Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716476638860b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /favicon.ico HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
172.67.75.79
HTTP/2 200 OK
content-type: image/x-icon
date: Mon, 28 Nov 2022 21:43:24 GMT
last-modified: Mon, 28 Nov 2022 12:10:19 GMT
vary: Accept-Encoding
etag: W/"6384a52b-47e"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5767
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PgQTH8s3jeUpzmAmZ%2Bw5jpInNSnQqDeSOeSgCrN0RfClwt38vblsdjPMzHk4m0bYDuTuu8aVQu9EDDVSdhEqimVx5%2B83KacE0gWRrSUYVQSURlwBP1plNmL01hbwDpYcPXronNUU9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77164767fb0e0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /sweep.html?survey_id=999901&comments=en-sweep&geo=NO&oaid=d3f003b01f6249c697e60d04d3bebc8b&s=621211165208621898&z=4533056&b=10037337&var=&campaignid=4634920&utm_campaign=&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2&rdk=rk1 HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
|
search
172.67.75.79
HTTP/2 200 OK
content-type: text/html
date: Mon, 28 Nov 2022 21:43:23 GMT
last-modified: Mon, 28 Nov 2022 12:10:19 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U3E2j2qPMMca9H2%2F1l%2B0Ihbj%2FWwUCaB%2FZuhOirTCS66ctY4KQfzVBmGkbOUeXleU6J6QgTBQZqt6adk0mbhPT8pK358R1Ip8tEelS5S%2Bz0ox6jDugQsj1x4r8mzJpn9baiR%2BDUS84A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771647653ecb0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /css/survey.cc3533c8.css HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
172.67.75.79
HTTP/2 200 OK
content-type: text/css
date: Mon, 28 Nov 2022 21:43:23 GMT
cf-bgj: minify
cf-polished: origSize=19937
etag: W/"6384a52b-4de1"
last-modified: Mon, 28 Nov 2022 12:10:19 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5766
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSEIywKMjkCsry2eZxtwsOgi6b%2BTGQI3jJwth%2FWA8d0DCz0Uqs9zRSlTDIDw2Pa7m%2BFOvhOAnVp1dUM95bQnyBp4GT6dQdPVDKtp%2FHrLmInKyEPYNFdcX1soghQ8UAvYmXm4LC7UDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716476638810b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /js/each-land-config.071296a6.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
172.67.75.79
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 21:43:23 GMT
cf-bgj: minify
cf-polished: origSize=76408
etag: W/"6384a52b-12a78"
last-modified: Mon, 28 Nov 2022 12:10:19 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5766
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SXixKNd9AZ4yDtu8z3QmdQxIRYzaZ8%2BvicIM61nkH2OHobYDvXD8YG8WoYBMPhip1BbD6hmN1UieFfI69X0s3U6kQ31rixUrcbSbxJa5pvYAGBGIx1zeOSKV6E%2FPn%2F7OZJp1zZzrdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77164766387b0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
--- Additional Info ---
Alerts:
Blocklists:
- fortinet: Phishing
|
GET /js/survey.12.fe9b1a22.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
172.67.75.79
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 21:43:23 GMT
cf-bgj: minify
cf-polished: origSize=195016
etag: W/"6384a52b-2f9c8"
last-modified: Mon, 28 Nov 2022 12:10:19 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5766
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=siz415KMoeQvfeg1Zq9nSWnq3FnGQvsUCGYBWDZRWOAbTHBpAPcYjcIAsVPkvq5Jb%2B%2FDEED82tEz5g6K0kTKv4C5KcwhWARSpAk18wQrbKIlGG7vWuDBCS4S7BEB%2B7iW0elTxxaEVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77164766389f0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
--- Additional Info ---
Alerts:
Blocklists:
- fortinet: Phishing
|
GET /js/v-index.js.853023be.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
172.67.75.79
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 21:43:23 GMT
cf-bgj: minify
etag: W/"6384a52b-8bfc"
last-modified: Mon, 28 Nov 2022 12:10:19 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5766
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tyMWeX3L6IdnpQ7Un7YKW7uH7JUwDHYPg4aYvPIyz3%2BabSBzga4Z%2FwWY0QQdGeMDHef%2Bt06rwoxHrpcCTuSmTVG3V8jFKYS4K6K543crZpLwKpFse%2B5%2BpncpseukMidqGf1UwwRexg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77164766286a0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
--- Additional Info ---
Alerts:
Blocklists:
- fortinet: Phishing
|
GET /js/v-AxiosHeaders.js.01244bcf.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
172.67.75.79
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 21:43:23 GMT
cf-bgj: minify
etag: W/"6384a52b-b9f"
last-modified: Mon, 28 Nov 2022 12:10:19 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5766
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GAqMaI8E%2B5BAPMQZl8wO6MB9E%2BCiZU6nejnI43wdXaOQVx180pYmcqzHe1btfd2hr9s4ZcPNtaWi54ecxYWkroaob5IyxVwdAWHJdc70ELv0YYfKicPMhlBZsaXyXOtVt0ADH0F3SA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716476638720b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
--- Additional Info ---
Alerts:
Blocklists:
- fortinet: Phishing
|
GET /css/sweep_3.4d08e7dc.css HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
172.67.75.79
HTTP/2 200 OK
content-type: text/css
date: Mon, 28 Nov 2022 21:43:23 GMT
cf-bgj: minify
cf-polished: origSize=5486
etag: W/"6384a52b-156e"
last-modified: Mon, 28 Nov 2022 12:10:19 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5766
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGBEZdEzWOp7BjQHHr0TY0sRjrocN5lPdR5I21GxeFc6T2PourEmtErIYAxeL0Mj8xqChZC8CRPzjHr5nHuxdzpkG6Gp0eFo7As0pFu19Ud0UqQs2b0rd4AfrG0WulG3Dmh%2FgLpzzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716476638940b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
--- Additional Info ---
|