| sweepstakessurvey.org/sweep.html | 104.26.14.215 | 301 Moved Permanently | 0 B |
URL HTTP/1.1sweepstakessurvey.org/sweep.html IP104.26.14.215:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /sweep.html HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 02 Feb 2023 15:36:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 02 Feb 2023 16:36:00 GMT
Location: https://sweepstakessurvey.org/sweep.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9Jlyq6AF93Yb51J0PNTPVGq2SPUpocIvyzAi0tSSi5SHKXpbGvt7ibKJfjRh4ohBmCil1TQNLqJs61AkouZOg1KWuBoJUPU1kSI%2BTmQ2%2F%2FVce%2F8ZUENE06NIoT%2FM%2B83CqiNbvS56A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7933fffd2c77b4f4-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash7e05c8461bd2dc5a149f71e2c465ea29 705983959c887e243cb55a8a1796757b579ee977 4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8087
Expires: Thu, 02 Feb 2023 17:50:47 GMT
Date: Thu, 02 Feb 2023 15:36:00 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash62de35a6c8e4efd7633fc5236b5b086f 6a92912a86dfcd0330d040cef06bef36889c76ab ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13416
Expires: Thu, 02 Feb 2023 19:19:36 GMT
Date: Thu, 02 Feb 2023 15:36:00 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash9a76feabb767086ae0fa54e0ffbf763f 3655d78994a1e9838340669462728b67c8c12e54 bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6953
Expires: Thu, 02 Feb 2023 17:31:53 GMT
Date: Thu, 02 Feb 2023 15:36:00 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashff250d3ef3fa45322bf05039a0122a9f b3e7a2c383bce1bab807dbe1a03c375258b51f1d d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 14:43:31 GMT
content-type: application/json
age: 3149
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: iScX/5LLR6cnp+RC/7CtHHeipIpePDI2tY/IYHpjYCoFmhWI4IWvnDFLOEl4laoApt7eLPMCGhY=
x-amz-request-id: X5MFRD7D049834ZC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 14:52:01 GMT
age: 2639
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 15:36:00 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash95235304fc7f88d963bb479940b8c84a d2a4cfd5586d6e55567f0a0c8a3d6586657ef85c be12cff4eeefb7e12263fb62d7dce777a9e43d116c8a9536b17818c54bfca7e3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 15:36:01 GMT
Server: ECS (amb/6BA8)
Content-Length: 279
|
|
| sweepstakessurvey.org/js/s-storageService.js.c2d14bf0.js | 172.67.75.79 | 200 OK | 1.2 kB |
URL HTTP/2sweepstakessurvey.org/js/s-storageService.js.c2d14bf0.js IP172.67.75.79:0
File typeASCII text, with very long lines (2572), with no line terminators Hash6fef79ffd5321269fe783caf92243556 b3efd6b922859851ed4b400d991a9da5cb71f21a 3dfc6a0d05d632ff02d35542494173256c2541d82acb610c7c7315767c4f1c96
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/s-storageService.js.c2d14bf0.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 15:36:01 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"63db9e2a-a0c"
last-modified: Thu, 02 Feb 2023 11:27:38 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4484
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qdn58v0Oj%2B1vV4n2q08PZxGnGL8oD7Hs%2Bf4p3u9d3lPqTJ2KhxRm3Ip223JDpm%2FJHh25Ad%2FsNRHDwLQ6T2dxbtf6IsZbG2i%2FC919tHaA5NfNuXNz1d0cFc8sjJyQmeLgRrbqrJJEYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79340000b8ba0b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash8913af0be619500295008bb91f506660 a7b8068ba9aa506205a295b24458c2616997a0d1 6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17749
Expires: Thu, 02 Feb 2023 20:31:50 GMT
Date: Thu, 02 Feb 2023 15:36:01 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash05295a6ef6a1e08350820742ca84d4cd 829cfdfb5f40a5cf0a9b80d787d46652df0ffdec 2864347c8cafc993e298b6c80a7e34b0c49710b9e8e35af6815ef685d4efdaf2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2864347C8CAFC993E298B6C80A7E34B0C49710B9E8E35AF6815EF685D4EFDAF2"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10485
Expires: Thu, 02 Feb 2023 18:30:46 GMT
Date: Thu, 02 Feb 2023 15:36:01 GMT
Connection: keep-alive
|
|
| sweepstakessurvey.org/css/sweeps-survey.2de100f7.css | 172.67.75.79 | 200 OK | 33 kB |
URL HTTP/2sweepstakessurvey.org/css/sweeps-survey.2de100f7.css IP172.67.75.79:0
File typeASCII text, with very long lines (65536), with no line terminators Hashdc29a938dfe8de8266b5db3771577fb6 23b223029d1d38066091e57143204585808a5728 557157627bb06d473a6bc3ceec8ea5715a1b4b2160a88a3ff77321e3853dd048
GET /css/sweeps-survey.2de100f7.css HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 15:36:01 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=82444
etag: W/"63db9e2a-1420c"
last-modified: Thu, 02 Feb 2023 11:27:38 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4485
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngFn%2FGnI6QsefL9f3TENmjghFefkVtCls1olZQ5YpfjedvbGDix8m2k2RMIOnI7e%2FnnCtXwGbRIf63vVhdbMESBHgT1tYL4IwjQK8R6J%2FnHog7uTS07x9jmqckZMHhGYtBCfcE7aSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79340000b8d00b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js | 139.45.195.8 | 200 OK | 65 B |
IP139.45.195.8:0
File typeJSON data\012- , ASCII text Hash85bc4bb7727b39f0857d70f050290f64 8cf173c1dd862895b9e585f843b68810487faf00 947b7e042a257f6d9697763eec407b68e05785795b4f34b9ac4072c144bfc3e5
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sweepstakessurvey.org
Connection: keep-alive
Cookie: ID=a743cf341ee845d9a167d090dbaec158
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 15:36:01 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://sweepstakessurvey.org
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=a743cf341ee845d9a167d090dbaec158; expires=Fri, 02 Feb 2024 15:36:01 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 277 B |
IP93.184.220.29:0
Hasha40d9ef33c53ffac627d022d6f86e4d1 3d503f543f87ca35785e83a4a691c3449af8a11c dcd2b4df8e1d7cb27de234b084033e691581d968bdf4d56274008e64c5d2ed73
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3356
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 15:36:01 GMT
Last-Modified: Thu, 02 Feb 2023 14:40:05 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 277
|
|
| push.services.mozilla.com/ | 54.200.212.223 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.200.212.223:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ojfe5PRAq5MWFoqCHQcZ9g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NYdQ3A2JUrPHYQONmHS6Zw3QjGo=
|
|
| sweepstakessurvey.org/favicon.ico | 172.67.75.79 | 200 OK | 967 B |
URL HTTP/2sweepstakessurvey.org/favicon.ico IP172.67.75.79:0
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data Hashd1ca4e8ce52e702afca43e07393b3acd cef34fe6910fe26c37e721538e0cd003ff52d827 81398489c1ba9c9fbcc5585c748f5856bb2836db7deb308b922863c1ffab580d
GET /favicon.ico HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 15:36:01 GMT
content-type: image/x-icon
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
etag: W/"63db9e29-47e"
cache-control: max-age=14400
cf-cache-status: HIT
age: 509
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7V5qr253YvvuDjGQ19Jt2ht4wqNXm1L%2Fro6nhw1IrqY0Wx5kkrC78Xw7pZzoWZmCPkpPw7ilXEkJfFY4hKfBB7ReC4RLyJ%2BDhrvsfGv4P5GWSipsT%2Bk%2Bn0g%2Bm8WoeRnuVni4sN5vw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79340003dbe50b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ocsp.globalsign.com/gseccovsslca2018 | 104.18.20.226 | 200 OK | 940 B |
URL HTTP/1.1ocsp.globalsign.com/gseccovsslca2018 IP104.18.20.226:0
Hash73ff3de8d0a2d2a8f3bb0150f822ea80 949b374f3398cbe8b1dae26ba273c04096f00eae dc0f90d32b9b442f9ec87ba5e9a6cceb676bf164d72e43e5aece37e864e6197d
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 15:36:01 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Mon, 06 Feb 2023 12:10:24 GMT
ETag: "949b374f3398cbe8b1dae26ba273c04096f00eae"
Last-Modified: Thu, 02 Feb 2023 12:10:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1664
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793400045fbdb505-OSL
|
|
| cdntechone.com/stattag.js | 188.114.97.1 | 200 OK | 6.7 kB |
URL HTTP/2cdntechone.com/stattag.js IP188.114.97.1:0
File typeASCII text, with very long lines (13087), with no line terminators Hash70e3d16ff275a49052bf32e52646cb87 d0da2dc309be8744b8073605cd6dd89bce23d277 36f52f65e11ec8391628a0dca5a71b099d6b8c5cd7c09c48734a2617e03788cf
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 15:36:01 GMT
content-type: application/javascript
last-modified: Thu, 29 Dec 2022 16:01:22 GMT
etag: W/"63adb9d2-331f"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2221
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCjoWnNFHIVuoq10hUZ2Pg8%2FPMUqLtJ0og3UJqQGom4TA1Vui%2Ft%2BdagHZe5hPNajd3Y%2Fuy1Bhn9KJ6HRw6mEY%2FcLHr7IS19aNocyclDArBkaPxr1l3TF5iTlGzKimspAQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79340003ba8afab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| sweepstakessurvey.org/img/comments/person-sweep-1.jpg | 172.67.75.79 | 200 OK | 3.9 kB |
URL HTTP/2sweepstakessurvey.org/img/comments/person-sweep-1.jpg IP172.67.75.79:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2017:06:15 10:57:43], baseline, precision 8, 50x52, components 3\012- data Hash72c067fe856886245e7c47c7ff84e041 5210cb05f897db334c61f8971ccec9a7396ea8a7 9a106ad9f340c7bafdd365ea1ad24b9336c304b1e72653eb58e84b5604471030
GET /img/comments/person-sweep-1.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 15:36:02 GMT
content-type: image/jpeg
content-length: 3900
cf-bgj: h2pri
etag: "63db9e29-f3c"
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2801
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2BTq5%2FUrhIyP3mnxu4mc8D9CeEP6dmdF4gqwOthIOOPdYfPmU4Ch15bkh%2BVVd9wV5Qm4eW0Uoz%2BrWmuc5Fq%2Fi3lPY2tI5tvuwJw4brUwYwIASey054rS0PoLxzIcLux7nwbTzJAAvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79340004bcb10b3d-OSL
X-Firefox-Spdy: h2
|
|
| sweepstakessurvey.org/img/comments/person-sweep-2.jpg | 172.67.75.79 | 200 OK | 1.0 kB |
URL HTTP/2sweepstakessurvey.org/img/comments/person-sweep-2.jpg IP172.67.75.79:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data Hashe489d022a40ba80f51fb5acc1addea46 41c334f49c248783037ceaf6fc335acff62f760c c39b4bfbcc6aa147547ca922c4f80350b48dbfa59cbd5176f44373e3b20f3567
GET /img/comments/person-sweep-2.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 15:36:02 GMT
content-type: image/jpeg
content-length: 1042
cf-bgj: h2pri
etag: "63db9e29-412"
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2796
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L44kDJSPmeengSHaZBdIrJ1O5sIMiAmTBCTRsoODYnV7q%2FITV7ttbCoha6gEjP7ZbF3lKIQ5tvSTD5hXjsuygwjpF4lPMto3QmGLK%2BZ10MLdRkLGAImJuqvMbNdBPDL8HV28eudFFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79340004ccb40b3d-OSL
X-Firefox-Spdy: h2
|
|
| sweepstakessurvey.org/img/comments/person-sweep-3.jpg | 172.67.75.79 | 200 OK | 1.1 kB |
URL HTTP/2sweepstakessurvey.org/img/comments/person-sweep-3.jpg IP172.67.75.79:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data Hash72ab252d8ff828965ad984b8ab16991f e45ea3665e80feb2e6309b04e1ec2e8d41bb279b c5d70c3abf95aecc84bcc1b1f9fc25848e690852071169bf57522fd671550291
GET /img/comments/person-sweep-3.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 15:36:02 GMT
content-type: image/jpeg
content-length: 1063
cf-bgj: h2pri
etag: "63db9e29-427"
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2796
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cXD3HmV1EPV%2BIKWtxQweqClnlcn0vvMsylSGx7ZtPFXKLGvWLu0Bdpj4xB9HOtPItwp2sfx6f1Wf2xLpjc%2BZVmSx%2BIY6LT74ib%2FH3tOfw9zeULDpMch%2BSOS0xkk9ozFuI6r8ApbFYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79340004ccb60b3d-OSL
X-Firefox-Spdy: h2
|
|
| sweepstakessurvey.org/img/comments/person-sweep-4.jpg | 172.67.75.79 | 200 OK | 3.7 kB |
URL HTTP/2sweepstakessurvey.org/img/comments/person-sweep-4.jpg IP172.67.75.79:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2017:06:15 10:57:43], baseline, precision 8, 50x50, components 3\012- data Hash02eebe83bc6786ef27b852477d4c4998 205314ba911137b6f6be4eefd946a2c62229e591 a0038f9d5f6fe1ce8fe1bf1cc7256f05e16c11d27041739c55918b823744753c
GET /img/comments/person-sweep-4.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 15:36:02 GMT
content-type: image/jpeg
content-length: 3694
cf-bgj: h2pri
etag: "63db9e29-e6e"
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2796
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGmq%2FFj5kySnHKfqww2xvc8UbE09USwgtsaWnKLhlId%2BXbx1OnqSMCs5k0ebNtpu3necbpj5oYuYb15IUj7z8VBE%2FCRix31n%2Bh0Oov5xB%2FSV1CmK2N7qpQz8ex2aloDbDWtYWuTRhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79340004ccb80b3d-OSL
X-Firefox-Spdy: h2
|
|
| sweepstakessurvey.org/js/v-_baseIsEqualDeep.js.5278aac9.js | 172.67.75.79 | 200 OK | 3.7 kB |
URL HTTP/2sweepstakessurvey.org/js/v-_baseIsEqualDeep.js.5278aac9.js IP172.67.75.79:0
File typeASCII text, with very long lines (719), with no line terminators Hash1207dfa58d8cfac123b5c5a2f5e42715 5b83db2e0d3214e3ac250a25f46740ecf0b1f3b4 525622836ccb1aed5f75125f7530317edd8e977519a66d8ca33ddcf4f6323614
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/v-_baseIsEqualDeep.js.5278aac9.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 15:36:01 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"63db9e29-2cf"
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4484
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDTFKTX3i89%2B%2BfLA1PpJR6y%2Bc%2BWsH8kta5f0eTm9zv%2FJ86QQvIMKbQ6DzK1pw4Y5fKa4rZlhOYBKfOrcdT0GLCcwu8QqpIqbuo90pOsxqphUeXa5nqAb5x9bpzVYcKH%2BPyRRlgtDmw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79340000b8bf0b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sweepstakessurvey.org/img/comments/person-sweep-7.jpg | 172.67.75.79 | 200 OK | 11 kB |
URL HTTP/2sweepstakessurvey.org/img/comments/person-sweep-7.jpg IP172.67.75.79:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:07:21 09:30:25], baseline, precision 8, 50x50, components 3\012- data Hash583a669aef17441f222db5be083f3750 f869d6bf98c43f0a0a935305096fe637df202687 5afe11e79d5ce7715f2dd2a291c3841d7abc1a62ac89002214f9562f6f58865b
GET /img/comments/person-sweep-7.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 15:36:02 GMT
content-type: image/jpeg
content-length: 10884
cf-bgj: h2pri
etag: "63db9e29-2a84"
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2794
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nKeYjwHTa7BXQsxSctOZf6%2FWxV879nmL02GmFMETi4UuUBWh2W5qDTd7CTshYWkiKTNA2Z8nKIqunxAPpKJhy9dI%2F4ru6CltbhOw4gK%2Fpuwj3BF41Rqafc2iTgg6UMO1hufl4DWr6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793400050b8eb51e-OSL
X-Firefox-Spdy: h2
|
|
| sweepstakessurvey.org/js/config/comments/en-sweep.json | 172.67.75.79 | 200 OK | 75 kB |
URL HTTP/2sweepstakessurvey.org/js/config/comments/en-sweep.json IP172.67.75.79:0
File typeJSON data\012- , ASCII text Hash65a5ea4389053e9cf1d1cce3baaae405 6acc3c9bf7476697e793e6bd175ea0910fd6bde6 ae30f2dfa5640bb8e336235dd8db4157c21e8e230352dec8159629a393ffdc27
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/config/comments/en-sweep.json HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 15:36:01 GMT
content-type: application/json
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
etag: W/"63db9e29-12f9"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbCj9TxQ2Ce2B20YKo25O4yy%2BDB9tMxzYfveKA6EKph6Wvwpde2pnkBp6wsDqX6uDGrMWF0pDqFe4qbWkmco%2F2E1k%2BMpGcG7%2B0aEFfQXjy7pmxU8U5ETW9yimygGmKxTj2EKP4fs5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793400038b9d0b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sweepstakessurvey.org/img/comments/person-sweep-6.jpg | 172.67.75.79 | 200 OK | 10 kB |
URL HTTP/2sweepstakessurvey.org/img/comments/person-sweep-6.jpg IP172.67.75.79:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:07:21 09:31:13], baseline, precision 8, 50x50, components 3\012- data Hasheecc2c7e1efc1d69f01f47b677666cf2 c4e909b86e22612ca4c5e599c7fc7204573b1baa 92aaaee44b9c6f7f69cd778106927274a9c6f0fec665555be6b020d220207fb6
GET /img/comments/person-sweep-6.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 15:36:02 GMT
content-type: image/jpeg
content-length: 10400
cf-bgj: h2pri
etag: "63db9e29-28a0"
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2794
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRxpJeH3V8XffLHMfqLkJ4vJFokU%2Fwhe4paZo7U852N7iDBx5okdFWEK2%2FXoZxW7qftcgEYhHW4aCdlHHBbWOULmbN5Xs7x7LkXL6xw34y6rfDnh77HmJ%2FtFXU1KARyMdvwFNaEuYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793400050b89b51e-OSL
X-Firefox-Spdy: h2
|
|
| sweepstakessurvey.org/img/comments/person-sweep-13.jpg | 172.67.75.79 | 200 OK | 1.1 kB |
URL HTTP/2sweepstakessurvey.org/img/comments/person-sweep-13.jpg IP172.67.75.79:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data Hash85059de53011f0ef712a5f4b5dd13219 481385e3fe4b3ec1fd703de246796396a33777b1 7f442be1fc6ab7aa64035207cedeff057625371b7a58d551fda451acee6b4f58
GET /img/comments/person-sweep-13.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 15:36:02 GMT
content-type: image/jpeg
content-length: 1110
cf-bgj: h2pri
etag: "63db9e29-456"
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2793
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=boWp6p08F4pV7ZHX7lANx2f9WDvm40QRz3a1T9i3iGbvEYiaJ3%2BxvTMZa3u9kkVrHMRZLukiMlSRSBFvAP8%2FouyNR7QqFU6R00hfP1nLn0jlbQ2EiaTv6d0eo0Qv%2BPMHlrsseu50pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793400050b97b51e-OSL
X-Firefox-Spdy: h2
|
|
| sweepstakessurvey.org/img/comments/person-sweep-14.jpg | 172.67.75.79 | 200 OK | 1.1 kB |
URL HTTP/2sweepstakessurvey.org/img/comments/person-sweep-14.jpg IP172.67.75.79:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data Hash4248fa5ac54e7b0dfa5a791bd1dbd161 aa880bfbdca2ec69d93fd29606a64bdce6ee830c 174659ceb240363f2d31a6fd392f108ad714a592b0dc3192d1051c42237bf8b8
GET /img/comments/person-sweep-14.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 15:36:02 GMT
content-type: image/jpeg
content-length: 1146
cf-bgj: h2pri
etag: "63db9e29-47a"
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2793
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8P%2B6MvT7PmZd8HcQIX3fgDSYG%2BTLVO3rTONWU8OsOW3hQb%2BnB0gsRLpPOINJVETc%2BkY9G68eFsqXmmD5TxL4QSP2EGjFF4oeSe%2FOmwshWB8T3%2Beb3bQE2pXP7W2n8XbO1uP%2BXYC2hw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793400050b9ab51e-OSL
X-Firefox-Spdy: h2
|
|
| sweepstakessurvey.org/img/comments/person-sweep-8.jpg | 172.67.75.79 | 200 OK | 1.2 kB |
URL HTTP/2sweepstakessurvey.org/img/comments/person-sweep-8.jpg IP172.67.75.79:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data Hashf60b9c2d018d7a29d014742ae8e36839 1b59e7eec38eb9f620256742f83ae7938ac0bb07 ed7ea3a5c85d0ba010c783b9599441ba28fb4333cf1ef534f6ec07b5d81e7fd8
GET /img/comments/person-sweep-8.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 15:36:02 GMT
content-type: image/jpeg
content-length: 1182
cf-bgj: h2pri
etag: "63db9e29-49e"
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2794
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFCSGdbeO9Ss5roZ4tgYgEMP3Y5A8CXUnd0310%2FHEe9IHkYJN03oNhvqPFOnxyXP7%2Fa%2B65Za09GWVksfQiK7j0Ecn68IxFPzgACWik2OefUqu0kmb1kuo2Z%2BSai%2FOfz%2Fc8QBwlzPSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793400050b91b51e-OSL
X-Firefox-Spdy: h2
|
|
| sweepstakessurvey.org/js/v-_equalByTag.js.b5f56871.js | 172.67.75.79 | 200 OK | 11 kB |
URL HTTP/2sweepstakessurvey.org/js/v-_equalByTag.js.b5f56871.js IP172.67.75.79:0
File typeASCII text, with very long lines (934), with no line terminators Hashb8cb124a25e80c4e5273a883450cf656 7eb42d658c9ace711ad7c63a8f8cacc468932854 d8aea77816accd5922a8885dcb968139e1a91560ead821bdc4de58fedfc98ce1
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/v-_equalByTag.js.b5f56871.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 15:36:01 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"63db9e29-3a6"
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4484
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7nd5NL%2F567u93W3QiIlh8NA4jxWVCGfClspMZpgGh4430xX185Zg%2F0%2BwtWqrLDKXsn8Pz2tSjQ4tAknmo9r%2BuZt34pZehnYJpkoV1fPwPS1Ml%2FHHFngbWgbLpJ1O4dOg8HBOpmWtgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79340000b8be0b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sweepstakessurvey.org/img/comments/person-sweep-12.jpg | 172.67.75.79 | 200 OK | 11 kB |
URL HTTP/2sweepstakessurvey.org/img/comments/person-sweep-12.jpg IP172.67.75.79:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:07:21 09:34:12], baseline, precision 8, 50x50, components 3\012- data Hash85b4e587433a60e7d3e98b1ef93a71f8 c4c8600ce8a5be2640aacbac866bf8b1f8192f26 65e9048c6b09381baa8056de19ad758b2a302dbbc3fb1cdb509e414ed73c69b8
GET /img/comments/person-sweep-12.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 15:36:02 GMT
content-type: image/jpeg
content-length: 11188
cf-bgj: h2pri
etag: "63db9e29-2bb4"
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2793
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PnC3%2BUoY%2B%2FMn%2Bd%2F%2FSsz%2F9t8U87IcQ1M%2FxUpXvE9eAEq3k%2FE5YmwAMvNYMSgthJMwVuABKXd338Wf%2FU%2Fu0%2FAtfjFetmopYl4Xs6FXhkSOM5%2FiYcR3%2B1rFb2KyI4%2F8EeETM%2BF9LCASDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793400050b96b51e-OSL
X-Firefox-Spdy: h2
|
|
| sweepstakessurvey.org/img/sweep/tokens10k.png | 172.67.75.79 | 200 OK | 67 kB |
URL HTTP/2sweepstakessurvey.org/img/sweep/tokens10k.png IP172.67.75.79:0
File typePNG image data, 480 x 500, 8-bit colormap, non-interlaced\012- data Hash7226e7c7102de83aea128e7417e87779 1777a0c66bd17c26c4da8462efa8975342581a4d 2cb3f101f3327f07baf3bcd509372a6058d871da12ae0661771a5c7c339fff36
GET /img/sweep/tokens10k.png HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 15:36:02 GMT
content-type: image/png
content-length: 66622
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
etag: "63db9e29-1043e"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3SsK5KI7VhWF9dLAXcD4KJWYS3KPNTPKEM0wvHvkeFmiZWc%2B1D60qRSE3nHUEN4jpjINlAB%2FAO1d5MOgnAVICL0SIdGTi%2FZor1vNkoqDh83NDWk7l1GwCUtvHeiw7Ov76ClTnr%2Fk4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793400044c5a0b3d-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 104.18.32.68 | 200 OK | 471 B |
IP104.18.32.68:0
Hash1256fdd4da71b825a1e9c46e3c756d9f c2660abd47c71ceaec6012f9479299b4519201d4 128ecb38026476098b0316fad2927d5e8df5f6265ac5554ff6009c8b85a32985
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 15:36:02 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 05:19:52 GMT
Expires: Thu, 09 Feb 2023 05:19:51 GMT
Etag: "c2660abd47c71ceaec6012f9479299b4519201d4"
Cache-Control: max-age=567228,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79340004f967b523-OSL
|
|
| sweepstakessurvey.org/img/comments/person-sweep-9.jpg | 172.67.75.79 | 200 OK | 12 kB |
URL HTTP/2sweepstakessurvey.org/img/comments/person-sweep-9.jpg IP172.67.75.79:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:07:21 09:32:23], baseline, precision 8, 50x50, components 3\012- data Hashf950070b2582c8f9202b5d084e91905f 7154a29bb2ecd778435943cf02c88fb9b0a86183 ccfcb58ee86d9df13807286e232dd153f04c84527fd80d5efc2212157cb6386e
GET /img/comments/person-sweep-9.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 15:36:02 GMT
content-type: image/jpeg
content-length: 11871
cf-bgj: h2pri
etag: "63db9e29-2e5f"
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2793
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xit%2FQKr5GH%2FvB62Z28%2F4MR9KYS%2BLmQxB7pW18rSnDsY8Qd7weeRUp4wXJWzOMaW9YzsO3L7pNfa2luykWBnBuRY0Y%2BJl2kZf9kbyqAcTzJt3trGYWu3Vv4owBkcgeFnAcoiLG73NCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793400050b92b51e-OSL
X-Firefox-Spdy: h2
|
|
| sweepstakessurvey.org/img/comments/person-sweep-15.jpg | 172.67.75.79 | 200 OK | 1.1 kB |
URL HTTP/2sweepstakessurvey.org/img/comments/person-sweep-15.jpg IP172.67.75.79:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data Hashca57a3f68e171ebeb7798679d5fb79ca 688e6a4ffeeae81c9e970e03081de1fe26afac9a f739552ded4074fa25475c5a5ed9c49dc0a769e791e9916b5d8bcbc044f8818a
GET /img/comments/person-sweep-15.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 15:36:02 GMT
content-type: image/jpeg
content-length: 1067
cf-bgj: h2pri
etag: "63db9e29-42b"
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2793
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjNU3%2FkrAQC9fAkbb%2BAg0f3TBwNlrH8vHtkPjpqeGdTqAE9jrDzn4phlLJRUtz1w%2BS3wD5kTmAVw5ulMysfgLRGT53V8S5TfDUgvzxRb8Pq1uVvt9IdNQ4cN%2BOCUpqg7KtFxQ28WWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793400050b9db51e-OSL
X-Firefox-Spdy: h2
|
|
| sweepstakessurvey.org/js/v-react-dom.production.min.js.46734935.js | 172.67.75.79 | 200 OK | 53 kB |
URL HTTP/2sweepstakessurvey.org/js/v-react-dom.production.min.js.46734935.js IP172.67.75.79:0
File typeASCII text, with very long lines (65536), with no line terminators Hashf728335b989ecb06d38472b5ab1d7272 b5d02458c3a015edff09ca763f1a3c4b4ac62011 cdb46acc7abc8a38db8bb0aaf6a9041e3074e8df06e762bc8837e828e70c9691
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/v-react-dom.production.min.js.46734935.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 15:36:01 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"63db9e2a-1f8c5"
last-modified: Thu, 02 Feb 2023 11:27:38 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4484
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l53FHA72Gh2me6M2bXfajdLItPq%2FzONj9q5xuhmnPDUaApshBbDw7TleTIO2g1CnXROdNsCrN3%2Bcy%2F7lk%2BLZVfKVfcgXzf3WnQorfa2LftVi6yYQP7fp%2BvismHaXHoTen7IWkNQnbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79340000b8c20b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sweepstakessurvey.org/img/comments/person-sweep-16.jpg | 172.67.75.79 | 200 OK | 1.2 kB |
URL HTTP/2sweepstakessurvey.org/img/comments/person-sweep-16.jpg IP172.67.75.79:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data Hash9574e9e3f629fc4cc0f470f678a232ca 89412a05077b4eaa423f7790bd5fb4ee3efc84eb 15f660e8aec56d65e9da4efcd552984e5a623c25b8484c3efbdfa7567bdab17d
GET /img/comments/person-sweep-16.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 15:36:02 GMT
content-type: image/jpeg
content-length: 1208
cf-bgj: h2pri
etag: "63db9e29-4b8"
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2793
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yy0PkrqJNqtIP9lTfLgw145m2bZH%2BROGTRTwX%2FImUyjGv7Oqf7rAj%2FO9YRbKQBbVwrwYmoagjoirIrOll3JQQvjatEN1CWCV0Vv6vhMXFFgglRu3%2FrEowBoEAUDiEnlqdBMhnOdkpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793400050b9eb51e-OSL
X-Firefox-Spdy: h2
|
|
| datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a | 139.45.195.253 | 200 OK | 12 B |
URL HTTP/1.1datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a IP139.45.195.253:0
File typeJSON data\012- , ASCII text, with no line terminators Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 900
Origin: https://sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Thu, 02 Feb 2023 15:36:02 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://sweepstakessurvey.org
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| mc.yandex.ru/metrika/advert.gif | 77.88.21.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/metrika/advert.gif IP77.88.21.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 02 Feb 2023 15:36:02 GMT
access-control-allow-origin: *
etag: "63c93a4b-2b"
expires: Thu, 02 Feb 2023 16:36:02 GMT
accept-ranges: bytes
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A251%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1467654282250%3Ahid%3A934258160%3Az%3A0%3Ai%3A20230202153628%3Aet%3A1675352189%3Ac%3A1%3Arn%3A812852528%3Arqn%3A1%3Au%3A16753521891070910665%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C80%2C1%2C%2C0%2C%2C119%2C2%2C%2C%2C%2C329%3Aco%3A0%3Ans%3A1675352188242%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675352189%3At%3ADear%20user&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 | 77.88.21.119 | 200 OK | 400 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A251%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1467654282250%3Ahid%3A934258160%3Az%3A0%3Ai%3A20230202153628%3Aet%3A1675352189%3Ac%3A1%3Arn%3A812852528%3Arqn%3A1%3Au%3A16753521891070910665%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C80%2C1%2C%2C0%2C%2C119%2C2%2C%2C%2C%2C329%3Aco%3A0%3Ans%3A1675352188242%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675352189%3At%3ADear%20user&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 IP77.88.21.119:0
File typeJSON data\012- , ASCII text, with very long lines (400), with no line terminators Hashb84320b7bfe4173bd5e7b1e3705c0fdc f5819adacad975e24eafe65bc0bfb5a16e4865f7 8c275f3cbdc7748b973881693d097872b4842aa1aa2f39ed0a0831e46c8a26f7
GET /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A251%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1467654282250%3Ahid%3A934258160%3Az%3A0%3Ai%3A20230202153628%3Aet%3A1675352189%3Ac%3A1%3Arn%3A812852528%3Arqn%3A1%3Au%3A16753521891070910665%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C80%2C1%2C%2C0%2C%2C119%2C2%2C%2C%2C%2C329%3Aco%3A0%3Ans%3A1675352188242%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675352189%3At%3ADear%20user&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Thu, 02 Feb 2023 15:36:02 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://sweepstakessurvey.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02-Feb-2023 15:36:02 GMT
last-modified: Thu, 02-Feb-2023 15:36:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonAdexCall&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675352162_f7e55938eee3cef96f66baff342fe1e55ca3d4892bc0853af27e7a0475372743&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1467654282250%3Ahid%3A934258160%3Az%3A0%3Ai%3A20230202153629%3Aet%3A1675352189%3Ac%3A1%3Arn%3A207347624%3Arqn%3A3%3Au%3A16753521891070910665%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675352188242%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675352189%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(3)aw(1)fip(1)ti(2) | 77.88.21.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonAdexCall&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675352162_f7e55938eee3cef96f66baff342fe1e55ca3d4892bc0853af27e7a0475372743&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1467654282250%3Ahid%3A934258160%3Az%3A0%3Ai%3A20230202153629%3Aet%3A1675352189%3Ac%3A1%3Arn%3A207347624%3Arqn%3A3%3Au%3A16753521891070910665%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675352188242%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675352189%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(3)aw(1)fip(1)ti(2) IP77.88.21.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonAdexCall&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675352162_f7e55938eee3cef96f66baff342fe1e55ca3d4892bc0853af27e7a0475372743&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1467654282250%3Ahid%3A934258160%3Az%3A0%3Ai%3A20230202153629%3Aet%3A1675352189%3Ac%3A1%3Arn%3A207347624%3Arqn%3A3%3Au%3A16753521891070910665%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675352188242%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675352189%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(3)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: https://sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 02 Feb 2023 15:36:02 GMT
access-control-allow-origin: https://sweepstakessurvey.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02-Feb-2023 15:36:02 GMT
last-modified: Thu, 02-Feb-2023 15:36:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A251%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1467654282250%3Ahid%3A934258160%3Az%3A0%3Ai%3A20230202153628%3Aet%3A1675352189%3Ac%3A1%3Arn%3A812852528%3Arqn%3A1%3Au%3A16753521891070910665%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C80%2C1%2C%2C0%2C%2C119%2C2%2C%2C%2C%2C329%3Aco%3A0%3Ans%3A1675352188242%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675352189%3At%3ADear%20user&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) | 77.88.21.119 | 302 Found | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A251%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1467654282250%3Ahid%3A934258160%3Az%3A0%3Ai%3A20230202153628%3Aet%3A1675352189%3Ac%3A1%3Arn%3A812852528%3Arqn%3A1%3Au%3A16753521891070910665%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C80%2C1%2C%2C0%2C%2C119%2C2%2C%2C%2C%2C329%3Aco%3A0%3Ans%3A1675352188242%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675352189%3At%3ADear%20user&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) IP77.88.21.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/66423859?wmode=7&page-url=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A251%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1467654282250%3Ahid%3A934258160%3Az%3A0%3Ai%3A20230202153628%3Aet%3A1675352189%3Ac%3A1%3Arn%3A812852528%3Arqn%3A1%3Au%3A16753521891070910665%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C80%2C1%2C%2C0%2C%2C119%2C2%2C%2C%2C%2C329%3Aco%3A0%3Ans%3A1675352188242%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675352189%3At%3ADear%20user&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A251%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1467654282250%3Ahid%3A934258160%3Az%3A0%3Ai%3A20230202153628%3Aet%3A1675352189%3Ac%3A1%3Arn%3A812852528%3Arqn%3A1%3Au%3A16753521891070910665%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C80%2C1%2C%2C0%2C%2C119%2C2%2C%2C%2C%2C329%3Aco%3A0%3Ans%3A1675352188242%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675352189%3At%3ADear%20user&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Thu, 02 Feb 2023 15:36:02 GMT
access-control-allow-origin: https://sweepstakessurvey.org
set-cookie: yabs-sid=706673551675352162; Path=/; SameSite=None; Secure
i=RwwHzPajgCO+wxtZ0lYLejwmFSIIIJlK13UQaI1bbc264UpmkO9ch6DeHIgrPGFh4uiZaArq0o+mixk/tHJXqrGtINs=; Expires=Sun, 30-Jan-2033 15:35:55 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=6930826881675352162; Expires=Fri, 02-Feb-2024 15:36:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=6930826881675352162; Expires=Fri, 02-Feb-2024 15:36:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706888162.yc.1675352162#1706888162.yrts.1675352162#1706888162.yrtsi.1675352162; Expires=Fri, 02-Feb-2024 15:36:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02-Feb-2023 15:36:02 GMT
last-modified: Thu, 02-Feb-2023 15:36:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonSurveyStart&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675352162_f7e55938eee3cef96f66baff342fe1e55ca3d4892bc0853af27e7a0475372743&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1467654282250%3Ahid%3A934258160%3Az%3A0%3Ai%3A20230202153629%3Aet%3A1675352189%3Ac%3A1%3Arn%3A933552001%3Arqn%3A2%3Au%3A16753521891070910665%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C774%2C774%2C0%2C%3Aco%3A0%3Ans%3A1675352188242%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675352189%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2) | 77.88.21.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonSurveyStart&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675352162_f7e55938eee3cef96f66baff342fe1e55ca3d4892bc0853af27e7a0475372743&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1467654282250%3Ahid%3A934258160%3Az%3A0%3Ai%3A20230202153629%3Aet%3A1675352189%3Ac%3A1%3Arn%3A933552001%3Arqn%3A2%3Au%3A16753521891070910665%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C774%2C774%2C0%2C%3Aco%3A0%3Ans%3A1675352188242%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675352189%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2) IP77.88.21.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonSurveyStart&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675352162_f7e55938eee3cef96f66baff342fe1e55ca3d4892bc0853af27e7a0475372743&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1467654282250%3Ahid%3A934258160%3Az%3A0%3Ai%3A20230202153629%3Aet%3A1675352189%3Ac%3A1%3Arn%3A933552001%3Arqn%3A2%3Au%3A16753521891070910665%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C774%2C774%2C0%2C%3Aco%3A0%3Ans%3A1675352188242%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675352189%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 40
Origin: https://sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 02 Feb 2023 15:36:02 GMT
access-control-allow-origin: https://sweepstakessurvey.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02-Feb-2023 15:36:02 GMT
last-modified: Thu, 02-Feb-2023 15:36:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonStepChange&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675352162_f7e55938eee3cef96f66baff342fe1e55ca3d4892bc0853af27e7a0475372743&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1467654282250%3Ahid%3A934258160%3Az%3A0%3Ai%3A20230202153629%3Aet%3A1675352189%3Ac%3A1%3Arn%3A972722327%3Arqn%3A5%3Au%3A16753521891070910665%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675352188242%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675352189%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(5)aw(1)fip(1)ti(2) | 77.88.21.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonStepChange&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675352162_f7e55938eee3cef96f66baff342fe1e55ca3d4892bc0853af27e7a0475372743&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1467654282250%3Ahid%3A934258160%3Az%3A0%3Ai%3A20230202153629%3Aet%3A1675352189%3Ac%3A1%3Arn%3A972722327%3Arqn%3A5%3Au%3A16753521891070910665%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675352188242%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675352189%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(5)aw(1)fip(1)ti(2) IP77.88.21.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonStepChange&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675352162_f7e55938eee3cef96f66baff342fe1e55ca3d4892bc0853af27e7a0475372743&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1467654282250%3Ahid%3A934258160%3Az%3A0%3Ai%3A20230202153629%3Aet%3A1675352189%3Ac%3A1%3Arn%3A972722327%3Arqn%3A5%3Au%3A16753521891070910665%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675352188242%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675352189%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(5)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 43
Origin: https://sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 02 Feb 2023 15:36:02 GMT
access-control-allow-origin: https://sweepstakessurvey.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02-Feb-2023 15:36:02 GMT
last-modified: Thu, 02-Feb-2023 15:36:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonAdexLoad&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675352162_f7e55938eee3cef96f66baff342fe1e55ca3d4892bc0853af27e7a0475372743&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1467654282250%3Ahid%3A934258160%3Az%3A0%3Ai%3A20230202153629%3Aet%3A1675352189%3Ac%3A1%3Arn%3A441614902%3Arqn%3A6%3Au%3A16753521891070910665%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675352188242%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675352189%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(6)aw(1)fip(1)ti(2) | 77.88.21.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonAdexLoad&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675352162_f7e55938eee3cef96f66baff342fe1e55ca3d4892bc0853af27e7a0475372743&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1467654282250%3Ahid%3A934258160%3Az%3A0%3Ai%3A20230202153629%3Aet%3A1675352189%3Ac%3A1%3Arn%3A441614902%3Arqn%3A6%3Au%3A16753521891070910665%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675352188242%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675352189%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(6)aw(1)fip(1)ti(2) IP77.88.21.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonAdexLoad&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675352162_f7e55938eee3cef96f66baff342fe1e55ca3d4892bc0853af27e7a0475372743&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1467654282250%3Ahid%3A934258160%3Az%3A0%3Ai%3A20230202153629%3Aet%3A1675352189%3Ac%3A1%3Arn%3A441614902%3Arqn%3A6%3Au%3A16753521891070910665%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675352188242%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675352189%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(6)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: https://sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 02 Feb 2023 15:36:02 GMT
access-control-allow-origin: https://sweepstakessurvey.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02-Feb-2023 15:36:02 GMT
last-modified: Thu, 02-Feb-2023 15:36:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675352162_f7e55938eee3cef96f66baff342fe1e55ca3d4892bc0853af27e7a0475372743&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1467654282250%3Ahid%3A934258160%3Az%3A0%3Ai%3A20230202153629%3Aet%3A1675352189%3Ac%3A1%3Arn%3A338907488%3Arqn%3A7%3Au%3A16753521891070910665%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675352188242%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675352189%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(7)aw(1)fip(1)ti(2) | 77.88.21.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675352162_f7e55938eee3cef96f66baff342fe1e55ca3d4892bc0853af27e7a0475372743&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1467654282250%3Ahid%3A934258160%3Az%3A0%3Ai%3A20230202153629%3Aet%3A1675352189%3Ac%3A1%3Arn%3A338907488%3Arqn%3A7%3Au%3A16753521891070910665%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675352188242%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675352189%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(7)aw(1)fip(1)ti(2) IP77.88.21.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675352162_f7e55938eee3cef96f66baff342fe1e55ca3d4892bc0853af27e7a0475372743&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1467654282250%3Ahid%3A934258160%3Az%3A0%3Ai%3A20230202153629%3Aet%3A1675352189%3Ac%3A1%3Arn%3A338907488%3Arqn%3A7%3Au%3A16753521891070910665%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675352188242%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675352189%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(7)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 50
Origin: https://sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 02 Feb 2023 15:36:02 GMT
access-control-allow-origin: https://sweepstakessurvey.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02-Feb-2023 15:36:02 GMT
last-modified: Thu, 02-Feb-2023 15:36:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe8e0173672ec76c01676a1ba4e1be857 3d01334320c94972440226cfe96c8c7646cae796 c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14860
Expires: Thu, 02 Feb 2023 19:43:43 GMT
Date: Thu, 02 Feb 2023 15:36:03 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe8e0173672ec76c01676a1ba4e1be857 3d01334320c94972440226cfe96c8c7646cae796 c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14860
Expires: Thu, 02 Feb 2023 19:43:43 GMT
Date: Thu, 02 Feb 2023 15:36:03 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe8e0173672ec76c01676a1ba4e1be857 3d01334320c94972440226cfe96c8c7646cae796 c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14860
Expires: Thu, 02 Feb 2023 19:43:43 GMT
Date: Thu, 02 Feb 2023 15:36:03 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe8e0173672ec76c01676a1ba4e1be857 3d01334320c94972440226cfe96c8c7646cae796 c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14860
Expires: Thu, 02 Feb 2023 19:43:43 GMT
Date: Thu, 02 Feb 2023 15:36:03 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe8e0173672ec76c01676a1ba4e1be857 3d01334320c94972440226cfe96c8c7646cae796 c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14860
Expires: Thu, 02 Feb 2023 19:43:43 GMT
Date: Thu, 02 Feb 2023 15:36:03 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash395bb0f71f9eba82f5ca23548d08900f b1fada280c7ea3eb775a6fa46ce173a51eb045f5 7443babb69532e1ee3ee779e05ad4f62de2c5bf62548bcb5702f8290a527664c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11367
x-amzn-requestid: 67702c15-9a68-46ec-95e5-efb57f08e2f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5OGfBoAMF3Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6e-033182ba55fdd0230ad5a270;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Ybz4mmNUwsKOkpz6GFm4nLz7iGX5gJ--EiUjqrs8G92GBLn6qaF7IQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:57:51 GMT
age: 63492
etag: "b1fada280c7ea3eb775a6fa46ce173a51eb045f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaa9536b-a4e6-42f5-99dd-75298eecbbb1.jpeg | 34.120.237.76 | 200 OK | 16 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaa9536b-a4e6-42f5-99dd-75298eecbbb1.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha4392f298c9e98515493f1235810838f b89eebf2b8adac69487262100b07da8bc171ecf7 b368d87d3a0fe4e1a8ddc82bed704b3056ad2874b8d325111b399b18807c1e5e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaa9536b-a4e6-42f5-99dd-75298eecbbb1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15656
x-amzn-requestid: c32afc98-7764-432a-8f5b-96d3e7cda49b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fsGGCHjeoAMFWaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db1d59-467198bd54922de073d17e62;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 02:18:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: sQg8cF89OT04hnqaTaYSmBMseq89yB4qeX1DTwupQ2qavx7pO0DCAg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 11:25:31 GMT
age: 15032
etag: "b89eebf2b8adac69487262100b07da8bc171ecf7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg | 34.120.237.76 | 200 OK | 5.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash7c823f1d6bf1c50d58eb263b85e6e37c a7b74d11494fb3254df907e5cc1eead070d84617 b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i697kJpdT4ZPeMLWIftWf16pWCic0-v4tL4GDKfVfTZLo-E4-3FwDQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:21:38 GMT
age: 62065
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| sweepstakessurvey.org/img/comments/person-sweep-5.jpg | 172.67.75.79 | 200 OK | 15 kB |
URL HTTP/2sweepstakessurvey.org/img/comments/person-sweep-5.jpg IP172.67.75.79:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6bb5b89e738516f4862491eec286bf6d 8fb46b9ca85f2c578eb2a56d0007859183e12209 7f164a37b675bf39f8473392b07a2a383397da003303965fb190fd4f455bb43b
GET /img/comments/person-sweep-5.jpg HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 15:36:02 GMT
content-type: image/jpeg
content-length: 3268
cf-bgj: h2pri
etag: "63db9e29-cc4"
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2796
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yk%2BfFFintpaabCqUdeOl80NipbabK0rLGq%2BdMCHwR9ueDDnPvJj0itRI2X2seNm0LNc1uCAXo%2BnjRVvD0xC%2FBuK26QcrrhcN2%2BihoEGvYE2%2FQ4Sb%2Br2YO%2F0MbC6%2B3jQGkMY%2B8pGJPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793400050b85b51e-OSL
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04301881-7728-4218-a61a-642cd5ffae53.jpeg | 34.120.237.76 | 200 OK | 5.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04301881-7728-4218-a61a-642cd5ffae53.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash0224e848c34cb32cf932ed99dfd8468a 31c1abac8979bca5a998a6649ca3e6f59c0fb2f5 f93d5a69758e57d4d2b0d307ce98ad5ea8d86b825108873e8ea5bc36567dc5c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04301881-7728-4218-a61a-642cd5ffae53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5061
x-amzn-requestid: e8e96b85-5b24-48b4-bea3-6c1b93c55ca1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKVGf3oAMFj1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-558cb5ec6f31497d284518be;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AeFT9dVmzOw8800DKN7VouWS3HGHRYp64On9sF62J-aOK_OGtvAa7w==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:12:52 GMT
age: 62591
etag: "31c1abac8979bca5a998a6649ca3e6f59c0fb2f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg | 34.120.237.76 | 200 OK | 9.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashdf4a4906103a8f409c066b1cded71384 22847e3926db3e3d5f6b529297a4abe8b377c3a6 84a14b73b2cc7f4641eaa5539cbee0a109ae2b05cf88d06797a2b00c8d4f0c43
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9221
x-amzn-requestid: 209c2ad4-7a1f-4867-bf98-4ca8621111a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTBFv5IAMFgqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-1627a9d603c69f7760ad013b;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kAkcQOKAvuq3k-X081MLCqon-cnQJqGryVeE0fwX0a7bcXgJlySIvg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:21:38 GMT
age: 62065
etag: "22847e3926db3e3d5f6b529297a4abe8b377c3a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| sweepstakessurvey.org/js/sweeps-survey.9f607bfa.js | 172.67.75.79 | 200 OK | 0 B |
URL HTTP/2sweepstakessurvey.org/js/sweeps-survey.9f607bfa.js IP172.67.75.79:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/sweeps-survey.9f607bfa.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 15:36:01 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"63db9e29-20a"
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4484
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Si9XHqu7zY7vYaOCaB69X6uk2fTqRMRU0i1FjbOvEcC5LsR%2F5HRDOKxhNcEnjCoivZR1ZjCeYBiYC22FsVgcXAtHqJnS7rvUYCK9gdWAC6Z54LrLbQRqy5yeNOswt5Dqu6SSWVdUdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79340000b8cf0b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sweepstakessurvey.org/sweep.html | 172.67.75.79 | 200 OK | 0 B |
URL HTTP/2sweepstakessurvey.org/sweep.html IP172.67.75.79:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /sweep.html HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 02 Feb 2023 15:36:01 GMT
content-type: text/html
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tN0lBLB0kCXzJfhb7pIURGK2Os3OawYeHjdwzfKKOfUfaL2B9AoJbFEyfkxpWUSIOJCFerJbdwLqc%2Bu5Qw86uJLRZsr1NM76nQbGELD9m%2FNcQ8ZgMOFHQSXqOrR4apnn3lykU4tgKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7933ffff8f6b0b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sweepstakessurvey.org/js/_global-config-sd.fac48b69.js | 172.67.75.79 | 200 OK | 0 B |
URL HTTP/2sweepstakessurvey.org/js/_global-config-sd.fac48b69.js IP172.67.75.79:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/_global-config-sd.fac48b69.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 15:36:01 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"63db9e29-3c4"
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4485
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Le9H8D%2FTzGIzekM2F8u9jMbXTmODREoAitbi6Pr2mc4FI8yYbeIHzecl5Jq1u3g%2BHb84v0e7wT8Eoa%2B9gCZ1laGNMpYWwg%2BBtcFoEGCsvug9qFbJy0DbmmwrmYS5oKhYbkHB9libEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79340000a8b20b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sweepstakessurvey.org/js/_each-land-config.08c6454a.js | 172.67.75.79 | 200 OK | 0 B |
URL HTTP/2sweepstakessurvey.org/js/_each-land-config.08c6454a.js IP172.67.75.79:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/_each-land-config.08c6454a.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 15:36:01 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"63db9e29-a2d7"
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4484
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFlC0%2FUVBHhPsoFlItSnGZhKggzQd1lKNpFmam%2FRWnMam99X6c2UcImq1AzC%2FSxfuvj2SZ3V3544BpNr82b32gCPHAOwtMokShtVAxqbR%2BM%2FeXmz6TTw4%2F5ikFnQX3h1tqVOBrzOMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79340000b8bb0b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sweepstakessurvey.org/js/_is-browser-supported.caa18280.js | 172.67.75.79 | 200 OK | 0 B |
URL HTTP/2sweepstakessurvey.org/js/_is-browser-supported.caa18280.js IP172.67.75.79:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/_is-browser-supported.caa18280.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 15:36:01 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"63db9e2a-3ee"
last-modified: Thu, 02 Feb 2023 11:27:38 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4485
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QVTBdctvbMOYb0PKMlfZkqlg2FfMflNszPS%2FzErBO9UEN%2BVYn0ZkOGVFpRgQO62O7LB3maTCvtxdY668btz48BF4NKiXGsv2Ox%2BDR1oFBjduXZbjyBrCv1BjhvTnOIKMQ%2BaidndL0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79340000a8af0b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sweepstakessurvey.org/js/_rtc.30a54484.js | 172.67.75.79 | 200 OK | 0 B |
URL HTTP/2sweepstakessurvey.org/js/_rtc.30a54484.js IP172.67.75.79:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/_rtc.30a54484.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 15:36:01 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"63db9e29-2bb5"
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4484
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w5i41fhVnzOPjDgepNoG651QRPeSPQE3%2Ba%2BgnM7R97YgxgtbJHIjVFQde45N76XR5AnrpgF0MeDdO8AmqniY7WUVob9btM6MYJWiSG6JK3WvcXSUKOWKTl5jX80GnIDZeuQb7XS0cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79340000b8b60b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sweepstakessurvey.org/js/v-index.js.6b4da208.js | 172.67.75.79 | 200 OK | 0 B |
URL HTTP/2sweepstakessurvey.org/js/v-index.js.6b4da208.js IP172.67.75.79:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/v-index.js.6b4da208.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 15:36:01 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"63db9e29-8987"
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4484
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HMBD%2BK%2BLZQXe%2BKPaecfi4dXrhlzyBHTqHMxzNOciIK%2BlCxp1dJk4jiIygvHm2a88HbCxjhklGS2dfcepIMM2c5p0eZsvhRLw%2BKih0VVxzY7Kdh%2FlsAkqd%2Bs48hxnACz4RBngx6m0Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79340000b8bd0b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sweepstakessurvey.org/js/v-redux-toolkit.esm.js.6f0811f7.js | 172.67.75.79 | 200 OK | 0 B |
URL HTTP/2sweepstakessurvey.org/js/v-redux-toolkit.esm.js.6f0811f7.js IP172.67.75.79:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/v-redux-toolkit.esm.js.6f0811f7.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 15:36:01 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"63db9e29-289c"
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4484
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=phFO3gTnYh8D8pzzLyIwH42T4q96IDXISPiC2OPxbGLiY1%2BG1UXrYut%2FakcMcHTLB%2B04CDRT01%2Fz9Iy6S0E6IIODBYdFqWtQHlhCeUCK0UqWNNkjidhNkjAaiXY8ANjzh19KRQWhQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79340000b8c50b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sweepstakessurvey.org/js/_core-survey.71983b0a.js | 172.67.75.79 | 200 OK | 0 B |
URL HTTP/2sweepstakessurvey.org/js/_core-survey.71983b0a.js IP172.67.75.79:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/_core-survey.71983b0a.js HTTP/1.1
Host: sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 15:36:01 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"63db9e2a-2e109"
last-modified: Thu, 02 Feb 2023 11:27:38 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4484
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5bW15%2FBQIegLA3gc0TU%2FTzD6BfOgDkvZiZmIXu4omlaMBJv7LM8p6CnSgTmCAAhDl%2FO%2B4fxe1u81HvCjrhFaZUqOyEnArQnoSvFnh9dB3QjxacBqpoZ1a9p7%2BsqkvXnlVge3xmE4LA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79340000b8c90b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|