| p12.sweepstakessurvey.org/sweep.html | 104.26.15.215 | 301 Moved Permanently | 0 B |
URL HTTP/1.1p12.sweepstakessurvey.org/sweep.html IP104.26.15.215:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /sweep.html HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 01:50:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 09 Dec 2022 02:50:51 GMT
Location: https://p12.sweepstakessurvey.org/sweep.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2ByFxxGkBlDndo8JW5RJSwS0gtu0t9ikWoTpMMlFi0r9Js80MIS9Gkicz%2BYa5%2Bsoz26qXEb0fmI%2FmWSlxTlXxlbVKukm%2BMD1RvI69MnwfVqKZ3Yvdm%2BCcXXs4sHwx6by0Ivmb0D0AEm67hU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776a17a44fcfb509-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashf2acd891dc6eb1f09f57a2b086791781 1e2088306501a61edcca1ade62c4d54f23b3b083 51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3040
Expires: Fri, 09 Dec 2022 02:41:31 GMT
Date: Fri, 09 Dec 2022 01:50:51 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashaea93551fa9deb76ae49a3b4019d64fe e3b8862057ebe839959228e42246d7b1807fc90c 7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12596
Expires: Fri, 09 Dec 2022 05:20:47 GMT
Date: Fri, 09 Dec 2022 01:50:51 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash14cd9a0afb6ba9a763651d5112760d1e 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 01:08:16 GMT
content-type: application/json
age: 2555
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4ee537977be9c03702f8ffe0025bf1fe 21637881c4aa34c4add703f8bff4eff573159f45 4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12261
Expires: Fri, 09 Dec 2022 05:15:12 GMT
Date: Fri, 09 Dec 2022 01:50:51 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash53341dea33f4f3d9b4966f80589f429a 20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: NxZA9Rp3HflhZQS6r98zZIDapIfo3/dDJYzrC12aI5h7JdAoohezwwFbzbBcNaurrqMXZDvrKcM=
x-amz-request-id: MS7QRSQT4RTV08KS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 01:48:08 GMT
age: 163
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 01:50:51 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashc5aafe0783224a85ab3fc3a3ed72feea 64d82f7c5e210ac619fd1ed359b9aeddc28fb7f1 733c56af987a219be6c59a59b6d009b156a06b3ff67a84334c1b6b2d1fedc54a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 01:50:51 GMT
Etag: "63909146-117"
Server: ECS (amb/6BB5)
Content-Length: 279
|
|
| p12.sweepstakessurvey.org/js/v-utils.js.d156afc7.js | 172.67.75.79 | 200 OK | 3.8 kB |
URL HTTP/2p12.sweepstakessurvey.org/js/v-utils.js.d156afc7.js IP172.67.75.79:0
File typeASCII text, with very long lines (8634), with no line terminators Hashf26ed79c457c01d7b5f75c5576d1457a 1189e8f3c5a0d86f1ef1215068f989fecc221fc8 05dd4f8bd91d5ef1d213cb6f70bd9b7ef0967c37a5d8e46c9f7d9dae4bfe34d5
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/v-utils.js.d156afc7.js HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: application/javascript
last-modified: Thu, 08 Dec 2022 16:05:35 GMT
vary: Accept-Encoding
etag: W/"63920b4f-21ba"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGU%2BL8u7Cw8tVXRUY9vOHmeR6Xw83wcY5w6n9oQR6za44lLR7CLmmbUd6oOFqBdiy7bfj%2FtiTwP4Ert3vfJizUZYkcnAPR4pYORkPevM8V2jo8DLJ1s7hC4ggEB6C0n43hfSv9Yy%2BdIQiaQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17a83c97b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashfd55f4aaaab6ec40bc7dc10252cd819a a72523f60be265a391fa9edc43e0a93418ad1fd0 bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2908
Cache-Control: max-age=115468
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 01:50:52 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 09:55:20 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashacea7cb44141792f5d84b0c9ab8c57e4 69f1e46739200324bd891063d17c7a7083f313b7 4c0d144b20ab8cf7fec972a66e08ed2b993121e9c4b6c88bbf0f3e7388f2b058
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C0D144B20AB8CF7FEC972A66E08ED2B993121E9C4B6C88BBF0F3E7388F2B058"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11796
Expires: Fri, 09 Dec 2022 05:07:28 GMT
Date: Fri, 09 Dec 2022 01:50:52 GMT
Connection: keep-alive
|
|
| p12.sweepstakessurvey.org/js/v-react-dom.production.min.js.088acd9e.js | 172.67.75.79 | 200 OK | 42 kB |
URL HTTP/2p12.sweepstakessurvey.org/js/v-react-dom.production.min.js.088acd9e.js IP172.67.75.79:0
File typeASCII text, with very long lines (65536), with no line terminators Hashed33280e072ecbe2eae7996e476307c1 d729b01d996d89eec89a9bbaa795a5bd92ff0196 232087d4849d7a42b7d022f8d9b8f8846c837814cc036cc51c951e86ba09b848
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/v-react-dom.production.min.js.088acd9e.js HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: application/javascript
last-modified: Thu, 08 Dec 2022 16:05:36 GMT
vary: Accept-Encoding
etag: W/"63920b50-1f8c5"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mNE%2FfJSuVfDmg9K9vbTcOtfrH37jTwXyHmBUQEuXvKogg6Oxv6QDRWj5LoctFaWVODLGJ%2BC92jT9lP96vbLVf0GEy9zx71IDGRJPSeFSYS3YcjepEJRhWAOozraPC%2BAoFdXNxznDPR2c72Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17a83ca2b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe4a72671d5c3ae752457fcdc8557f16a 25c065ec082e3d583d3da74f504151a0087aa680 3e24934ded9de5f17ff3306ead3a6c5088ea6f4aec5a8fbb9b1afb9df971fbc3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3E24934DED9DE5F17FF3306EAD3A6C5088EA6F4AEC5A8FBB9B1AFB9DF971FBC3"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2033
Expires: Fri, 09 Dec 2022 02:24:45 GMT
Date: Fri, 09 Dec 2022 01:50:52 GMT
Connection: keep-alive
|
|
| p12.sweepstakessurvey.org/img/comments/unnamed.jpg | 172.67.75.79 | 200 OK | 1.4 kB |
URL HTTP/2p12.sweepstakessurvey.org/img/comments/unnamed.jpg IP172.67.75.79:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data Hash449aaf5a54e3fe3aa4f0f5875bede090 b2b897362626700277b7f8baca8b1f292d08b7e5 4200f94af9e21196c339a50a85d3d50c769e8655857fdaf67df6e99678b9ad59
GET /img/comments/unnamed.jpg HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: image/jpeg
content-length: 1378
last-modified: Thu, 08 Dec 2022 16:05:35 GMT
vary: Accept-Encoding
etag: "63920b4f-562"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3GsqK0FS2I2AhDO9kDDE9LqHshoVY61gIkBJS%2BzVqnhyYau53JsNXujWLC53zX5bvzgI8CeFlCnEJ0PksV2yT%2FGWq%2F1KEYYQXCtpuI8VPmaA9dFyfwFhT1ojtlDfJgZhuRPnQMiINfiRPY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17abee4ab515-OSL
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe4a72671d5c3ae752457fcdc8557f16a 25c065ec082e3d583d3da74f504151a0087aa680 3e24934ded9de5f17ff3306ead3a6c5088ea6f4aec5a8fbb9b1afb9df971fbc3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3E24934DED9DE5F17FF3306EAD3A6C5088EA6F4AEC5A8FBB9B1AFB9DF971FBC3"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3398
Expires: Fri, 09 Dec 2022 02:47:30 GMT
Date: Fri, 09 Dec 2022 01:50:52 GMT
Connection: keep-alive
|
|
| p12.sweepstakessurvey.org/img/comments/person-sweep-6.jpg | 172.67.75.79 | 200 OK | 10 kB |
URL HTTP/2p12.sweepstakessurvey.org/img/comments/person-sweep-6.jpg IP172.67.75.79:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:07:21 09:31:13], baseline, precision 8, 50x50, components 3\012- data Hasheecc2c7e1efc1d69f01f47b677666cf2 c4e909b86e22612ca4c5e599c7fc7204573b1baa 92aaaee44b9c6f7f69cd778106927274a9c6f0fec665555be6b020d220207fb6
GET /img/comments/person-sweep-6.jpg HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: image/jpeg
content-length: 10400
last-modified: Thu, 08 Dec 2022 16:05:35 GMT
vary: Accept-Encoding
etag: "63920b4f-28a0"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXp1G5Vm33%2F56NCnCFiJ18d%2ByagLz2%2F%2F2z%2F%2BIK3r%2Fb7ukJnWzfuUTj8%2B4NCxDJIVsytuTODBift96EoTW8mZt9SfF9SOxYgwDk74Q3d%2F1bDcUTL5dOHbocl7dpgR8BhLlheT7zAViOghrpU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17abee52b515-OSL
X-Firefox-Spdy: h2
|
|
| p12.sweepstakessurvey.org/img/comments/person-sweep-10.jpg | 172.67.75.79 | 200 OK | 11 kB |
URL HTTP/2p12.sweepstakessurvey.org/img/comments/person-sweep-10.jpg IP172.67.75.79:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:07:21 09:33:44], baseline, precision 8, 50x50, components 3\012- data Hash2f7d5d907d9e6d0250afbdbeb7f3cb0c 136703751a36b76b1fe599930ec855f90fde9f23 271e2dabe37ae76b27d28edfeaf49c9a4135f62dd24a3c0ff3387ea9354841f1
GET /img/comments/person-sweep-10.jpg HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: image/jpeg
content-length: 10828
last-modified: Thu, 08 Dec 2022 16:05:35 GMT
vary: Accept-Encoding
etag: "63920b4f-2a4c"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGhBnaCUb0jxBLnwpL1l5qC5aFOlC1JpKqU7MLIchu3H27RwGNb36UOb060KlQQ96S9p4QJTbiMrconZlDYyqYvm3DvwiyMVoPWZ5FKA6p4YTapyczLVS93bP1tBw3yQOKcG%2BVuKBjczSQQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17abfe56b515-OSL
X-Firefox-Spdy: h2
|
|
| p12.sweepstakessurvey.org/js/config/dict/cookie-consent-1.json?v=10 | 172.67.75.79 | 200 OK | 3.6 kB |
URL HTTP/2p12.sweepstakessurvey.org/js/config/dict/cookie-consent-1.json?v=10 IP172.67.75.79:0
File typeJSON data\012- HTML document, Unicode text, UTF-8 text Hasha008d26491c0067fc7cc841e333ce56a 5aa15df71a45eaf66b5b212c0b4ef28ef1d20d5f 9844e43e48b5b4d21a0d45892d7cb42c02f8d929a182f8c621b065eb69c042e9
GET /js/config/dict/cookie-consent-1.json?v=10 HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: application/json
last-modified: Thu, 08 Dec 2022 16:05:36 GMT
vary: Accept-Encoding
etag: W/"63920b50-1760"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iHH%2BZ5GNNpJN6mG%2BoC96hvSlr4LPki0hHWTvFAP6vDaJ3OQTqnPYQy5ldv5XgV3nuxPTurKTZdbys2Xekl2rkAyEbpZGsR4WrPT2YlVxwinNw%2Ft7KcIitHLGDtDKywSaUjLaXE8e%2Fp5ACLs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17ab4e0ab515-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| p12.sweepstakessurvey.org/js/v-_equalByTag.js.34ccca25.js | 172.67.75.79 | 200 OK | 12 kB |
URL HTTP/2p12.sweepstakessurvey.org/js/v-_equalByTag.js.34ccca25.js IP172.67.75.79:0
File typeASCII text, with very long lines (935), with no line terminators Hashd02444bee0b46b641803ba8dd3dab648 732cc685c1e3d36a596f2885866c6aab6179f669 f423a6e694ebb55799b0536730b2589c448780c2c9a1c84ff0ea31bb91ffe67f
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/v-_equalByTag.js.34ccca25.js HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: application/javascript
last-modified: Thu, 08 Dec 2022 16:05:35 GMT
vary: Accept-Encoding
etag: W/"63920b4f-3a7"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fd9ZYxhhmjE0OKnOCKDSumQfkGTEGtoHYXo%2BsVswNg8fcJwL24RFeemVh4wZOVeIspIKzNyRCvINtPne1LDEV5zfeViYQe3UfNe256fah%2FDnXmPmHzWRSz3vZBxm%2Fi1C1gtsHVMwFdzZSKY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17a83ca0b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| p12.sweepstakessurvey.org/img/comments/person-sweep-14.jpg | 172.67.75.79 | 200 OK | 1.1 kB |
URL HTTP/2p12.sweepstakessurvey.org/img/comments/person-sweep-14.jpg IP172.67.75.79:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data Hash4248fa5ac54e7b0dfa5a791bd1dbd161 aa880bfbdca2ec69d93fd29606a64bdce6ee830c 174659ceb240363f2d31a6fd392f108ad714a592b0dc3192d1051c42237bf8b8
GET /img/comments/person-sweep-14.jpg HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: image/jpeg
content-length: 1146
last-modified: Thu, 08 Dec 2022 16:05:35 GMT
vary: Accept-Encoding
etag: "63920b4f-47a"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7x%2FVcKJhhvNbeU0qyXu40WWct4OSkenJb1eKUxiqUK%2FqU3ntTZlLU1DacCGrsR1547yoc%2FMWgOFX9gYMUIuNyZGsqXCd6zjhnMhWULJQ%2FcYF%2BuhmwqFNjfz9ghDgRnDaYGQRyj0q4y8ZYk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17abfe5cb515-OSL
X-Firefox-Spdy: h2
|
|
| p12.sweepstakessurvey.org/img/comments/person-sweep-5.jpg | 172.67.75.79 | 200 OK | 3.3 kB |
URL HTTP/2p12.sweepstakessurvey.org/img/comments/person-sweep-5.jpg IP172.67.75.79:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2017:06:15 10:57:43], baseline, precision 8, 50x50, components 3\012- data Hash92c40a962aa579868b64b8b7f1b6575c f676f1ce463a7b0b7b2c05587a9b52285e55e679 64e47fb0b1dc439d03463c15a7977d88988a4d3f7d563e3d772cc9ca8d41e414
GET /img/comments/person-sweep-5.jpg HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: image/jpeg
content-length: 3268
cf-bgj: h2pri
etag: "63920b4f-cc4"
last-modified: Thu, 08 Dec 2022 16:05:35 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ic7Di1uxQu9vU2oYFe1yHoOb12d4%2FovJKzmwiY%2B78WES3hzNzF2soC0PHhR%2BskV5d%2FIkTv3TK1%2BBj%2FqegNqQEbqTm0bqwgd7ViWdpE33Qh%2BLljv7znW27MZZBG86nyWsSdrFG0oMKKIAJqQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17abee51b515-OSL
X-Firefox-Spdy: h2
|
|
| p12.sweepstakessurvey.org/img/comments/person-sweep-3.jpg | 172.67.75.79 | 200 OK | 1.1 kB |
URL HTTP/2p12.sweepstakessurvey.org/img/comments/person-sweep-3.jpg IP172.67.75.79:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data Hash72ab252d8ff828965ad984b8ab16991f e45ea3665e80feb2e6309b04e1ec2e8d41bb279b c5d70c3abf95aecc84bcc1b1f9fc25848e690852071169bf57522fd671550291
GET /img/comments/person-sweep-3.jpg HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: image/jpeg
content-length: 1063
cf-bgj: h2pri
etag: "63920b4f-427"
last-modified: Thu, 08 Dec 2022 16:05:35 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jmpzIbctRe75pz8aYktFEFWcBmQaSJf3uK5NagUIBWZbk0NhqdWHKFwZjJGwNkT3Sa4oi4Wh5bofPBgE9PsKEKDSV0lB7T5qOOAa7gN3dj6WXhliCKue2kZNs%2BlAcXXEmLLIKwnYfY14d4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17abee4eb515-OSL
X-Firefox-Spdy: h2
|
|
| p12.sweepstakessurvey.org/img/comments/person-sweep-7.jpg | 172.67.75.79 | 200 OK | 11 kB |
URL HTTP/2p12.sweepstakessurvey.org/img/comments/person-sweep-7.jpg IP172.67.75.79:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:07:21 09:30:25], baseline, precision 8, 50x50, components 3\012- data Hash583a669aef17441f222db5be083f3750 f869d6bf98c43f0a0a935305096fe637df202687 5afe11e79d5ce7715f2dd2a291c3841d7abc1a62ac89002214f9562f6f58865b
GET /img/comments/person-sweep-7.jpg HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: image/jpeg
content-length: 10884
last-modified: Thu, 08 Dec 2022 16:05:35 GMT
vary: Accept-Encoding
etag: "63920b4f-2a84"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmmrmrCVUL4bjxx7MxdEA9PtH8RPnvC55m2TQGystotjgjrYEk565abAKmyCQDNrCRIJmAJ9J30NNjV6jz7yrsjieTHMFo%2F%2BV2d7sV7cm08qIQBOLKr8zZ%2FXwxNhJpFOv5XoqUIbbh6XM2k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17abee53b515-OSL
X-Firefox-Spdy: h2
|
|
| p12.sweepstakessurvey.org/img/comments/person-sweep-4.jpg | 172.67.75.79 | 200 OK | 3.7 kB |
URL HTTP/2p12.sweepstakessurvey.org/img/comments/person-sweep-4.jpg IP172.67.75.79:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2017:06:15 10:57:43], baseline, precision 8, 50x50, components 3\012- data Hash02eebe83bc6786ef27b852477d4c4998 205314ba911137b6f6be4eefd946a2c62229e591 a0038f9d5f6fe1ce8fe1bf1cc7256f05e16c11d27041739c55918b823744753c
GET /img/comments/person-sweep-4.jpg HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: image/jpeg
content-length: 3694
cf-bgj: h2pri
etag: "63920b4f-e6e"
last-modified: Thu, 08 Dec 2022 16:05:35 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jCfZOBXnmQMnlI%2BP%2FBkISoElIHumLkcpKhJozYzhb%2FEPvhKxop8qM0GdTxe0R4VVtkKjFFUwtKou2Ab0e51Q9neHiFB9y%2Ba349VU0XaxhfFCpWcIDnU6IzuovzD5EKEbTwUIeLPo87j29%2BU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17abee50b515-OSL
X-Firefox-Spdy: h2
|
|
| p12.sweepstakessurvey.org/img/comments/person-sweep-8.jpg | 172.67.75.79 | 200 OK | 1.2 kB |
URL HTTP/2p12.sweepstakessurvey.org/img/comments/person-sweep-8.jpg IP172.67.75.79:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data Hashf60b9c2d018d7a29d014742ae8e36839 1b59e7eec38eb9f620256742f83ae7938ac0bb07 ed7ea3a5c85d0ba010c783b9599441ba28fb4333cf1ef534f6ec07b5d81e7fd8
GET /img/comments/person-sweep-8.jpg HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: image/jpeg
content-length: 1182
last-modified: Thu, 08 Dec 2022 16:05:35 GMT
vary: Accept-Encoding
etag: "63920b4f-49e"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HYxzbAIX7xaA3E9ht3QHDz1pWn6cjZ0z0Mpz9CPuKBPfoZAwuNRni%2F2VUGSn5DufD88gPDPOKPt1RwSjL%2Fc53HrIgFNnIWQv%2BbisueWzosJQ6z9WjBFb5PHUOxRVuf4gFhbhreBYF%2Fy%2Bi4M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17abfe54b515-OSL
X-Firefox-Spdy: h2
|
|
| p12.sweepstakessurvey.org/img/comments/person-sweep-12.jpg | 172.67.75.79 | 200 OK | 11 kB |
URL HTTP/2p12.sweepstakessurvey.org/img/comments/person-sweep-12.jpg IP172.67.75.79:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:07:21 09:34:12], baseline, precision 8, 50x50, components 3\012- data Hash85b4e587433a60e7d3e98b1ef93a71f8 c4c8600ce8a5be2640aacbac866bf8b1f8192f26 65e9048c6b09381baa8056de19ad758b2a302dbbc3fb1cdb509e414ed73c69b8
GET /img/comments/person-sweep-12.jpg HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: image/jpeg
content-length: 11188
last-modified: Thu, 08 Dec 2022 16:05:35 GMT
vary: Accept-Encoding
etag: "63920b4f-2bb4"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PjgKefKhNNldat6LixWsPfeHD8YtCwQG%2FvuyuaEN3GYeHfW5bkrmnBMRGOXN5j%2Fht4pnejio%2BA2N8X75XvKohx8GAeCPHQ2wOpgAddLoo2AKLLAeePgWA%2Fx1lNq3Du35AWrXumskCbXeoYE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17abfe59b515-OSL
X-Firefox-Spdy: h2
|
|
| p12.sweepstakessurvey.org/js/v-_baseIsEqualDeep.js.eabb141c.js | 172.67.75.79 | 200 OK | 3.7 kB |
URL HTTP/2p12.sweepstakessurvey.org/js/v-_baseIsEqualDeep.js.eabb141c.js IP172.67.75.79:0
File typeASCII text, with very long lines (720), with no line terminators Hash1f65295d532163f6c63c2a184bf01e02 827ff52eaf3cdfe6aace1118f7038455c6dec869 9ae1f21cb035b7246d9604e0a7eb321ae62368e77625473dfe73a701c65192b9
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/v-_baseIsEqualDeep.js.eabb141c.js HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: application/javascript
last-modified: Thu, 08 Dec 2022 16:05:35 GMT
vary: Accept-Encoding
etag: W/"63920b4f-2d0"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BRQt4H7vzEkZNuBAzeHlhb3S6cNzSCL6cIjCScuyaep626Y7ZI9e38kui5nR3C%2BWx%2BBukQ8sDt%2Fgd0zLms6KttGjO%2Fy55t%2BGxkqA%2FNIWPJtZyxixuHOXZz0OGVEchV6nijNOODzpRkpWyNA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17a83ca1b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| p12.sweepstakessurvey.org/img/comments/person-sweep-16.jpg | 172.67.75.79 | 200 OK | 1.2 kB |
URL HTTP/2p12.sweepstakessurvey.org/img/comments/person-sweep-16.jpg IP172.67.75.79:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data Hash9574e9e3f629fc4cc0f470f678a232ca 89412a05077b4eaa423f7790bd5fb4ee3efc84eb 15f660e8aec56d65e9da4efcd552984e5a623c25b8484c3efbdfa7567bdab17d
GET /img/comments/person-sweep-16.jpg HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: image/jpeg
content-length: 1208
last-modified: Thu, 08 Dec 2022 16:05:35 GMT
vary: Accept-Encoding
etag: "63920b4f-4b8"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=102UttlzWyTJUxTta1mSMUEHkXpfQ7OwMmF1soHNU6aqYhQL59dwvqQyu1RxGGByOQpTKqfUIdj2%2BgbJ888Ggk%2F08%2F3T1RVs478TXE3aoNzA1GjJk%2BnwRN42JPC1Ecb4JuSFtbjUOC730sU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17ac0e61b515-OSL
X-Firefox-Spdy: h2
|
|
| p12.sweepstakessurvey.org/img/comments/person-sweep-11.jpg | 172.67.75.79 | 200 OK | 11 kB |
URL HTTP/2p12.sweepstakessurvey.org/img/comments/person-sweep-11.jpg IP172.67.75.79:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:07:21 09:32:58], baseline, precision 8, 50x50, components 3\012- data Hashe33f2bea60761c8f1c4cf8648839692a 14a8b54006c419c85842d96a8a4aeb837f5a0a5e 9d020381e094ab0ae1556c751f9c4af6498cf12989cd9c3605ca91b856cb5951
GET /img/comments/person-sweep-11.jpg HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: image/jpeg
content-length: 10636
last-modified: Thu, 08 Dec 2022 16:05:35 GMT
vary: Accept-Encoding
etag: "63920b4f-298c"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqQL3ehpJf6tbgXWn5jzIyQHaD28RLlzBj%2FeXjrnJ0LzXJE6X3CaJUw267d7ejll1%2BxamU5zGOpnYcTbTQwA32OM5YDgOD8mZiOiK8o1DJdKFGvRgFd2l3yDsKw0r81Z3jVsWAvM%2FcIbFQo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17abfe57b515-OSL
X-Firefox-Spdy: h2
|
|
| p12.sweepstakessurvey.org/img/comments/person-sweep-15.jpg | 172.67.75.79 | 200 OK | 1.1 kB |
URL HTTP/2p12.sweepstakessurvey.org/img/comments/person-sweep-15.jpg IP172.67.75.79:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data Hashca57a3f68e171ebeb7798679d5fb79ca 688e6a4ffeeae81c9e970e03081de1fe26afac9a f739552ded4074fa25475c5a5ed9c49dc0a769e791e9916b5d8bcbc044f8818a
GET /img/comments/person-sweep-15.jpg HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: image/jpeg
content-length: 1067
last-modified: Thu, 08 Dec 2022 16:05:35 GMT
vary: Accept-Encoding
etag: "63920b4f-42b"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X8qCvF7AlF6%2Fr1NHH77t1D0SM7sqRNeBNCe%2FFGqe5%2BLwEIHl%2BDCOuiUnmZ6qjaC%2FWRu8dsUVvb2eu2rlrODO%2FYgH2QDcFWiN%2BMS13eVfWG4o8gqhGveP16WWBOgFNoZSprv%2ButbUSCDA1JU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17ac0e5eb515-OSL
X-Firefox-Spdy: h2
|
|
| p12.sweepstakessurvey.org/img/comments/person-sweep-1.jpg | 172.67.75.79 | 200 OK | 3.9 kB |
URL HTTP/2p12.sweepstakessurvey.org/img/comments/person-sweep-1.jpg IP172.67.75.79:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2017:06:15 10:57:43], baseline, precision 8, 50x52, components 3\012- data Hash72c067fe856886245e7c47c7ff84e041 5210cb05f897db334c61f8971ccec9a7396ea8a7 9a106ad9f340c7bafdd365ea1ad24b9336c304b1e72653eb58e84b5604471030
GET /img/comments/person-sweep-1.jpg HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: image/jpeg
content-length: 3900
last-modified: Thu, 08 Dec 2022 16:05:35 GMT
vary: Accept-Encoding
etag: "63920b4f-f3c"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BOlTKAkqBs7MuFjZn%2FxBajmqnUkb2ytPpvQaEMHROpPRFk%2FpNd%2FJ7vNnMUd6d8n9Nf5SehVfSbxpciFu9YvM9AAYMoTwqV%2FIv1bO3%2BpnEnevXn2NyvO6EW8lsWPE043vJPOgO6PhGq1Rv3I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17abee4bb515-OSL
X-Firefox-Spdy: h2
|
|
| p12.sweepstakessurvey.org/img/sweep/tokens10k.png | 172.67.75.79 | 200 OK | 67 kB |
URL HTTP/2p12.sweepstakessurvey.org/img/sweep/tokens10k.png IP172.67.75.79:0
File typePNG image data, 480 x 500, 8-bit colormap, non-interlaced\012- data Hash7226e7c7102de83aea128e7417e87779 1777a0c66bd17c26c4da8462efa8975342581a4d 2cb3f101f3327f07baf3bcd509372a6058d871da12ae0661771a5c7c339fff36
GET /img/sweep/tokens10k.png HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: image/png
content-length: 66622
last-modified: Thu, 08 Dec 2022 16:05:35 GMT
vary: Accept-Encoding
etag: "63920b4f-1043e"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VjiqyPA031VnO199WtGBOj6r5djXheU71to4JEgaA0ukOQCGRBYT%2B0A2V7inVHnGhOADJWBXtBbMO2Jd5x3luaCaQbUNlkkCxUdXfHVTlZNO%2B5I9CMD6R5qMrQSK8LgnJE6aRvOXFKC%2B4tc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17ac0e64b515-OSL
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 35.155.171.116 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP35.155.171.116:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NH5je52hbx49Q6sEu1pQMQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: t3G+A4bMiupMoVeFRFrAO+mTvz0=
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 471 B |
IP172.64.155.188:0
Hashf93fe0c44e63867b7f8553c1ca73460e e664d98cd9803e5f179af596d8a2f50d79fc92b0 dbb9ed743e3bf5d61dd66e676c81d5e2a43c8287d61ef34d90b6c7790ca6106e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 01:50:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 01:33:16 GMT
Expires: Tue, 13 Dec 2022 01:33:15 GMT
Etag: "e664d98cd9803e5f179af596d8a2f50d79fc92b0"
Cache-Control: max-age=343941,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776a17ad3febb50c-OSL
|
|
| datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a | 139.45.195.253 | 200 OK | 12 B |
URL HTTP/1.1datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a IP139.45.195.253:0
File typeJSON data\012- , ASCII text, with no line terminators Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 904
Origin: https://p12.sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 09 Dec 2022 01:50:53 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://p12.sweepstakessurvey.org
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| ocsp.globalsign.com/gseccovsslca2018 | 151.101.194.133 | 200 OK | 939 B |
URL HTTP/1.1ocsp.globalsign.com/gseccovsslca2018 IP151.101.194.133:0
Hash7871636598949d6675770d533d77ee44 7ab72c265b5e4572ee53d378734d8296e28d8978 e643587ab52b4e4631f47209d3a27e2530ccff3e0638f1751919ed4b30b1bc7c
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 939
Server: nginx
Content-Type: application/ocsp-response
Expires: Mon, 12 Dec 2022 23:59:17 GMT
ETag: "7ab72c265b5e4572ee53d378734d8296e28d8978"
Last-Modified: Thu, 08 Dec 2022 23:59:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 09 Dec 2022 01:50:53 GMT
Age: 2738
X-Served-By: cache-qpg1244-QPG, cache-bma1679-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 133
X-Timer: S1670550653.151119,VS0,VE0
|
|
| mc.yandex.ru/metrika/tag.js | 87.250.250.119 | 200 OK | 74 kB |
URL HTTP/2mc.yandex.ru/metrika/tag.js IP87.250.250.119:0
File typeUnicode text, UTF-8 (with BOM) text, with very long lines (598) Hashfb08b4dcffe04b350ba8e7ab80a999a1 dae801d33784397b3ff8fec4b8e7682c4baecea9 62bc4d320a556ec3c63dca1ce47d9e55a2bc15c4eef472f15e5adfb5fd451ad6
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73711
date: Fri, 09 Dec 2022 01:50:53 GMT
access-control-allow-origin: *
etag: "6391b12a-11fef"
expires: Fri, 09 Dec 2022 02:50:53 GMT
last-modified: Thu, 08 Dec 2022 12:40:58 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/metrika/advert.gif | 87.250.250.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/metrika/advert.gif IP87.250.250.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 09 Dec 2022 01:50:53 GMT
access-control-allow-origin: *
etag: "6391b12a-2b"
expires: Fri, 09 Dec 2022 02:50:53 GMT
accept-ranges: bytes
last-modified: Thu, 08 Dec 2022 12:40:58 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fp12.sweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A234%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A1%3Adp%3A0%3Als%3A95410338272%3Ahid%3A590365994%3Az%3A0%3Ai%3A20221209015052%3Aet%3A1670550653%3Ac%3A1%3Arn%3A176525006%3Arqn%3A1%3Au%3A1670550653984471774%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C49%2C0%2C%2C0%2C%2C100%2C2%2C%2C%2C%2C288%3Aco%3A0%3Ans%3A1670550651574%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670550653%3At%3ADear%20user&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 | 87.250.250.119 | 200 OK | 400 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fp12.sweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A234%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A1%3Adp%3A0%3Als%3A95410338272%3Ahid%3A590365994%3Az%3A0%3Ai%3A20221209015052%3Aet%3A1670550653%3Ac%3A1%3Arn%3A176525006%3Arqn%3A1%3Au%3A1670550653984471774%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C49%2C0%2C%2C0%2C%2C100%2C2%2C%2C%2C%2C288%3Aco%3A0%3Ans%3A1670550651574%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670550653%3At%3ADear%20user&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 IP87.250.250.119:0
File typeJSON data\012- , ASCII text, with very long lines (400), with no line terminators Hashcf67787e4ca8b7c44994ce321c89895b 0470f4bccef0e0764f5606dfcdccb13ac5b99089 8538e9eb70f784fe893f047317a12c885b03cc973a82caf83de68013daa0a84d
GET /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fp12.sweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A234%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A1%3Adp%3A0%3Als%3A95410338272%3Ahid%3A590365994%3Az%3A0%3Ai%3A20221209015052%3Aet%3A1670550653%3Ac%3A1%3Arn%3A176525006%3Arqn%3A1%3Au%3A1670550653984471774%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C49%2C0%2C%2C0%2C%2C100%2C2%2C%2C%2C%2C288%3Aco%3A0%3Ans%3A1670550651574%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670550653%3At%3ADear%20user&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://p12.sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Fri, 09 Dec 2022 01:50:53 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://p12.sweepstakessurvey.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Dec-2022 01:50:53 GMT
last-modified: Fri, 09-Dec-2022 01:50:53 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fp12.sweepstakessurvey.org%2FonSurveyStart&page-ref=https%3A%2F%2Fp12.sweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670550653_91a3ae6af4750faa347bc8da70d994cebf5c6013e56bfff2b0435302c1fa33f9&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A1%3Adp%3A0%3Als%3A95410338272%3Ahid%3A590365994%3Az%3A0%3Ai%3A20221209015052%3Aet%3A1670550653%3Ac%3A1%3Arn%3A953213171%3Arqn%3A2%3Au%3A1670550653984471774%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1084%2C1084%2C0%2C%3Aco%3A0%3Ans%3A1670550651574%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670550653%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2) | 87.250.250.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fp12.sweepstakessurvey.org%2FonSurveyStart&page-ref=https%3A%2F%2Fp12.sweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670550653_91a3ae6af4750faa347bc8da70d994cebf5c6013e56bfff2b0435302c1fa33f9&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A1%3Adp%3A0%3Als%3A95410338272%3Ahid%3A590365994%3Az%3A0%3Ai%3A20221209015052%3Aet%3A1670550653%3Ac%3A1%3Arn%3A953213171%3Arqn%3A2%3Au%3A1670550653984471774%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1084%2C1084%2C0%2C%3Aco%3A0%3Ans%3A1670550651574%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670550653%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2) IP87.250.250.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fp12.sweepstakessurvey.org%2FonSurveyStart&page-ref=https%3A%2F%2Fp12.sweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670550653_91a3ae6af4750faa347bc8da70d994cebf5c6013e56bfff2b0435302c1fa33f9&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A1%3Adp%3A0%3Als%3A95410338272%3Ahid%3A590365994%3Az%3A0%3Ai%3A20221209015052%3Aet%3A1670550653%3Ac%3A1%3Arn%3A953213171%3Arqn%3A2%3Au%3A1670550653984471774%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1084%2C1084%2C0%2C%3Aco%3A0%3Ans%3A1670550651574%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670550653%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 40
Origin: https://p12.sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 09 Dec 2022 01:50:53 GMT
access-control-allow-origin: https://p12.sweepstakessurvey.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Dec-2022 01:50:53 GMT
last-modified: Fri, 09-Dec-2022 01:50:53 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fp12.sweepstakessurvey.org%2FonUnique&page-ref=https%3A%2F%2Fp12.sweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670550653_91a3ae6af4750faa347bc8da70d994cebf5c6013e56bfff2b0435302c1fa33f9&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A1%3Adp%3A0%3Als%3A95410338272%3Ahid%3A590365994%3Az%3A0%3Ai%3A20221209015052%3Aet%3A1670550653%3Ac%3A1%3Arn%3A794417915%3Arqn%3A4%3Au%3A1670550653984471774%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670550651574%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670550653%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(4)aw(1)fip(1)ti(2) | 87.250.250.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fp12.sweepstakessurvey.org%2FonUnique&page-ref=https%3A%2F%2Fp12.sweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670550653_91a3ae6af4750faa347bc8da70d994cebf5c6013e56bfff2b0435302c1fa33f9&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A1%3Adp%3A0%3Als%3A95410338272%3Ahid%3A590365994%3Az%3A0%3Ai%3A20221209015052%3Aet%3A1670550653%3Ac%3A1%3Arn%3A794417915%3Arqn%3A4%3Au%3A1670550653984471774%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670550651574%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670550653%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(4)aw(1)fip(1)ti(2) IP87.250.250.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fp12.sweepstakessurvey.org%2FonUnique&page-ref=https%3A%2F%2Fp12.sweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670550653_91a3ae6af4750faa347bc8da70d994cebf5c6013e56bfff2b0435302c1fa33f9&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A1%3Adp%3A0%3Als%3A95410338272%3Ahid%3A590365994%3Az%3A0%3Ai%3A20221209015052%3Aet%3A1670550653%3Ac%3A1%3Arn%3A794417915%3Arqn%3A4%3Au%3A1670550653984471774%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670550651574%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670550653%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(4)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 37
Origin: https://p12.sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 09 Dec 2022 01:50:53 GMT
access-control-allow-origin: https://p12.sweepstakessurvey.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Dec-2022 01:50:53 GMT
last-modified: Fri, 09-Dec-2022 01:50:53 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fp12.sweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A234%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A1%3Adp%3A0%3Als%3A95410338272%3Ahid%3A590365994%3Az%3A0%3Ai%3A20221209015052%3Aet%3A1670550653%3Ac%3A1%3Arn%3A176525006%3Arqn%3A1%3Au%3A1670550653984471774%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C49%2C0%2C%2C0%2C%2C100%2C2%2C%2C%2C%2C288%3Aco%3A0%3Ans%3A1670550651574%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670550653%3At%3ADear%20user&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) | 87.250.250.119 | 302 Found | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fp12.sweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A234%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A1%3Adp%3A0%3Als%3A95410338272%3Ahid%3A590365994%3Az%3A0%3Ai%3A20221209015052%3Aet%3A1670550653%3Ac%3A1%3Arn%3A176525006%3Arqn%3A1%3Au%3A1670550653984471774%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C49%2C0%2C%2C0%2C%2C100%2C2%2C%2C%2C%2C288%3Aco%3A0%3Ans%3A1670550651574%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670550653%3At%3ADear%20user&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) IP87.250.250.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/66423859?wmode=7&page-url=https%3A%2F%2Fp12.sweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A234%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A1%3Adp%3A0%3Als%3A95410338272%3Ahid%3A590365994%3Az%3A0%3Ai%3A20221209015052%3Aet%3A1670550653%3Ac%3A1%3Arn%3A176525006%3Arqn%3A1%3Au%3A1670550653984471774%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C49%2C0%2C%2C0%2C%2C100%2C2%2C%2C%2C%2C288%3Aco%3A0%3Ans%3A1670550651574%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670550653%3At%3ADear%20user&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://p12.sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fp12.sweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A234%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A1%3Adp%3A0%3Als%3A95410338272%3Ahid%3A590365994%3Az%3A0%3Ai%3A20221209015052%3Aet%3A1670550653%3Ac%3A1%3Arn%3A176525006%3Arqn%3A1%3Au%3A1670550653984471774%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C49%2C0%2C%2C0%2C%2C100%2C2%2C%2C%2C%2C288%3Aco%3A0%3Ans%3A1670550651574%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670550653%3At%3ADear%20user&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Fri, 09 Dec 2022 01:50:53 GMT
access-control-allow-origin: https://p12.sweepstakessurvey.org
set-cookie: yabs-sid=1585616041670550653; Path=/; SameSite=None; Secure
i=+k2xxFg/vdy6DQQ2Tk41WsfNFzDqkODmamOvuHs3+ukbclv7ZbjOEVJiLtOADaoIHUgyabUs5CGRE7KJM5Z+nrRiS/c=; Expires=Mon, 06-Dec-2032 01:50:23 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=2554779341670550653; Expires=Sat, 09-Dec-2023 01:50:53 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=2554779341670550653; Expires=Sat, 09-Dec-2023 01:50:53 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1702086653.yc.1670550653#1702086653.yrts.1670550653#1702086653.yrtsi.1670550653; Expires=Sat, 09-Dec-2023 01:50:53 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Dec-2022 01:50:53 GMT
last-modified: Fri, 09-Dec-2022 01:50:53 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fp12.sweepstakessurvey.org%2FonStepChange&page-ref=https%3A%2F%2Fp12.sweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670550653_91a3ae6af4750faa347bc8da70d994cebf5c6013e56bfff2b0435302c1fa33f9&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A1%3Adp%3A0%3Als%3A95410338272%3Ahid%3A590365994%3Az%3A0%3Ai%3A20221209015052%3Aet%3A1670550653%3Ac%3A1%3Arn%3A801816497%3Arqn%3A5%3Au%3A1670550653984471774%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670550651574%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670550653%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(5)aw(1)fip(1)ti(2) | 87.250.250.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fp12.sweepstakessurvey.org%2FonStepChange&page-ref=https%3A%2F%2Fp12.sweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670550653_91a3ae6af4750faa347bc8da70d994cebf5c6013e56bfff2b0435302c1fa33f9&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A1%3Adp%3A0%3Als%3A95410338272%3Ahid%3A590365994%3Az%3A0%3Ai%3A20221209015052%3Aet%3A1670550653%3Ac%3A1%3Arn%3A801816497%3Arqn%3A5%3Au%3A1670550653984471774%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670550651574%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670550653%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(5)aw(1)fip(1)ti(2) IP87.250.250.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fp12.sweepstakessurvey.org%2FonStepChange&page-ref=https%3A%2F%2Fp12.sweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670550653_91a3ae6af4750faa347bc8da70d994cebf5c6013e56bfff2b0435302c1fa33f9&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A1%3Adp%3A0%3Als%3A95410338272%3Ahid%3A590365994%3Az%3A0%3Ai%3A20221209015052%3Aet%3A1670550653%3Ac%3A1%3Arn%3A801816497%3Arqn%3A5%3Au%3A1670550653984471774%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670550651574%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670550653%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(5)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 43
Origin: https://p12.sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 09 Dec 2022 01:50:53 GMT
access-control-allow-origin: https://p12.sweepstakessurvey.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Dec-2022 01:50:53 GMT
last-modified: Fri, 09-Dec-2022 01:50:53 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| cdntechone.com/stattag.js | 188.114.97.1 | 200 OK | 5.3 kB |
URL HTTP/2cdntechone.com/stattag.js IP188.114.97.1:0
File typeASCII text, with very long lines (12932), with no line terminators Hash60bb42a0dcbe5f79b323ffe7d799fab0 791d6e02b6dc835c9d6977173080e7fb26f1356c 2b9b2aa575221d3dea186580b23a8926f63bb3a41246a03e77d4fbd77d1157fd
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:35 GMT
etag: W/"637e3737-3284"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5238
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9QH4lrxsEFQD6msQYBy8I5EzOdDCQJ39dDHBWRfI9o%2BlmGv48jiXjLjKqWzGZd5tylvXaoZVQeN3DE%2F1F4aNb5NO0161nQpvDCvwW2yWCL3beKhe6epOPLcrOTDaLuhwhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776a17abea3d0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fp12.sweepstakessurvey.org%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fp12.sweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670550653_91a3ae6af4750faa347bc8da70d994cebf5c6013e56bfff2b0435302c1fa33f9&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A1%3Adp%3A0%3Als%3A95410338272%3Ahid%3A590365994%3Az%3A0%3Ai%3A20221209015052%3Aet%3A1670550653%3Ac%3A1%3Arn%3A886166831%3Arqn%3A7%3Au%3A1670550653984471774%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670550651574%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670550653%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(7)aw(1)fip(1)ti(2) | 87.250.250.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fp12.sweepstakessurvey.org%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fp12.sweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670550653_91a3ae6af4750faa347bc8da70d994cebf5c6013e56bfff2b0435302c1fa33f9&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A1%3Adp%3A0%3Als%3A95410338272%3Ahid%3A590365994%3Az%3A0%3Ai%3A20221209015052%3Aet%3A1670550653%3Ac%3A1%3Arn%3A886166831%3Arqn%3A7%3Au%3A1670550653984471774%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670550651574%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670550653%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(7)aw(1)fip(1)ti(2) IP87.250.250.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fp12.sweepstakessurvey.org%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fp12.sweepstakessurvey.org%2Fsweep.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670550653_91a3ae6af4750faa347bc8da70d994cebf5c6013e56bfff2b0435302c1fa33f9&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A1%3Adp%3A0%3Als%3A95410338272%3Ahid%3A590365994%3Az%3A0%3Ai%3A20221209015052%3Aet%3A1670550653%3Ac%3A1%3Arn%3A886166831%3Arqn%3A7%3Au%3A1670550653984471774%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670550651574%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670550653%3At%3ADear%20user&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(7)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 50
Origin: https://p12.sweepstakessurvey.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 09 Dec 2022 01:50:53 GMT
access-control-allow-origin: https://p12.sweepstakessurvey.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Dec-2022 01:50:53 GMT
last-modified: Fri, 09-Dec-2022 01:50:53 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash48c90992f0837a58e0a36118a27dae6a 3d238fed35e6d247bddbba92864e6b92e6aed9b6 cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4268
Expires: Fri, 09 Dec 2022 03:02:02 GMT
Date: Fri, 09 Dec 2022 01:50:54 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash48c90992f0837a58e0a36118a27dae6a 3d238fed35e6d247bddbba92864e6b92e6aed9b6 cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4268
Expires: Fri, 09 Dec 2022 03:02:02 GMT
Date: Fri, 09 Dec 2022 01:50:54 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash48c90992f0837a58e0a36118a27dae6a 3d238fed35e6d247bddbba92864e6b92e6aed9b6 cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4268
Expires: Fri, 09 Dec 2022 03:02:02 GMT
Date: Fri, 09 Dec 2022 01:50:54 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash48c90992f0837a58e0a36118a27dae6a 3d238fed35e6d247bddbba92864e6b92e6aed9b6 cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4268
Expires: Fri, 09 Dec 2022 03:02:02 GMT
Date: Fri, 09 Dec 2022 01:50:54 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf0d40ad-816d-4ea8-aef7-00a5af1b8c9b.png | 34.120.237.76 | 200 OK | 4.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf0d40ad-816d-4ea8-aef7-00a5af1b8c9b.png IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash34a9b9b25e57f612db5560cd05e44cce 433e295328d6c821a1df907c232bff4195e2860b 139dc677e5725c98a5d90d19b206a34a4c9f43ad87cf1d322881381e992bd5b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf0d40ad-816d-4ea8-aef7-00a5af1b8c9b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4840
x-amzn-requestid: 26914070-22ad-49fd-bacb-7842dcb203b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c2LZPGd-oAMF5OA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63925907-5c62555a65327ff934ae232e;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 21:37:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gkClPXMpz53Lmf56qAHXyd3IcOjTGjcBonaTpq2_4v7XRxPFv8q8QA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:49:12 GMT
age: 14502
etag: "433e295328d6c821a1df907c232bff4195e2860b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg | 34.120.237.76 | 200 OK | 5.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha22fc7807fb3337f0af5e546c7ad366a 0d5969394b370a5c77c53ed58f55e5f8a45da3ab 98b4f4fd27dc036697fb0328083bce6e691b7493428f3a54991087d9d1165d97
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5530
x-amzn-requestid: adecbb8c-cec3-46a0-b32c-0026b8421fe5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4d8Fg6IAMF61g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903abf-4bcb385f27cb438c36a2cd5e;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KHRqiTOztNQMPykKUfiEUFYVlLF4E4y9GVCT2g48MAvOyG-KZQkb8Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 07:58:06 GMT
age: 64368
etag: "0d5969394b370a5c77c53ed58f55e5f8a45da3ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg | 34.120.237.76 | 200 OK | 6.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash8546542f00ea29ef4df6ab8d3c7c2164 5c8ffe91490006a9890188b53f875568c2b6bd8f 7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6578
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4beGG7oAMF8hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7DwFYUoAI9x-ruRySpsSAXQZnxrXxUACrXp568TGZ2JSppZ1UC0uWg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 07:09:44 GMT
age: 67270
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash45e0c1638ad919bde19731f7987ab064 1e492807c665e6e6b24ec6ce19035fdfc6f23b92 f0d3738ec8406958470c8fd152a02a123d7654c30f974c1df5c4977a380c2d62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10205
x-amzn-requestid: c5704c7a-60c4-402b-8018-5885a8dae971
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F9BIAMF3ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-3e9573d900714e3250f43e17;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mLTL7L808-OguYGrl3FUvwmFmPQjBPRj7PVfgEheFHWg4g4skoBvOg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 18:05:28 GMT
age: 27926
etag: "1e492807c665e6e6b24ec6ce19035fdfc6f23b92"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fa81aa5-4138-458e-9bd7-de9d6211763c.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fa81aa5-4138-458e-9bd7-de9d6211763c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash8d1605154a552a8c3165c1358ea2e185 2e677da1f57c112d984180ead80481e8797ff2e8 12b075ad3e786dc68ab3fab1e4ce9d6f7810bdebc7bdafd993e19bc5bc7c0abc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fa81aa5-4138-458e-9bd7-de9d6211763c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11027
x-amzn-requestid: e0d56100-13aa-44e5-ae80-bedfeece87db
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwV19EUOIAMFjcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900359-5a5402381d61db921a00404d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:07:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7ET6kgGgWAKa4_CFCgSwnN8m7FnplxP7zOp8lEyodxn5lmlIIHD4vQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 03:38:24 GMT
age: 79950
etag: "2e677da1f57c112d984180ead80481e8797ff2e8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| p12.sweepstakessurvey.org/js/config/data/sd-501.js?v=10 | 172.67.75.79 | 200 OK | 6.7 kB |
URL HTTP/2p12.sweepstakessurvey.org/js/config/data/sd-501.js?v=10 IP172.67.75.79:0
File typeASCII text, with very long lines (4820), with no line terminators Hashd40d64138fb232900edc335a18ec60a3 7aaa37b624018fc432330896a690e3fe6b473297 3084226ad48c53f2fa52cd32e8fba149d496819d41dd4f1fc5fb5314a569e7b9
GET /js/config/data/sd-501.js?v=10 HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: application/javascript
last-modified: Thu, 08 Dec 2022 16:05:36 GMT
vary: Accept-Encoding
etag: W/"63920b50-12d4"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTUA2kgNZ6AbYpL%2ByJfZL2ewc94Tdq0a0J67E7%2F%2Fd1BtLgZJ9E6pNmJpXdFDW47h0fXetjF%2BmkcSYTLZTA%2FfB8TMd57r4S6Ma6M%2FTAl7Jb1tVoomXW14NFU9Et6ooquXoNnfSruKkyvZ1UU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17a9bd59b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| p12.sweepstakessurvey.org/js/v-URLSearchParams.js.f8f87c95.js | 172.67.75.79 | 200 OK | 0 B |
URL HTTP/2p12.sweepstakessurvey.org/js/v-URLSearchParams.js.f8f87c95.js IP172.67.75.79:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/v-URLSearchParams.js.f8f87c95.js HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: application/javascript
last-modified: Thu, 08 Dec 2022 16:05:35 GMT
vary: Accept-Encoding
etag: W/"63920b4f-dc"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9RN9oUC%2FRBy7FZObjyHyxCAXB3BcQIPme%2FNsy%2FJ7sl%2BEqVbZUXrrBfwhwRApIAAmN469YIr2zhKdEPNrzbD%2BVuVncMxCz7bFL8LggCl5tsCGbCiJ141fLdkfxVg1gZxuWnWdEB0rG%2BBJ9Dw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17a83c9ab515-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| p12.sweepstakessurvey.org/js/survey.11.8b95534f.js | 172.67.75.79 | 200 OK | 0 B |
URL HTTP/2p12.sweepstakessurvey.org/js/survey.11.8b95534f.js IP172.67.75.79:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/survey.11.8b95534f.js HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: application/javascript
last-modified: Thu, 08 Dec 2022 16:05:35 GMT
vary: Accept-Encoding
etag: W/"63920b4f-33bd6"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUcJoLd5ZRnRT2pAPeZQzzJwFcz%2F%2FgV%2F%2Bds456hPlSTtjmsPwHoUOn2feFvVpcz8VmP7ThNobaeKYvFGj2mYaahCAtcloCgbBNaNoFssi26Tr1wUyQQIXJwrMDFshFDe6cgx6dWf6a7%2BAKk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17a84ca5b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| p12.sweepstakessurvey.org/js/rtc.e1fb7744.js | 172.67.75.79 | 200 OK | 0 B |
URL HTTP/2p12.sweepstakessurvey.org/js/rtc.e1fb7744.js IP172.67.75.79:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/rtc.e1fb7744.js HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: application/javascript
last-modified: Thu, 08 Dec 2022 16:05:35 GMT
vary: Accept-Encoding
etag: W/"63920b4f-29d4"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dkd4lD2ji%2BnVUlY1JOHmvo4PME%2BABRw71EmVToq5xc%2FjMXGQ7O20iJNNFobmKX8Ccmfw2jdF%2Bvb4ZB6RS7rbkLt8fxcNlo4%2B4WDs8GtfjvmVYpcqyG8ZjtDGGF67U70wee5%2Bpz4COtj7e8U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17a82c95b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| p12.sweepstakessurvey.org/js/sweep.bbce1b64.js | 172.67.75.79 | 200 OK | 0 B |
URL HTTP/2p12.sweepstakessurvey.org/js/sweep.bbce1b64.js IP172.67.75.79:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/sweep.bbce1b64.js HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: application/javascript
last-modified: Thu, 08 Dec 2022 16:05:36 GMT
vary: Accept-Encoding
etag: W/"63920b50-d3"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vve71Xyeat%2Bptf814O9fOfn0631myxJHbcoRk0Ew8nGaSHpaKKNkZoDJ4E4rO90z611QwuB4zX3eSw9%2FvfhpBW%2FNG3lcZ7ND6nKmKvJ%2BlSgxtiGR7KLiLghGk3RgySKB2awpDJKdoPVnhwI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17a84ca6b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| p12.sweepstakessurvey.org/favicon.ico | 172.67.75.79 | 200 OK | 0 B |
URL HTTP/2p12.sweepstakessurvey.org/favicon.ico IP172.67.75.79:0
GET /favicon.ico HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:53 GMT
content-type: image/x-icon
last-modified: Thu, 08 Dec 2022 16:05:35 GMT
vary: Accept-Encoding
etag: W/"63920b4f-47e"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QWsc6OP5cIXeyDDyN1kdjS2vimi6oVA2XJKrp5pEwKcg18f8FSkJ0m901WC5fwt4dLmu%2BxF21iYWiYSlJLN9Plwl%2BMegkHXqWFLicvURDPcJ%2F6Sa%2BNLMRn%2B2BZScpwMG1xNqrQzilGNGgPE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17ad8ee2b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| p12.sweepstakessurvey.org/js/config/comments/en-sweep.json | 172.67.75.79 | 200 OK | 0 B |
URL HTTP/2p12.sweepstakessurvey.org/js/config/comments/en-sweep.json IP172.67.75.79:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/config/comments/en-sweep.json HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: application/json
last-modified: Thu, 08 Dec 2022 16:05:36 GMT
vary: Accept-Encoding
etag: W/"63920b50-12f9"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFMkurNnys79xnorJmSPcfD8O215ag6bZBzWOQ6bxY33NFzkJVwiohuCiaiHsx80n%2BIsj3AoF88CSvd6jrRCflcUByb6KcLh9COZhA32snP6jmyd3CmSwLltHJAHres0XvIYwaSr3DkHpgo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17ab3e09b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| p12.sweepstakessurvey.org/js/v-index.js.209a329e.js | 172.67.75.79 | 200 OK | 0 B |
URL HTTP/2p12.sweepstakessurvey.org/js/v-index.js.209a329e.js IP172.67.75.79:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/v-index.js.209a329e.js HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: application/javascript
last-modified: Thu, 08 Dec 2022 16:05:35 GMT
vary: Accept-Encoding
etag: W/"63920b4f-92d3"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M8v6pXm5h601bYGTQp1mO7cHJe%2F8o3vvuH%2F1ExR1%2F89JfxWSaEt44Q2UwiM6ZSX%2FeC2bucTzAkdflW2eB6PtL3mFnJ4h5kIaUgSyf3BJ%2FnLApfrMNNUU1UumWNYueyZo6uANGdJMq4a%2F5zk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17a83c96b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| p12.sweepstakessurvey.org/css/sweep.30d46ce2.css | 172.67.75.79 | 200 OK | 0 B |
URL HTTP/2p12.sweepstakessurvey.org/css/sweep.30d46ce2.css IP172.67.75.79:0
GET /css/sweep.30d46ce2.css HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: text/css
last-modified: Thu, 08 Dec 2022 16:05:35 GMT
vary: Accept-Encoding
etag: W/"63920b4f-f38c"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5%2FWXmV%2BRvTrresuTUPzR%2FdBzpMU6Ykq3oY7WqXtHtQEon3RH0SFsOictZFb%2FthHW65WN7C%2FaJGSzzNmZI%2Fg57H075u8ExbogJu8%2FP%2FRXay%2BM6RpSxMSFE8kGAI547U%2F24XtSITWyc4YqM8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17a83c9db515-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| p12.sweepstakessurvey.org/js/each-land-config.97d1826a.js | 172.67.75.79 | 200 OK | 0 B |
URL HTTP/2p12.sweepstakessurvey.org/js/each-land-config.97d1826a.js IP172.67.75.79:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/each-land-config.97d1826a.js HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: application/javascript
last-modified: Thu, 08 Dec 2022 16:05:35 GMT
vary: Accept-Encoding
etag: W/"63920b4f-1033a"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FXwsCjjPs4AUbwowd4p4jFEFxcLN8CWpXiLT3EYbfXWmLsvMzA%2F1pUOGp%2BzEAS%2BSSxJ6pAN4hs52OMVgkO2pop2JVae6Mq4SmiB6ysET1CfRPUu5e%2B2lUlLHXbfzXv%2BFlCvM2mYrL7TFfto%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17a83c9bb515-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| p12.sweepstakessurvey.org/sweep.html | 172.67.75.79 | 200 OK | 0 B |
URL HTTP/2p12.sweepstakessurvey.org/sweep.html IP172.67.75.79:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /sweep.html HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: text/html
last-modified: Thu, 08 Dec 2022 16:05:36 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kf9znu%2Bc8OfPlc9BeaVOtheYsmicHk7TRhE9cpEQ%2BRZwBmZxNchy5mEUDGfgHVcswFnp4cCa6RXPHr6%2FwS5k%2FhFWlgutJFT5LbyTEU%2BbCVnX2l%2B7SDpNYUyVnAHFpQtPi9MQOjdcjnhKBlo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17a71c2ab515-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| p12.sweepstakessurvey.org/js/_global-config-sd.975f2fa5.js | 172.67.75.79 | 200 OK | 0 B |
URL HTTP/2p12.sweepstakessurvey.org/js/_global-config-sd.975f2fa5.js IP172.67.75.79:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/_global-config-sd.975f2fa5.js HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: application/javascript
last-modified: Thu, 08 Dec 2022 16:05:36 GMT
vary: Accept-Encoding
etag: W/"63920b50-1db"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQDSmlYaTcZaTVDL1sNEGC10TAwgb4bRCQI%2BdJq1xcml%2FJD6SoZEmORuTtNk6dXdlo1vVnOO6soiapd%2Fzm6I6MTuwCa2YuKrgRH7HrBMMM9nXNGHLxDJ8ltP%2FYpyIePli0zjYINZN8aStsE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17a82c94b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| p12.sweepstakessurvey.org/css/survey.cd8123e3.css | 172.67.75.79 | 200 OK | 0 B |
URL HTTP/2p12.sweepstakessurvey.org/css/survey.cd8123e3.css IP172.67.75.79:0
GET /css/survey.cd8123e3.css HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: text/css
last-modified: Thu, 08 Dec 2022 16:05:35 GMT
vary: Accept-Encoding
etag: W/"63920b4f-4a5a"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JgROVLLP3rEVc3%2Bj%2F3d6bNxLW7v0%2FsSV08jW8MoXn1biJGc9oEA837ZoOMV%2FZWeX0BJoCrKRiVT68Uu0bQSr79StilTMLarSHY82Wv5hRz3OUbqaLZh7xhSDxf286ehgge9o9AA65zT71bE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17a83c9cb515-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| p12.sweepstakessurvey.org/css/sweep_3.6202d0ce.css | 172.67.75.79 | 200 OK | 0 B |
URL HTTP/2p12.sweepstakessurvey.org/css/sweep_3.6202d0ce.css IP172.67.75.79:0
GET /css/sweep_3.6202d0ce.css HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: text/css
last-modified: Thu, 08 Dec 2022 16:05:35 GMT
vary: Accept-Encoding
etag: W/"63920b4f-1468"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MI4wK1fK27boImIhZK%2BpwujTyqnWZjLWfsIs0w%2B9yHH9G5ItHPg4Dezhj8mzEi24ANfmdW5wMJHxBs1BdLeZ5e7%2F6DWTRfji9JKqTNIr90HteUc%2BtUm7wcDaCWCLxjgI61Y3LM7lIbGem3o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17a83c9fb515-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| p12.sweepstakessurvey.org/js/v-redux-toolkit.esm.js.d71e3cf0.js | 172.67.75.79 | 200 OK | 0 B |
URL HTTP/2p12.sweepstakessurvey.org/js/v-redux-toolkit.esm.js.d71e3cf0.js IP172.67.75.79:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/v-redux-toolkit.esm.js.d71e3cf0.js HTTP/1.1
Host: p12.sweepstakessurvey.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 01:50:52 GMT
content-type: application/javascript
last-modified: Thu, 08 Dec 2022 16:05:36 GMT
vary: Accept-Encoding
etag: W/"63920b50-289c"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CpylepM5jOwauPwjzx8CA0VS71YAE8nK3URUatGfmBbo262PP0mKcTeaW0wUE5s0gai4CBODyqgyuVNeDRhRxcURWKfujIPd386QlnXdKU0xLfSr1s7DTZE%2BihTe3go4%2BFjmvRF4KaoJNhE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a17a84ca3b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|