www.sweepstake.com Open in urlscan Pro
35.175.60.16 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sweepstake.com/
Effective URL:
https://www.sweepstake.com/
Submission: On September 15 via manual (September 15th 2022, 6:26:46 pm UTC) from US — Scanned from US

Summary HTTP 175 Redirects Links 43 Behaviour Indicators

Summary

This website contacted 48 IPs in 3 countries across 46 domains to perform 175 HTTP transactions. The main IP is 35.175.60.16, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.sweepstake.com. The Cisco Umbrella rank of the primary domain is 569559.
TLS certificate: Issued by R3 on July 22nd 2022. Valid for: 3 months.

This is the only time www.sweepstake.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	209.126.124.88 209.126.124.88	30083 (AS-30083-...) (AS-30083-GO-DADDY-COM-LLC)
39	35.175.60.16 35.175.60.16	14618 (AMAZON-AES) (AMAZON-AES)
15	172.217.165.130 172.217.165.130	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3035::6815:48a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:823::200e	15169 (GOOGLE) (GOOGLE)
1	95.217.104.34 95.217.104.34	24940 (HETZNER-AS) (HETZNER-AS)
2	2606:4700:303... 2606:4700:3031::ac43:bb22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:116:800b... 2620:116:800b:21:1456:d0e1:7db4:a56b	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21d... 2600:9000:21dd:ec00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
15	2607:f8b0:400... 2607:f8b0:4006:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21d... 2600:9000:21dd:e200:11:615:7240:93a1	16509 (AMAZON-02) (AMAZON-02)
12	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:820::2004	15169 (GOOGLE) (GOOGLE)
1	34.102.146.192 34.102.146.192	15169 (GOOGLE) (GOOGLE)
1	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
1	34.209.30.241 34.209.30.241	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	15169 (GOOGLE) (GOOGLE)
1	108.138.128.28 108.138.128.28	16509 (AMAZON-02) (AMAZON-02)
1	18.189.125.221 18.189.125.221	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
1	162.19.138.118 162.19.138.118	() ()
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	15169 (GOOGLE) (GOOGLE)
1 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
6 19	142.250.65.226 142.250.65.226	() ()
2 4	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	68.67.179.87 68.67.179.87	() ()
1 2	2600:1f18:1ac... 2600:1f18:1aca:4282:4cee:aa83:8a18:ee3	() ()
2	142.250.65.194 142.250.65.194	() ()
1	2607:f8b0:400... 2607:f8b0:4006:808::2006	() ()
1	74.119.119.139 74.119.119.139	() ()
3	35.244.159.8 35.244.159.8	() ()
2	52.1.231.196 52.1.231.196	() ()
4	52.4.33.45 52.4.33.45	() ()
1	104.36.115.111 104.36.115.111	() ()
1 3	51.222.39.185 51.222.39.185	() ()
4	54.204.127.33 54.204.127.33	() ()
1	198.148.27.134 198.148.27.134	() ()
1	151.101.2.49 151.101.2.49	() ()
1	2600:1f18:4e9... 2600:1f18:4e9:5a07:dc3:ed1a:ad6b:ca3d	() ()
2 2	15.197.193.217 15.197.193.217	() ()
2 2	2606:ae80:145... 2606:ae80:1450:16::2040	() ()
1 1	38.67.14.224 38.67.14.224	() ()
2 2	52.2.211.96 52.2.211.96	() ()
3 3	199.127.204.142 199.127.204.142	() ()
2 2	44.209.207.157 44.209.207.157	() ()
3 4	64.202.112.63 64.202.112.63	() ()
2	2600:9000:21d... 2600:9000:21dd:6c00:8:48e:53c0:93a1	() ()
4	2600:1f13:800... 2600:1f13:800:7780:8036:fe64:f036:acd6	() ()
2	2607:f8b0:400... 2607:f8b0:4006:808::200a	() ()
3	2607:f8b0:400... 2607:f8b0:4006:80c::2003	() ()
1 1	69.166.1.12 69.166.1.12	() ()
1 1	54.159.78.82 54.159.78.82	() ()
175	48

1 209.126.124.88 (St Louis, United States) 1 redirects

ASN30083 (AS-30083-GO-DADDY-COM-LLC, US)
PTR: guava.pi.activeminds.net

sweepstake.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 35.175.60.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-175-60-16.compute-1.amazonaws.com

www.sweepstake.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 172.217.165.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lax30s03-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:48a9 (United States)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::200e (Rockville, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.217.104.34 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: h-hel-02.ipaddressnetwork.com

wh.ip-adress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::ac43:bb22 (United States)

ASN13335 (CLOUDFLARENET, US)

basher.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800b:21:1456:d0e1:7db4:a56b (United States)

ASN14618 (AMAZON-AES, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21dd:ec00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:817::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4006:80b::2001 (Rockville, United States)

ASN15169 (GOOGLE, US)

777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21dd:e200:11:615:7240:93a1 (United States)

ASN16509 (AMAZON-02, US)

pxl.qccerttest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:81d::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:820::2004 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.209.30.241 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-30-241.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-28.jfk50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.189.125.221 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-189-125-221.us-east-2.compute.amazonaws.com

prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (None, )

ASN- ()

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.65.226 (None, ) 6 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.18.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.179.87 (None, ) 3 redirects

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:1aca:4282:4cee:aa83:8a18:ee3 (None, ) 1 redirects

ASN- ()

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.194 (None, )

ASN- ()

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:808::2006 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.139 (None, )

ASN- ()

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (None, )

ASN- ()

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.1.231.196 (None, )

ASN- ()

pb-server.ezoic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.4.33.45 (None, )

ASN- ()

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.115.111 (None, )

ASN- ()

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.222.39.185 (None, ) 1 redirects

ASN- ()

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.204.127.33 (None, )

ASN- ()

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.134 (None, )

ASN- ()

bid.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (None, )

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a07:dc3:ed1a:ad6b:ca3d (None, )

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (None, ) 2 redirects

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:ae80:1450:16::2040 (None, ) 2 redirects

ASN- ()

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.67.14.224 (None, ) 1 redirects

ASN- ()

aep.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.2.211.96 (None, ) 2 redirects

ASN- ()

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.127.204.142 (None, ) 3 redirects

ASN- ()

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.209.207.157 (None, ) 2 redirects

ASN- ()

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.202.112.63 (None, ) 3 redirects

ASN- ()

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21dd:6c00:8:48e:53c0:93a1 (None, )

ASN- ()

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f13:800:7780:8036:fe64:f036:acd6 (None, )

ASN- ()

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:808::200a (None, )

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80c::2003 (None, )

ASN- ()

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.12 (None, ) 1 redirects

ASN- ()

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.159.78.82 (None, ) 1 redirects

ASN- ()

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	sweepstake.com 1 redirects sweepstake.com — Cisco Umbrella Rank: 560011 www.sweepstake.com — Cisco Umbrella Rank: 569559	985 KB
39	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net googleads4.g.doubleclick.net	268 KB
27	googlesyndication.com 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 142	155 KB
9	google.com adservice.google.com — Cisco Umbrella Rank: 75 www.google.com — Cisco Umbrella Rank: 2	2 KB
8	adsafeprotected.com 1 redirects fw.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	94 KB
5	yahoo.com c2shb.ssp.yahoo.com pr-bh.ybp.yahoo.com	7 KB
5	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 3068 google-bidout-d.openx.net us-u.openx.net	1 KB
4	zemanta.com 3 redirects b1sync.zemanta.com	2 KB
4	sharethrough.com btlr.sharethrough.com	4 KB
4	adnxs.com 3 redirects ib.adnxs.com	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528	3 KB
3	gstatic.com www.gstatic.com	15 KB
3	onetag-sys.com 1 redirects onetag-sys.com	908 B
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 406 mug.criteo.com	7 KB
3	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 905 pixel.quantserve.com — Cisco Umbrella Rank: 423 cms.quantserve.com	11 KB
3	ezodn.com go.ezodn.com — Cisco Umbrella Rank: 7844 basher.ezodn.com — Cisco Umbrella Rank: 8264	94 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	emxdgt.com 2 redirects cs.emxdgt.com	624 B
2	1rx.io 2 redirects sync.1rx.io	2 KB
2	fksnk.com 2 redirects fksnk.com	1 KB
2	dotomi.com 2 redirects dclk-match.dotomi.com	977 B
2	adsrvr.org 2 redirects match.adsrvr.org	969 B
2	ezoic.com pb-server.ezoic.com	960 B
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 7394	238 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	88 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1122 id5-sync.com	14 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	20 KB
1	yieldmo.com 1 redirects ads.yieldmo.com	512 B
1	sonobi.com 1 redirects sync.go.sonobi.com	930 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	735 B
1	mxptint.net 1 redirects aep.mxptint.net	775 B
1	everesttech.net sync-tm.everesttech.net	177 B
1	contextweb.com bid.contextweb.com	190 B
1	pubmatic.com hbopenbid.pubmatic.com image4.pubmatic.com Failed	118 B
1	2mdn.net s0.2mdn.net	46 KB
1	uidapi.com prod.uidapi.com — Cisco Umbrella Rank: 3290	5 KB
1	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1273	9 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 6751	2 KB
1	sharedid.org id.sharedid.org — Cisco Umbrella Rank: 3489	904 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 673	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 3109	8 KB
1	qccerttest.com pxl.qccerttest.com — Cisco Umbrella Rank: 983	550 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 846	681 B
1	ip-adress.com wh.ip-adress.com — Cisco Umbrella Rank: 859404	351 B
0	ladsp.com Failed cr-p1.ladsp.com Failed
0	turn.com Failed r.turn.com Failed
175	46

	Domain	Requested by
39	www.sweepstake.com	www.sweepstake.com
19	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net google-bidout-d.openx.net 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
15	securepubads.g.doubleclick.net	www.sweepstake.com securepubads.g.doubleclick.net
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com googleads.g.doubleclick.net
12	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com googleads.g.doubleclick.net www.sweepstake.com
6	adservice.google.com	securepubads.g.doubleclick.net
4	dt.adsafeprotected.com	777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
4	b1sync.zemanta.com	3 redirects 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
4	btlr.sharethrough.com	go.ezodn.com
4	c2shb.ssp.yahoo.com	go.ezodn.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	www.gstatic.com	777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
3	onetag-sys.com	1 redirects go.ezodn.com
3	www.google.com	tpc.googlesyndication.com 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
3	777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	fonts.googleapis.com	777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
2	static.adsafeprotected.com	777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
2	cs.emxdgt.com	2 redirects
2	sync.1rx.io	2 redirects
2	fksnk.com	2 redirects
2	dclk-match.dotomi.com	2 redirects
2	us-u.openx.net	google-bidout-d.openx.net
2	match.adsrvr.org	2 redirects
2	pb-server.ezoic.com	go.ezodn.com
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	fw.adsafeprotected.com	1 redirects googleads.g.doubleclick.net
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects
2	esp.rtbhouse.com	www.sweepstake.com
2	www.googletagservices.com	777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
2	googleads.g.doubleclick.net	777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com www.sweepstake.com
2	basher.ezodn.com	www.sweepstake.com
2	www.google-analytics.com	www.sweepstake.com www.google-analytics.com
1	ads.yieldmo.com	1 redirects
1	sync.go.sonobi.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	aep.mxptint.net	1 redirects
1	cms.quantserve.com	777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
1	pr-bh.ybp.yahoo.com	google-bidout-d.openx.net
1	sync-tm.everesttech.net	google-bidout-d.openx.net
1	bid.contextweb.com	go.ezodn.com
1	hbopenbid.pubmatic.com	go.ezodn.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com
1	s0.2mdn.net	777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
1	id5-sync.com	cdn.id5-sync.com
1	prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	id.sharedid.org	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	pixel.quantserve.com	www.sweepstake.com
1	pxl.qccerttest.com	www.sweepstake.com
1	rules.quantcount.com	secure.quantserve.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	secure.quantserve.com	www.sweepstake.com
1	wh.ip-adress.com	www.sweepstake.com
1	go.ezodn.com	www.sweepstake.com
1	sweepstake.com	1 redirects
0	cr-p1.ladsp.com Failed
0	r.turn.com Failed
0	image4.pubmatic.com Failed
175	65

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.pinterest.com
www.ezoic.com

Subject Issuer	Validity	Valid
sweepstake.com R3	`2022-07-22` - `2022-10-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
wh.ip-adress.com R3	`2022-08-01` - `2022-10-30`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
qccerttest.com Amazon	`2022-04-04` - `2023-05-03`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2022-08-09` - `2022-11-07`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
id.sharedid.org Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh
invstatic101.creativecdn.com R3	`2022-07-29` - `2022-10-27`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.uidapi.com Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2022-07-29` - `2022-10-27`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-05-24` - `2023-06-22`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.ezoic.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-11` - `2023-05-18`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.contextweb.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-07` - `2023-05-08`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-02-03` - `2023-03-07`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-14` - `2022-12-07`	6 months	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.sweepstake.com/
Frame ID: A363E851F0D3BA9CE031B65FC52F85C7
Requests: 113 HTTP requests in this frame

Frame: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B7EF8155BA8B4DD03687C860DF1256CE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FFF357D35C6BB8DE31C1B0BD20D4019E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8D89347FAFAAB0B1204E67CFF825EDC9
Requests: 2 HTTP requests in this frame

Frame: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B5B7B8C2C96F9DFD9217E9553D494922
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COefRxCA_O0CGJfu98sBMAE&v=APEucNXhHm9i1nxALyoh-21QzcyinIxygWRFPONVrMrxO8rcUHgvFNCUWJGsDQWYVjYu48B4dnCCfKRkGR4QcfRrbrIoNNF7ew
Frame ID: 6CF4BCAD5703F1ECA89C9F4B34F51019
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.sweepstake.com
Frame ID: FCFCE6A3BF0DFA4F1F64694F58BC5D88
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: DC20C4EF737500B118BA00756B0FF213
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 31B49CE200338F05146A2F9D60172DD3
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 823E4357BE1801AD8494321E4686E3E7
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 37C9DC9566968C70BD5110AD30DFC893
Requests: 1 HTTP requests in this frame

Frame: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5FC30584964121A149D0495CCBB07B16
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: E6C4D5B4E7A6FF82F76714F99EBD9FFA
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 389743546CA18B8690B56C6013D1B44A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Frame ID: DBEFDF966176F4C669FA143956307C7F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sweepstakes, Contests, Giveaways & More! Sweepstake.com

Page URL History Show full URLs

http://sweepstake.com/ HTTP 301
https://www.sweepstake.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

175
Requests

86 %
HTTPS

41 %
IPv6

46
Domains

65
Subdomains

48
IPs

3
Countries

1870 kB
Transfer

3703 kB
Size

33
Cookies

43 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127550%2Fsimon-management-s-michael-kors-sweepstakes-win-1-of-5-500-michael-kors-gift-cards

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Sweepstakes%2C%20Contests%2C%20Giveaways%20%26%20More!%20Sweepstake.com&url=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127550%2Fsimon-management-s-michael-kors-sweepstakes-win-1-of-5-500-michael-kors-gift-cards

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/link/?url=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127550%2Fsimon-management-s-michael-kors-sweepstakes-win-1-of-5-500-michael-kors-gift-cards&media=https%3A%2F%2Fwww.sweepstake.com%2Fmedia%2Fl%2Fsimon-management-s-michael-kors-sweepstakes-win-1-of-5-500-michael-kors-gift-cards-50940.jpg&description=Sweepstakes%2C%20Contests%2C%20Giveaways%20%26%20More!%20Sweepstake.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127547%2Fwarner-bros-harry-potter-vr-sweepstakes-win-a-trip-for-4-to-new-york-for-a-harry-potter-vr-experienc

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Sweepstakes%2C%20Contests%2C%20Giveaways%20%26%20More!%20Sweepstake.com&url=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127547%2Fwarner-bros-harry-potter-vr-sweepstakes-win-a-trip-for-4-to-new-york-for-a-harry-potter-vr-experienc

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/link/?url=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127547%2Fwarner-bros-harry-potter-vr-sweepstakes-win-a-trip-for-4-to-new-york-for-a-harry-potter-vr-experienc&media=https%3A%2F%2Fwww.sweepstake.com%2Fmedia%2Fl%2Fwarner-bros-harry-potter-vr-sweepstakes-win-a-trip-for-4-to-new-york-for-a-harry-potter-vr-experienc-50937.jpg&description=Sweepstakes%2C%20Contests%2C%20Giveaways%20%26%20More!%20Sweepstake.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127543%2Frefresh-your-round-giveaway-win-promo-codes-and-instacart-gift-card

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Sweepstakes%2C%20Contests%2C%20Giveaways%20%26%20More!%20Sweepstake.com&url=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127543%2Frefresh-your-round-giveaway-win-promo-codes-and-instacart-gift-card

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/link/?url=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127543%2Frefresh-your-round-giveaway-win-promo-codes-and-instacart-gift-card&media=https%3A%2F%2Fwww.sweepstake.com%2Fmedia%2Fl%2Frefresh-your-round-giveaway-win-promo-codes-and-instacart-gift-card-50933.jpg&description=Sweepstakes%2C%20Contests%2C%20Giveaways%20%26%20More!%20Sweepstake.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127545%2Fbe-one-of-5-lucky-winners-in-the-hoover-fall-bundle-sweepstakes

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Sweepstakes%2C%20Contests%2C%20Giveaways%20%26%20More!%20Sweepstake.com&url=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127545%2Fbe-one-of-5-lucky-winners-in-the-hoover-fall-bundle-sweepstakes

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/link/?url=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127545%2Fbe-one-of-5-lucky-winners-in-the-hoover-fall-bundle-sweepstakes&media=https%3A%2F%2Fwww.sweepstake.com%2Fmedia%2Fl%2Fbe-one-of-5-lucky-winners-in-the-hoover-fall-bundle-sweepstakes-50935.jpg&description=Sweepstakes%2C%20Contests%2C%20Giveaways%20%26%20More!%20Sweepstake.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127548%2Fcetaphil-75-years-of-innovation-sweepstakes-and-instant-win-game-win-10-000-or-250-cash

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Sweepstakes%2C%20Contests%2C%20Giveaways%20%26%20More!%20Sweepstake.com&url=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127548%2Fcetaphil-75-years-of-innovation-sweepstakes-and-instant-win-game-win-10-000-or-250-cash

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/link/?url=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127548%2Fcetaphil-75-years-of-innovation-sweepstakes-and-instant-win-game-win-10-000-or-250-cash&media=https%3A%2F%2Fwww.sweepstake.com%2Fmedia%2Fl%2Fcetaphil-75-years-of-innovation-sweepstakes-and-instant-win-game-win-10-000-or-250-cash-50938.jpg&description=Sweepstakes%2C%20Contests%2C%20Giveaways%20%26%20More!%20Sweepstake.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127535%2Foutdoor-element-get-outdoors-giveaway-win-1-000-worth-of-outdoor-gear

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Sweepstakes%2C%20Contests%2C%20Giveaways%20%26%20More!%20Sweepstake.com&url=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127535%2Foutdoor-element-get-outdoors-giveaway-win-1-000-worth-of-outdoor-gear

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/link/?url=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127535%2Foutdoor-element-get-outdoors-giveaway-win-1-000-worth-of-outdoor-gear&media=https%3A%2F%2Fwww.sweepstake.com%2Fmedia%2Fl%2Foutdoor-element-get-outdoors-giveaway-win-1-000-worth-of-outdoor-gear-50925.jpg&description=Sweepstakes%2C%20Contests%2C%20Giveaways%20%26%20More!%20Sweepstake.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127546%2Fdiscount-filters-getaway-giveaway-win-a-500-airbnb-gift-card

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Sweepstakes%2C%20Contests%2C%20Giveaways%20%26%20More!%20Sweepstake.com&url=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127546%2Fdiscount-filters-getaway-giveaway-win-a-500-airbnb-gift-card

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/link/?url=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127546%2Fdiscount-filters-getaway-giveaway-win-a-500-airbnb-gift-card&media=https%3A%2F%2Fwww.sweepstake.com%2Fmedia%2Fl%2Fdiscount-filters-getaway-giveaway-win-a-500-airbnb-gift-card-50936.jpg&description=Sweepstakes%2C%20Contests%2C%20Giveaways%20%26%20More!%20Sweepstake.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127538%2Fone-potato-back-to-school-giveaway-win-back-to-school-prize-packs

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Sweepstakes%2C%20Contests%2C%20Giveaways%20%26%20More!%20Sweepstake.com&url=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127538%2Fone-potato-back-to-school-giveaway-win-back-to-school-prize-packs

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/link/?url=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127538%2Fone-potato-back-to-school-giveaway-win-back-to-school-prize-packs&media=https%3A%2F%2Fwww.sweepstake.com%2Fmedia%2Fl%2Fone-potato-back-to-school-giveaway-win-back-to-school-prize-packs-50928.jpg&description=Sweepstakes%2C%20Contests%2C%20Giveaways%20%26%20More!%20Sweepstake.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127056%2Ffj-style-tailgate-season-giveaway-win-a-yeti-cooler-colster-can-insulator-tumbler-chairs-and-more

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Sweepstakes%2C%20Contests%2C%20Giveaways%20%26%20More!%20Sweepstake.com&url=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127056%2Ffj-style-tailgate-season-giveaway-win-a-yeti-cooler-colster-can-insulator-tumbler-chairs-and-more

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/link/?url=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127056%2Ffj-style-tailgate-season-giveaway-win-a-yeti-cooler-colster-can-insulator-tumbler-chairs-and-more&media=https%3A%2F%2Fwww.sweepstake.com%2Fmedia%2Fl%2Ffj-style-tailgate-season-giveaway-win-a-yeti-cooler-colster-can-insulator-tumbler-chairs-and-more-50422.jpg&description=Sweepstakes%2C%20Contests%2C%20Giveaways%20%26%20More!%20Sweepstake.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127428%2Ffloor-and-decor-pro-appreciation-month-sweepstakes-win-a-53-000-chevrolet-silverado-cargo-trailer

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Sweepstakes%2C%20Contests%2C%20Giveaways%20%26%20More!%20Sweepstake.com&url=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127428%2Ffloor-and-decor-pro-appreciation-month-sweepstakes-win-a-53-000-chevrolet-silverado-cargo-trailer

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/link/?url=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127428%2Ffloor-and-decor-pro-appreciation-month-sweepstakes-win-a-53-000-chevrolet-silverado-cargo-trailer&media=https%3A%2F%2Fwww.sweepstake.com%2Fmedia%2Fl%2Ffloor-and-decor-pro-appreciation-month-sweepstakes-win-a-53-000-chevrolet-silverado-cargo-trailer-50809.jpg&description=Sweepstakes%2C%20Contests%2C%20Giveaways%20%26%20More!%20Sweepstake.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F126892%2Fparadiseweddings-com-wedding-in-paradise-giveaway-win-a-10-000-destination-wedding-in-mexico

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Sweepstakes%2C%20Contests%2C%20Giveaways%20%26%20More!%20Sweepstake.com&url=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F126892%2Fparadiseweddings-com-wedding-in-paradise-giveaway-win-a-10-000-destination-wedding-in-mexico

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/link/?url=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F126892%2Fparadiseweddings-com-wedding-in-paradise-giveaway-win-a-10-000-destination-wedding-in-mexico&media=https%3A%2F%2Fwww.sweepstake.com%2Fmedia%2Fl%2Fparadiseweddings-com-wedding-in-paradise-giveaway-win-a-10-000-destination-wedding-in-mexico-50254.jpg&description=Sweepstakes%2C%20Contests%2C%20Giveaways%20%26%20More!%20Sweepstake.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127297%2Fwheel-of-fortune-sweepstakes-xl-vacay-and-40k-giveaways-win-40-000-cash-or-1-of-6-free-trips

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Sweepstakes%2C%20Contests%2C%20Giveaways%20%26%20More!%20Sweepstake.com&url=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127297%2Fwheel-of-fortune-sweepstakes-xl-vacay-and-40k-giveaways-win-40-000-cash-or-1-of-6-free-trips

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/link/?url=https%3A%2F%2Fwww.sweepstake.com%2Fdirectory%2F127297%2Fwheel-of-fortune-sweepstakes-xl-vacay-and-40k-giveaways-win-40-000-cash-or-1-of-6-free-trips&media=https%3A%2F%2Fwww.sweepstake.com%2Fmedia%2Fl%2Fwheel-of-fortune-sweepstakes-xl-vacay-and-40k-giveaways-win-40-000-cash-or-1-of-6-free-trips-50672.jpg&description=Sweepstakes%2C%20Contests%2C%20Giveaways%20%26%20More!%20Sweepstake.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Sweepstakecom-1815843731972041/
Title: Visit our Facebook Fan page

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sweepstakefans/
Title: Follow Sweepstake.com on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/sweepstake_com
Title: Follow @sweepstake_com on Twitter

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/sweepstakecom/
Title: Follow Sweepstake.com on Pinterest

Search URL Search Domain Scan URL

URL: https://www.ezoic.com/what-is-ezoic/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.sweepstake.com%2F
Title: share

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Sweepstakes%2C%20Contests%2C%20Giveaways%20%26%20More!%20Sweepstake.com&url=https%3A%2F%2Fwww.sweepstake.com%2F
Title: tweet

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sweepstake.com/ HTTP 301
https://www.sweepstake.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 101

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sweepstake.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sweepstake.com%2F&rid=esp&cc=1

Request Chain 103

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECUBntXYl75baT7phSy8Zuw&google_cver=1

Request Chain 104

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyNuZJvWFqZ2R70ojLL7BwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECUBntXYl75baT7phSy8Zuw&google_cver=1

Request Chain 105

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGe1ne22xcwv_4bG2C1aZ4g&google_cver=1

Request Chain 106

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE3ODAzNTM1ODc0NDA4NjQ%3D

Request Chain 113

https://gum.criteo.com/sid/json?origin=publishertagids&domain=sweepstake.com&sn=ChromeSyncframe&so=0&topUrl=www.sweepstake.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=m1sLtnxIQlJWOGlCa01mQ0xQVzIzcWJrY3FMVlE4azk3elFEa1RkLzZsOTF3dHF4ejdTVENYQldDSEt4NkU0L3BrT3FhOTZCZFBYeEwvY0o0UG1nNGFYb0JMTWNQNWE4dmFuQzhoT0M5ajJhcjF1UE01MU4zbGNTSFZZWEM0L3k0WW5Tc0pTNlVnUUxZYzVNUFh1d0k5WUY1TlAycmNUeXdmbUJObEdHSVFrL09xK1lYcHhlR1dqTmpoaTB1WENCZDgwMGtIM3l6MkJpeEU1OWRkT1NYQjBMN1d6eG1KSDZMQ2tueDRLT0hlSnUyT0w0bGRGZmFhNGovN2dKbDUwdGNJWmVhNFl5ejVkVU1aZGdVOG1UdVpyODlsZz09fA&cppv=2

Request Chain 133

https://match.adsrvr.org/track/cmf/openx?oxid=ea7936d0-2a40-7af6-c810-d32124a0b6b8&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=ea7936d0-2a40-7af6-c810-d32124a0b6b8&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=84563276-a2b1-45b0-b827-2c716f93cb51&ttd_puid=ea7936d0-2a40-7af6-c810-d32124a0b6b8&gdpr=0&gdpr_consent=

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM50NlYvya1OH0f-DPynbvs&google_cver=1

Request Chain 137

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEC4WX3HA15gAu_NxQ0jA2n0&google_cver=1&google_push=AZmPxg_8e_tPALCMPse1wPRXjuRYpZljdlAghJ7zBqiOhG7XVU3FO91zDgxJWp99Mrlf-ZViA-e5fjjHIrnwyT_g4LizS-8nkJMenbypTmwkRT3KFoOg8xAXlC1PS7_8VKzsS2VAbvoPU4F6kuonx0ZJHbc HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=3cbca9ba4cc51852&is_secure=true&networkId=14000&version=1&google_gid=CAESEC4WX3HA15gAu_NxQ0jA2n0&google_cver=1&google_push=AZmPxg_8e_tPALCMPse1wPRXjuRYpZljdlAghJ7zBqiOhG7XVU3FO91zDgxJWp99Mrlf-ZViA-e5fjjHIrnwyT_g4LizS-8nkJMenbypTmwkRT3KFoOg8xAXlC1PS7_8VKzsS2VAbvoPU4F6kuonx0ZJHbc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHEnyXSq2RZQMvpp3IAAAAAAA&expiration=1663352805&google_cver=1&is_secure=true&google_gid=CAESEC4WX3HA15gAu_NxQ0jA2n0&google_push=AZmPxg_8e_tPALCMPse1wPRXjuRYpZljdlAghJ7zBqiOhG7XVU3FO91zDgxJWp99Mrlf-ZViA-e5fjjHIrnwyT_g4LizS-8nkJMenbypTmwkRT3KFoOg8xAXlC1PS7_8VKzsS2VAbvoPU4F6kuonx0ZJHbc

Request Chain 138

https://aep.mxptint.net/sn.ashx?google_gid=CAESEA3bc1f1YOuzkYnAfKminBE&google_cver=1&google_push=AZmPxg_YIDgYUXpxe1ZuCIfK_SXDxq0nFKVJv7MmK54GZe0bUy9uFrLzX6q0iBUenv7L2WpFBo1c_dDuUwdZpYXai3SAVTV6sMnL1oRW7nxmRW8MMMq4QR5-6PxD4RKQ7gH655eqLpLyltzZvG24oSHx5Aw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AZmPxg_YIDgYUXpxe1ZuCIfK_SXDxq0nFKVJv7MmK54GZe0bUy9uFrLzX6q0iBUenv7L2WpFBo1c_dDuUwdZpYXai3SAVTV6sMnL1oRW7nxmRW8MMMq4QR5-6PxD4RKQ7gH655eqLpLyltzZvG24oSHx5Aw&google_hm=UjFENTMwX0Y2NDI5NTRDXzcwMzNGOUFG

Request Chain 139

https://fksnk.com/cs/google?google_gid=CAESEBp40Tp_N2m6VLoey84lHx0&google_cver=1&google_push=AZmPxg8UlY18nf3MvXXV-AvB9mS6FuBDLadzAtzFalNJIgGDKiw78cHwP6SYHcPQw8qgC0g6mRNrHL6d25hev99ZND1OR26qTJmmGS0-WxDsRaP4IXMfxbCFv8znfPRwl5Rcr3b8ixyHLhX3vX75bqlS_w0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RUU2RkMwRjNBMzVFNEEzNw==

Request Chain 140

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESECLbKUsJrOi4rq30pQ5B-dY&google_cver=1&google_push=AZmPxg_n68T26e1wdcOnQm-LzOMVUWbQi4G7ks0uR-MrEu3EBY43rfTJu6vzqogx8ZvU-9eKJaNu4jMnIKCA2YDzGEQf3J-xBowulEX6HGdKkZLHHioPaRBeKXzJZXNG2Ve7Y-_qhpfaS6i1DjVxbfa2DS8 HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg_n68T26e1wdcOnQm-LzOMVUWbQi4G7ks0uR-MrEu3EBY43rfTJu6vzqogx8ZvU-9eKJaNu4jMnIKCA2YDzGEQf3J-xBowulEX6HGdKkZLHHioPaRBeKXzJZXNG2Ve7Y-_qhpfaS6i1DjVxbfa2DS8&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1663266405258 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-01793fac-0e35-46f5-918a-db25ba9bc556-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg_n68T26e1wdcOnQm-LzOMVUWbQi4G7ks0uR-MrEu3EBY43rfTJu6vzqogx8ZvU-9eKJaNu4jMnIKCA2YDzGEQf3J-xBowulEX6HGdKkZLHHioPaRBeKXzJZXNG2Ve7Y-_qhpfaS6i1DjVxbfa2DS8%26google_hm%3DBQF5P6wONUb1kYrbJbqbxVY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg_n68T26e1wdcOnQm-LzOMVUWbQi4G7ks0uR-MrEu3EBY43rfTJu6vzqogx8ZvU-9eKJaNu4jMnIKCA2YDzGEQf3J-xBowulEX6HGdKkZLHHioPaRBeKXzJZXNG2Ve7Y-_qhpfaS6i1DjVxbfa2DS8&google_hm=BQF5P6wONUb1kYrbJbqbxVY

Request Chain 141

https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEM_OXdjdQa0sKc8qGPWdErw&google_cver=1&google_push=AZmPxg-UZ2lDCMARp1VY03jSosF44AwfgJpManvlKSJHs5WGZt0ra1vDrvnJIPhsL_dVOX8eHTgE1TVF58mdRS_rVnnc6DwmI0Zg8lZM6xjny5Xc2o5eH-cHB887cceCDrt3dejSxiHwtJF5Ei1Zak2mXmg HTTP 302
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Demx_eb%26google_hm%3DNTM1MTE2NjMyNjY0MDUyMDE0NzdhMw%3D%3D&b64_redirect=aHR0cHM6Ly9jbS5nLmRvdWJsZWNsaWNrLm5ldC9waXhlbD9nb29nbGVfbmlkPWVteF9lYiZnb29nbGVfaG09TlRNMU1URTJOak15TmpZME1EVXlNREUwTnpkaE13PT0=&ssp=google_ob HTTP 302
https://cs.emxdgt.com/umcheck?apnxid=71780353587440864&redirect=https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTM1MTE2NjMyNjY0MDUyMDE0NzdhMw==&b64_redirect=aHR0cHM6Ly9jbS5nLmRvdWJsZWNsaWNrLm5ldC9waXhlbD9nb29nbGVfbmlkPWVteF9lYiZnb29nbGVfaG09TlRNMU1URTJOak15TmpZME1EVXlNREUwTnpkaE13PT0=&ssp=google_ob HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTM1MTE2NjMyNjY0MDUyMDE0NzdhMw==

Request Chain 142

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEIqDFPRh6zCqr-CV28A6kZQ&google_cver=1&google_push=AZmPxg9bpHbfiAHA8_Yf5K2-j949oTA4GlUNXYW8cKBzIjIJ4-HtQZDuqDygDPVHUvSC0sp8S3BiUJ0rN7ykuwNTll8ohhF_w_TT8Hff6MTUwzhRWxbAGOoVpl9ocRzk4KXM0SkMw30eS_qJGkwgFO8iiFw HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEIqDFPRh6zCqr-CV28A6kZQ&google_push=AZmPxg9bpHbfiAHA8_Yf5K2-j949oTA4GlUNXYW8cKBzIjIJ4-HtQZDuqDygDPVHUvSC0sp8S3BiUJ0rN7ykuwNTll8ohhF_w_TT8Hff6MTUwzhRWxbAGOoVpl9ocRzk4KXM0SkMw30eS_qJGkwgFO8iiFw&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9bpHbfiAHA8_Yf5K2-j949oTA4GlUNXYW8cKBzIjIJ4-HtQZDuqDygDPVHUvSC0sp8S3BiUJ0rN7ykuwNTll8ohhF_w_TT8Hff6MTUwzhRWxbAGOoVpl9ocRzk4KXM0SkMw30eS_qJGkwgFO8iiFw&google_hm=bUhMR2otSVpRSGR5MHgydGdmNC0= HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5

Request Chain 145

https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=1---&cb=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F399%253Fgdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D1---%2526A%253Df4a97b0c-26e8-4f62-bf60-3d819e05a3d1%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9wYi1zZXJ2ZXIuZXpvaWMuY29tL3NldHVpZD9iaWRkZXI9YW14JmdkcHI9JmdkcHJfY29uc2VudD0mZj1pJnVpZD0%25253D%2526uid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F399%253Fgdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D1---%2526A%253Df4a97b0c-26e8-4f62-bf60-3d819e05a3d1%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9wYi1zZXJ2ZXIuZXpvaWMuY29tL3NldHVpZD9iaWRkZXI9YW14JmdkcHI9JmdkcHJfY29uc2VudD0mZj1pJnVpZD0%25253D%2526uid%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjEyOTQ2Q0MtNDZGOS00MjgyLUJDRDAtRUZCNTIxQTE3QUM5&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F399%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Df4a97b0c-26e8-4f62-bf60-3d819e05a3d1%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9wYi1zZXJ2ZXIuZXpvaWMuY29tL3NldHVpZD9iaWRkZXI9YW14JmdkcHI9JmdkcHJfY29uc2VudD0mZj1pJnVpZD0%253D%26uid%3D212946CC-46F9-4282-BCD0-EFB521A17AC9

Request Chain 147

https://fw.adsafeprotected.com/rfw/st/1042606/63588122/4.js?ias_dspID=3&ias_campId=28355840&ias_pubId=pub-6396844742497208&ias_chanId=1&ias_placementId=17161437572&bidurl=https://www.sweepstake.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h3TSDwxOCYG26yo7H1LNGP&adContainerId=gcc_ZG4jY4iPIeGaoPMP2eyCwAw&cbFunctionName=goog_wrapCb_ZG4jY4iPIeGaoPMP2eyCwAw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.sweepstake.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:bd3cfb09-261a-2e84-b7df-a04bfbf18731,c:ojdHOQ,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-7699b55c4b-vdmxz,rg:va,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:thwQkAE+11%7C12%7C13*.1042606-63588122%7C131%7C132%7C133%7C14%7C15,idMap:13*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:21,oid:f3ce14ad-3523-11ed-908b-267426fd636a,v:19.8.351,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

Request Chain 173

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAVOlH3TkbFQh5nmD02CScE&google_cver=1&google_push=AZmPxg_4uxDQgtSiz_sZKtNJTcFkmqwKTRDqZqNIPbKJWB8dAO_nsiarNSAO6k9ALMFM65vBOn4v8geIdUx58QDiM050dAdEVrL1OgUIPbKmZXAvTjuD5sHg0TJ9XUHsRkoo4vGnMlvSMXpdJL8WdDlPBM0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODEyMzgyNTEyMzcyMDI4ODUyNA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAVOlH3TkbFQh5nmD02CScE&google_cver=1

Request Chain 174

https://cr-p1.ladsp.com/cookiesender/1?google_push=AZmPxg9b2919bAZzDzIwqeGNgeiaEwhjB0ACmoK___58sMpBkiawATzShkLiP1843AcQD-YxZxRGBFnswbE1rb8dotRkyWf-TASymTZdVig1qtZZZp9pRXD-qzHDYuHRc51I6VHecaFe6x9JFpv_nNNPHvY&google_gid=CAESEC6Ma6wkmIet-AOi0jdQCJA&google_cver=1 HTTP 302
https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AZmPxg9b2919bAZzDzIwqeGNgeiaEwhjB0ACmoK___58sMpBkiawATzShkLiP1843AcQD-YxZxRGBFnswbE1rb8dotRkyWf-TASymTZdVig1qtZZZp9pRXD-qzHDYuHRc51I6VHecaFe6x9JFpv_nNNPHvY&google_gid=CAESEC6Ma6wkmIet-AOi0jdQCJA&google_cver=1

Request Chain 175

https://fksnk.com/cs/google?google_gid=CAESEM6FFITgp-tFp2yQCD3KUWI&google_cver=1&google_push=AZmPxg8N13bTjJ0Uz_58-nXxtBgVLDdCDr0KIUd3jFA42MG3OHztzduPANVN5eWP0Z1i8GbSeN9B4nxrP9KWaq3qfhGyShhFlQ9B35nYcEHbVO-bjKC_Oy2xScAB44mgclii67vcX2g_vlxi9BrrwtHd8OI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RUU2RkMwRjNBMzVFNEEzNw==

Request Chain 176

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEAU2e2SGdOT2KvgIB2QAfiA&google_cver=1&google_push=AZmPxg_v4b21ZNvoo2qEFvFgpS1tVaT4PvMcgBlVRxz94U0xjEpKnuZ2RSqBQlz10-_3N2laUq_vT3rOUyuLZrE-gtkRJeZT4PZh-UMk21K3-CvoADk7rBy5v3p_1e3ws67DFvsOfHm1lNtxIs6pacYfTQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg_v4b21ZNvoo2qEFvFgpS1tVaT4PvMcgBlVRxz94U0xjEpKnuZ2RSqBQlz10-_3N2laUq_vT3rOUyuLZrE-gtkRJeZT4PZh-UMk21K3-CvoADk7rBy5v3p_1e3ws67DFvsOfHm1lNtxIs6pacYfTQ&google_hm=bUhMR2otSVpRSGR5MHgydGdmNC0=

Request Chain 177

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAZmPxg_JLdQ9zusT2mxa0Ld330RfD1vTntKiak_pbdVIjHzPwd2FdLATUtU5J6OgSBGinFFHAbGtR4ZlSSXARAfRwixGZW-jaiaMJywA7XMxxYmFn5xt5S50xiQxeaK4RYVz0xn-fmSY1j4mhYvZjDJDbw%26google_hm%3D%5BUID%5D&google_gid=CAESECWuQCPk_8Fp3qeYSH6GNzg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AZmPxg_JLdQ9zusT2mxa0Ld330RfD1vTntKiak_pbdVIjHzPwd2FdLATUtU5J6OgSBGinFFHAbGtR4ZlSSXARAfRwixGZW-jaiaMJywA7XMxxYmFn5xt5S50xiQxeaK4RYVz0xn-fmSY1j4mhYvZjDJDbw&google_hm=bad80289-3d0d-4ad8-b1a5-8e59fc65e75f

Request Chain 178

https://ads.yieldmo.com/exptsync?google_gid=CAESEF9q_-ml_nEah01NbzrKAMI&google_cver=1&google_push=AZmPxg9SROMkbhca0p2W_nOcpENE-pS2cMvFO2MXWIMh1OkKR-XhXAZiNAyCPdHzw0u8YqGEpSZIf9vvSLb1CkSYbXr-p4fwP-vlm-0ieOuDLZcC_Gk7o2m_cml4GFikg_lg6b0gbcdtFi0iIck2XYLOiQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg9SROMkbhca0p2W_nOcpENE-pS2cMvFO2MXWIMh1OkKR-XhXAZiNAyCPdHzw0u8YqGEpSZIf9vvSLb1CkSYbXr-p4fwP-vlm-0ieOuDLZcC_Gk7o2m_cml4GFikg_lg6b0gbcdtFi0iIck2XYLOiQ&google_hm=Z2ZlMzZiMTViYWJlZjY0MzVmYmM=

Request Chain 179

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMYVblTR0TFa-uzIJOjeV0c&google_cver=1&google_push=AZmPxg8f8Y-YHPBVmxN80kQPlYkFQR5Kk775Kenoh-lj6Y_ivQdWECt55RcEDd4ZlXjUg7oGmoKA_ZCizpeD_YXMkvF7n5reckgYUQi9deW0eohO3lLKd1IjkVzwnFAw97mAACaXdV3qAZtx7sIsz5DwLGal HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8f8Y-YHPBVmxN80kQPlYkFQR5Kk775Kenoh-lj6Y_ivQdWECt55RcEDd4ZlXjUg7oGmoKA_ZCizpeD_YXMkvF7n5reckgYUQi9deW0eohO3lLKd1IjkVzwnFAw97mAACaXdV3qAZtx7sIsz5DwLGal HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

175 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.sweepstake.com/
Redirect Chain

http://sweepstake.com/
https://www.sweepstake.com/

132 KB
32 KB

638ms
481ms

Document
text/html

35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sweepstake.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-60-16.compute-1.amazonaws.com

Software

Apache /

Resource Hash

20f7e2d3055aaa43a8475467f9d70a9e432328a06c3d6347345426aabcb741e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 15 Sep 2022 18:27:23 GMT
display: pub_site_sol
expires: Wed, 14 Sep 2022 18:26:39 GMT
pagespeed: off
response: 200
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-middleton-display: pub_site_sol
x-middleton-response: 200
x-sol: pub_site

Redirect headers

Cache-Control: max-age=1
Connection: Keep-Alive
Content-Length: 235
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 15 Sep 2022 18:27:23 GMT
Expires: Thu, 15 Sep 2022 18:27:24 GMT
Keep-Alive: timeout=5
Location: https://www.sweepstake.com/
Server: Apache

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
28 KB 225ms
82ms Script
text/javascript 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.sweepstake.com
URL: https://www.sweepstake.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax30s03-in-f2.1e100.net

Software

sffe /

Resource Hash

782e26f81e86b30ec4fe69bc4341cd6817ca4966e936769b64057dde69505cc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27681
x-xss-protection: 0
server: sffe
etag: "1335 / 267 of 1000 / last-modified: 1663240024"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 15 Sep 2022 18:26:39 GMT

GET
H2 200 dall.js Show response
go.ezodn.com/hb/ 302 KB
92 KB 143ms
56ms Script
application/javascript 2606:4700:3035::6815:48a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,nobid,onemobile,onetag,pubmatic,pulsepoint,sharethrough&cb=195-0-45
Requested by: Host: www.sweepstake.com
URL: https://www.sweepstake.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:48a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f257ac53524852020ca9a5012dfcf38b793a950b8cc210adb85d0df91e155cc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Sep 2022 11:09:07 GMT
server: cloudflare
age: 26252
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVIK8iNtOaFnUUrX1NCV%2FV0jI3Hix5bFfTDBDAuLA3K8%2FV%2By3f%2FNs5HtKxjKHx%2FmSxJ57pLLO0br41peoos1gjogM1MqIIZoP%2FUWq%2FVBDNJPl9hk%2FuLMHpmaM7HIyFCWOu8bUOjLmqIt7nI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b36976dc37da7f-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 fads.js Show response
www.sweepstake.com/porpoiseant/ 8 KB
2 KB 64ms
64ms Script
application/javascript 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sweepstake.com/porpoiseant/fads.js?gcb=195-0&cb=2
Requested by: Host: www.sweepstake.com
URL: https://www.sweepstake.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-60-16.compute-1.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: e256262d08e5cfdc75805c941beae5bd4920000f3bfa640d53048208b88da425

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:39 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 banger.js Show response
www.sweepstake.com/porpoiseant/ 52 KB
13 KB 71ms
64ms Script
application/javascript 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sweepstake.com/porpoiseant/banger.js?cb=195-0&bv=157&v=63&PageSpeed=off
Requested by: Host: www.sweepstake.com
URL: https://www.sweepstake.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-60-16.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5493aea9dfbfc47ce2b8cecc5f827ccd191abb335e109286f893e9f2a30ac9d7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:39 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
DATA 200
OK truncated
/ 0
0 Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Origin: https://www.sweepstake.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: application/font-woff2

GET
H2 200 opensans.css Show response
www.sweepstake.com/fonts/ 19 KB
14 KB 224ms
224ms XHR
text/css 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sweepstake.com/fonts/opensans.css

Requested by

Host: www.sweepstake.com
URL: https://www.sweepstake.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-60-16.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f73e90959cb244773f2c1c0f8a51f95c91719f4cc46a9a86b499a2c761ae2188

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:39 GMT
content-encoding: br
response: 200
last-modified: Wed, 14 Sep 2022 15:50:10 GMT
server: nginx
display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
etag: "4afe-5370681ebefe1-gzip-gzip"
vary: Accept-Encoding,Origin
content-type: text/css
x-middleton-display: staticcontent_sol, orig_site_sol
cache-control: public, max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-sol: orig
expires: Thu, 22 Sep 2022 18:27:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 212ms
65ms Script
text/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.sweepstake.com
URL: https://www.sweepstake.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5059
date: Thu, 15 Sep 2022 17:02:20 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 15 Sep 2022 19:02:20 GMT

GET
H2 200 shariff.complete.css
www.sweepstake.com/shariff/ 46 KB
9 KB 301ms
296ms Stylesheet
text/css 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sweepstake.com/shariff/shariff.complete.css?ff=1&wps=true

Requested by

Host: www.sweepstake.com
URL: https://www.sweepstake.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-60-16.compute-1.amazonaws.com

Software

nginx /

Resource Hash

cefa23d7fbbab0c9df178dd099405d8822bd69045b8ffa4400a563d4926b627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:40 GMT
content-encoding: br
response: 200
last-modified: Wed, 14 Sep 2022 15:50:10 GMT
server: nginx
display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
etag: "b6db-56cef1c3ed20b-gzip-gzip"
vary: Accept-Encoding,Origin
content-type: text/css
x-middleton-display: staticcontent_sol, orig_site_sol
cache-control: public, max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-sol: orig
expires: Thu, 22 Sep 2022 18:27:24 GMT

GET
H2 200 honest-baby-and-stonyfield-organic-yobaby-photo-contest-win-2-500-gift-cards-and-more-50911.jpg
www.sweepstake.com/media/l/ 26 KB
23 KB 246ms
236ms Image
image/jpeg 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sweepstake.com/media/l/honest-baby-and-stonyfield-organic-yobaby-photo-contest-win-2-500-gift-cards-and-more-50911.jpg

Requested by

Host: www.sweepstake.com
URL: https://www.sweepstake.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-60-16.compute-1.amazonaws.com

Software

Apache /

Resource Hash

e3925d05458b5a9717f4a329c38b34213d3ef0d3275e3262543e828ad29814bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:27:24 GMT
content-encoding: br
response: 200
last-modified: Wed, 14 Sep 2022 15:50:10 GMT
server: Apache
display: staticcontent_sol
x-middleton-response: 200
etag: "665a-5e89e7ad7e7c0-gzip"
vary: Accept-Encoding,Origin
content-type: image/jpeg
x-middleton-display: staticcontent_sol
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Sat, 15 Oct 2022 18:27:24 GMT

GET
H2 200 simon-management-s-michael-kors-sweepstakes-win-1-of-5-500-michael-kors-gift-cards-50940.jpg
www.sweepstake.com/media/l/ 28 KB
26 KB 255ms
245ms Image
image/jpeg 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sweepstake.com/media/l/simon-management-s-michael-kors-sweepstakes-win-1-of-5-500-michael-kors-gift-cards-50940.jpg

Requested by

Host: www.sweepstake.com
URL: https://www.sweepstake.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-60-16.compute-1.amazonaws.com

Software

Apache /

Resource Hash

dc7fefd4d56b1c512aa392edbe1978fabe1c216c902c53678649767ded813644

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:27:24 GMT
content-encoding: br
response: 200
last-modified: Thu, 15 Sep 2022 14:41:08 GMT
server: Apache
display: staticcontent_sol
x-middleton-response: 200
etag: "7092-5e8b83c6510a2-gzip"
vary: Accept-Encoding,Origin
content-type: image/jpeg
x-middleton-display: staticcontent_sol
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Sat, 15 Oct 2022 18:27:24 GMT

GET
H2 200 warner-bros-harry-potter-vr-sweepstakes-win-a-trip-for-4-to-new-york-for-a-harry-potter-vr-experienc-50937.jpg
www.sweepstake.com/media/l/ 132 KB
130 KB 360ms
351ms Image
image/jpeg 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sweepstake.com/media/l/warner-bros-harry-potter-vr-sweepstakes-win-a-trip-for-4-to-new-york-for-a-harry-potter-vr-experienc-50937.jpg

Requested by

Host: www.sweepstake.com
URL: https://www.sweepstake.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-60-16.compute-1.amazonaws.com

Software

Apache /

Resource Hash

6b04328351e6f710d4b28f0ae2fc5533397138b86fbd3fce7a1be4c267100376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:27:24 GMT
content-encoding: br
response: 200
last-modified: Thu, 15 Sep 2022 10:07:45 GMT
server: Apache
display: staticcontent_sol
x-middleton-response: 200
etag: "20e9c-5e8b46aac7e40-gzip"
vary: Accept-Encoding,Origin
content-type: image/jpeg
x-middleton-display: staticcontent_sol
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Sat, 15 Oct 2022 18:27:24 GMT

GET
H2 200 refresh-your-round-giveaway-win-promo-codes-and-instacart-gift-card-50933.jpg
www.sweepstake.com/media/l/ 32 KB
32 KB 274ms
265ms Image
image/jpeg 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sweepstake.com/media/l/refresh-your-round-giveaway-win-promo-codes-and-instacart-gift-card-50933.jpg

Requested by

Host: www.sweepstake.com
URL: https://www.sweepstake.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-60-16.compute-1.amazonaws.com

Software

nginx /

Resource Hash

ad17f917a0c9a881781b1855c747877e25e3419989e4cbe624dd9f3abac23dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:39 GMT
content-encoding: br
response: 200
last-modified: Thu, 15 Sep 2022 06:49:33 GMT
server: nginx
display: staticcontent_sol
x-middleton-response: 200
etag: "81cf-5e8b1a5daf940-gzip"
vary: Accept-Encoding,Origin
content-type: image/jpeg
x-middleton-display: staticcontent_sol
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Sat, 15 Oct 2022 18:27:24 GMT

GET
H2 200 be-one-of-5-lucky-winners-in-the-hoover-fall-bundle-sweepstakes-50935.jpg
www.sweepstake.com/media/l/ 106 KB
103 KB 360ms
351ms Image
image/jpeg 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sweepstake.com/media/l/be-one-of-5-lucky-winners-in-the-hoover-fall-bundle-sweepstakes-50935.jpg

Requested by

Host: www.sweepstake.com
URL: https://www.sweepstake.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-60-16.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5179ccc7d97ce359e09ca8c16391c4aa25995fe6e582803c8acbb3a3f1808485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:40 GMT
content-encoding: br
response: 200
last-modified: Thu, 15 Sep 2022 08:56:06 GMT
server: nginx
display: staticcontent_sol
x-middleton-response: 200
etag: "1a635-5e8b36a6ef580-gzip"
vary: Accept-Encoding,Origin
content-type: image/jpeg
x-middleton-display: staticcontent_sol
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Sat, 15 Oct 2022 18:27:24 GMT

GET
H2 200 cetaphil-75-years-of-innovation-sweepstakes-and-instant-win-game-win-10-000-or-250-cash-50938.jpg
www.sweepstake.com/media/l/ 71 KB
69 KB 336ms
328ms Image
image/jpeg 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sweepstake.com/media/l/cetaphil-75-years-of-innovation-sweepstakes-and-instant-win-game-win-10-000-or-250-cash-50938.jpg

Requested by

Host: www.sweepstake.com
URL: https://www.sweepstake.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-60-16.compute-1.amazonaws.com

Software

Apache /

Resource Hash

162082dad6efe05e8e32cccdaef4084c6ffb120d4bdbc49bb25a21189a1d091b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:27:24 GMT
content-encoding: br
response: 200
last-modified: Thu, 15 Sep 2022 13:56:49 GMT
server: Apache
display: staticcontent_sol
x-middleton-response: 200
etag: "11a7f-5e8b79df01fc0-gzip"
vary: Accept-Encoding,Origin
content-type: image/jpeg
x-middleton-display: staticcontent_sol
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Sat, 15 Oct 2022 18:27:24 GMT

GET
H2 200 outdoor-element-get-outdoors-giveaway-win-1-000-worth-of-outdoor-gear-50925.jpg
www.sweepstake.com/media/l/ 43 KB
42 KB 277ms
269ms Image
image/jpeg 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sweepstake.com/media/l/outdoor-element-get-outdoors-giveaway-win-1-000-worth-of-outdoor-gear-50925.jpg

Requested by

Host: www.sweepstake.com
URL: https://www.sweepstake.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-60-16.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f4ed6ab66a9f1fc0cf135ea3cdad365c16252b225936673b8302ed793bbc8590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:40 GMT
content-encoding: br
response: 200
last-modified: Thu, 15 Sep 2022 02:52:47 GMT
server: nginx
display: staticcontent_sol
x-middleton-response: 200
etag: "ab40-5e8ae571c9dc0-gzip"
vary: Accept-Encoding,Origin
content-type: image/jpeg
x-middleton-display: staticcontent_sol
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Sat, 15 Oct 2022 18:27:24 GMT

GET
H2 200 discount-filters-getaway-giveaway-win-a-500-airbnb-gift-card-50936.jpg
www.sweepstake.com/media/l/ 43 KB
43 KB 305ms
297ms Image
image/jpeg 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sweepstake.com/media/l/discount-filters-getaway-giveaway-win-a-500-airbnb-gift-card-50936.jpg

Requested by

Host: www.sweepstake.com
URL: https://www.sweepstake.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-60-16.compute-1.amazonaws.com

Software

Apache /

Resource Hash

f668055871b22aaa7f4e56da5ba56de46b4e657eab3ffcebf4298d23465a9ee1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:27:24 GMT
content-encoding: br
response: 200
last-modified: Thu, 15 Sep 2022 09:31:11 GMT
server: Apache
display: staticcontent_sol
x-middleton-response: 200
etag: "ade6-5e8b3e7e6b5c0-gzip"
vary: Accept-Encoding,Origin
content-type: image/jpeg
x-middleton-display: staticcontent_sol
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Sat, 15 Oct 2022 18:27:24 GMT

GET
H2 200 one-potato-back-to-school-giveaway-win-back-to-school-prize-packs-50928.jpg
www.sweepstake.com/media/l/ 55 KB
54 KB 396ms
389ms Image
image/jpeg 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sweepstake.com/media/l/one-potato-back-to-school-giveaway-win-back-to-school-prize-packs-50928.jpg

Requested by

Host: www.sweepstake.com
URL: https://www.sweepstake.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-60-16.compute-1.amazonaws.com

Software

nginx /

Resource Hash

2b972296698fe0e87dec1c9c59bfef10f53259fb019665bf1d5bb392c2319e9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:40 GMT
content-encoding: br
response: 200
last-modified: Thu, 15 Sep 2022 03:49:16 GMT
server: nginx
display: staticcontent_sol
x-middleton-response: 200
etag: "dd63-5e8af211ca700-gzip"
vary: Accept-Encoding,Origin
content-type: image/jpeg
x-middleton-display: staticcontent_sol
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Sat, 15 Oct 2022 18:27:24 GMT

GET
H2 200 fj-style-tailgate-season-giveaway-win-a-yeti-cooler-colster-can-insulator-tumbler-chairs-and-more-50422.jpg
www.sweepstake.com/media/l/ 115 KB
115 KB 418ms
412ms Image
image/jpeg 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sweepstake.com/media/l/fj-style-tailgate-season-giveaway-win-a-yeti-cooler-colster-can-insulator-tumbler-chairs-and-more-50422.jpg

Requested by

Host: www.sweepstake.com
URL: https://www.sweepstake.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-60-16.compute-1.amazonaws.com

Software

nginx /

Resource Hash

308d01e12679c189b14c3fbdc247e6616328876b7d94f870f12636034fce85d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:40 GMT
content-encoding: br
response: 200
last-modified: Wed, 14 Sep 2022 15:50:10 GMT
server: nginx
display: staticcontent_sol
x-middleton-response: 200
etag: "1cd56-5e6b644303680-gzip"
vary: Accept-Encoding,Origin
content-type: image/jpeg
x-middleton-display: staticcontent_sol
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Sat, 15 Oct 2022 18:27:24 GMT

GET
H2 200 floor-and-decor-pro-appreciation-month-sweepstakes-win-a-53-000-chevrolet-silverado-cargo-trailer-50809.jpg
www.sweepstake.com/media/l/ 43 KB
43 KB 396ms
390ms Image
image/jpeg 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sweepstake.com/media/l/floor-and-decor-pro-appreciation-month-sweepstakes-win-a-53-000-chevrolet-silverado-cargo-trailer-50809.jpg

Requested by

Host: www.sweepstake.com
URL: https://www.sweepstake.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-60-16.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d4ce63ce40a71e3a4074e3fb3a33deecef0ee49769b527848b0822f7f035103c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:40 GMT
content-encoding: br
response: 200
last-modified: Wed, 14 Sep 2022 15:50:10 GMT
server: nginx
display: staticcontent_sol
x-middleton-response: 200
etag: "add2-5e8435f6d3a40-gzip"
vary: Accept-Encoding,Origin
content-type: image/jpeg
x-middleton-display: staticcontent_sol
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Sat, 15 Oct 2022 18:27:24 GMT

GET
H2 200 paradiseweddings-com-wedding-in-paradise-giveaway-win-a-10-000-destination-wedding-in-mexico-50254.jpg
www.sweepstake.com/media/l/ 34 KB
34 KB 354ms
348ms Image
image/jpeg 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sweepstake.com/media/l/paradiseweddings-com-wedding-in-paradise-giveaway-win-a-10-000-destination-wedding-in-mexico-50254.jpg

Requested by

Host: www.sweepstake.com
URL: https://www.sweepstake.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-60-16.compute-1.amazonaws.com

Software

Apache /

Resource Hash

def0d8346ec2059f738529ed16024982b3c285cf97891325c72dda4afb6956c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:27:24 GMT
content-encoding: br
response: 200
last-modified: Wed, 14 Sep 2022 15:50:10 GMT
server: Apache
display: staticcontent_sol
x-middleton-response: 200
etag: "8961-5e60f2ac4ed00-gzip"
vary: Accept-Encoding,Origin
content-type: image/jpeg
x-middleton-display: staticcontent_sol
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Sat, 15 Oct 2022 18:27:24 GMT

GET
H2 200 wheel-of-fortune-sweepstakes-xl-vacay-and-40k-giveaways-win-40-000-cash-or-1-of-6-free-trips-50672.jpg
www.sweepstake.com/media/l/ 90 KB
90 KB 394ms
388ms Image
image/jpeg 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sweepstake.com/media/l/wheel-of-fortune-sweepstakes-xl-vacay-and-40k-giveaways-win-40-000-cash-or-1-of-6-free-trips-50672.jpg

Requested by

Host: www.sweepstake.com
URL: https://www.sweepstake.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-60-16.compute-1.amazonaws.com

Software

nginx /

Resource Hash

dc920e7cfdc23cfd3f92057ab7a80eb9dafe8d22d951045b58d12937511a5984

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:40 GMT
content-encoding: br
response: 200
last-modified: Wed, 14 Sep 2022 15:50:10 GMT
server: nginx
display: staticcontent_sol
x-middleton-response: 200
etag: "167b1-5e7b9ff8dc380-gzip"
vary: Accept-Encoding,Origin
content-type: image/jpeg
x-middleton-display: staticcontent_sol
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Sat, 15 Oct 2022 18:27:24 GMT

GET
H2 200 cmbv2.js Show response
www.sweepstake.com/detroitchicago/ 79 KB
24 KB 136ms
131ms Script
application/javascript 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sweepstake.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1fx21x2fx57x5bx62
Requested by: Host: www.sweepstake.com
URL: https://www.sweepstake.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-60-16.compute-1.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: f438ae2e9387171848edb4d5ba886cb9425656fa401b3489e4642c21ada675b9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:39 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H/1.1 200
OK c101
wh.ip-adress.com/ 43 B
351 B 542ms
176ms Image
image/gif 95.217.104.34
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wh.ip-adress.com/c101

Requested by

Host: www.sweepstake.com
URL: https://www.sweepstake.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.217.104.34 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h-hel-02.ipaddressnetwork.com

Software

Apache /

Resource Hash

adbd898659041a06390aec3d886c7669946739187af1dc74ddcc2963a1c8252a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 15 Sep 2022 18:26:40 GMT
Referrer-Policy: same-origin
Server: Apache
X-Frame-Options: sameorigin
Content-Type: image/gif
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5989f59c2a6d13449af8a23bfb56a7609c1c127e65687ff46e5c4d474e7d9a1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 259 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2bd5ebe077d0c4c231c119bc1f959a7510aba9334719908f1985d1bce902b9a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 367 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc3071836af1a842787e14996ae5654f4d36e2b8adf2a695ddde7d8caabd1b44

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 118 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d674aab606f7c6008645854a9dcad2637e3d3a0af1c259badcbfa91f746dc8be

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 328 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18b894a19490530dd59a66473c6331fb71bb224fb494d6e2e78423546bac1dd2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 284 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6238d0bcbbdf7b5c5b31d4b09dde4658bcc8c6e8a26bb6ff25d578e97ea63095

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 569 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5c6597c067a6e619f9ba5e6b9a085fb0ede59196d2900ca304d752728bf4cd3

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 478 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20347bc1628168110b9f0a20feb40784d54722fe12782cc14b8256e5680be0ac

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 325 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1302c371fac86ede2417616fc401e0a97ffa7b91d39a4d8890ab990e662fb770

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b0a5c6773dd49f99e95dafa902f22cf0e6ffe2537a2c7648235c7c519bd7540

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 174 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e2ab403ce0a5c3511c205a6fec337f8ec56812414e34bac95fe0b5f95d311b0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 shariff.complete.js Show response
www.sweepstake.com/shariff/ 48 KB
12 KB 270ms
269ms Script
application/javascript 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sweepstake.com/shariff/shariff.complete.js

Requested by

Host: www.sweepstake.com
URL: https://www.sweepstake.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-60-16.compute-1.amazonaws.com

Software

nginx /

Resource Hash

30066eb89e4346049eee402796f77632f26e40eb79637fd36f5ddf5dd0b6a639

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:40 GMT
content-encoding: br
response: 200
last-modified: Wed, 14 Sep 2022 15:50:10 GMT
server: nginx
display: staticcontent_sol
x-middleton-response: 200
etag: "be4c-56cef1c5528cb-gzip-gzip"
vary: Accept-Encoding,Origin
content-type: application/javascript
x-middleton-display: staticcontent_sol
cache-control: public, max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Thu, 22 Sep 2022 18:27:24 GMT

GET
H2 200 houston.js Show response
www.sweepstake.com/detroitchicago/ 5 KB
2 KB 63ms
62ms Script
application/javascript 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sweepstake.com/detroitchicago/houston.js?gcb=0&cb=28
Requested by: Host: www.sweepstake.com
URL: https://www.sweepstake.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-60-16.compute-1.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 67b95f39b615fffd291ff5f77103dc3171e7c845351a76b89588399e06869401

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:39 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 augusta.js Show response
www.sweepstake.com/detroitchicago/ 2 KB
990 B 67ms
66ms Script
application/javascript 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sweepstake.com/detroitchicago/augusta.js?cb=24
Requested by: Host: www.sweepstake.com
URL: https://www.sweepstake.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-60-16.compute-1.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: dcc0b6437eeec474b65774198371749c6e3f11c12b0bc14f3a971714d0d0e52b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:39 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 958

GET
H2 200 / Show response
basher.ezodn.com/ 3 KB
2 KB 63ms
62ms XHR
application/json 2606:4700:3031::ac43:bb22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basher.ezodn.com/?did=336327&bf=2400&dc=1254144
Requested by: Host: www.sweepstake.com
URL: https://www.sweepstake.com/porpoiseant/banger.js?cb=195-0&bv=157&v=63&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:bb22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09de5a449f485d76db4f6f5a5c416a7d1ece066b75e0ff846ff6268d06c20bd9

Request headers

Referer: https://www.sweepstake.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
X-PINGBACK: pingpong
Content-Type: application/json

Response headers

date: Thu, 15 Sep 2022 18:26:40 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.sweepstake.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tKKkvJ8xULlKkTIXBP3iV9z862CPKAc%2FVXdwWe5QGsTwzy8O74%2B4G4JWUhCVa0TRqqj3QNeFUdhmcocRVBLoEYMvV9Ozd4ZMQUy2IgvLWJTi5B2%2BpcEsAMu%2BGYRcRPDkbCGj7%2FIUOsENVihir3Qk"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
cache-control: public, max-age=84400
cf-ray: 74b369788ec56dd4-MIA
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 200 /
basher.ezodn.com/ Frame 0
0 143ms
42ms Preflight
application/json 2606:4700:3031::ac43:bb22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basher.ezodn.com/?did=336327&bf=2400&dc=1254144
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:bb22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-pingback
Access-Control-Request-Method: GET
Origin: https://www.sweepstake.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-pingback
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.sweepstake.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray: 74b369783e4e6dd4-MIA
content-length: 0
content-type: application/json
date: Thu, 15 Sep 2022 18:26:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IMAShAp7y27AWwhzlnL2jxTmTgy0hpWLS7yxOV8p7PT6pITQbI7bQZ8iSQm6qm%2FYVR%2BYd3PIEjhuNZ%2FUxG%2B3OA%2BccEiVtW2KEGAkHwuPh3tuOyGHKptxXYOKZMi5cPJa%2BTOwkVFWR5s42EN0Ew%2Bs"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding

GET
H2 200 nmash2.js
www.sweepstake.com/porpoiseant/ 23 KB
6 KB 64ms
63ms Other
application/javascript 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sweepstake.com/porpoiseant/nmash2.js?v=157
Requested by: Host: www.sweepstake.com
URL: https://www.sweepstake.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-60-16.compute-1.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 3572c5966d84f904eedb007c1b495c6e049fa6fc09dadc038147dbc79be38869

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:39 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=0, public
x-robots-tag: noindex

POST
H2 200 imp.gif
www.sweepstake.com/detroitchicago/ 43 B
243 B 81ms
80ms Ping
image/gif 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sweepstake.com/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A2%2C%22ad_count_adjustment%22%3A1%2C%22ad_lazyload_version%22%3A5%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%226%2C5%2C36%2C4%2C1%2C21%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A5%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A1%2C%22city%22%3A%22Miami%22%2C%22country%22%3A%22US%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A4%2C%22domain_id%22%3A336327%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A3%2C%22metro_code%22%3A528%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221006%2C1021%2C1100%2C1101%2C1111%2C1113%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%221e4e0900-8e8a-4c0d-5e2a-79076658456c%22%2C%22position_selection_id%22%3A0%2C%22postal_code%22%3A%2233018%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A82391%2C%22response_time_orig%22%3A308%2C%22serverid%22%3A%2244.204.93.24%3A27992%22%2C%22state%22%3A%22FL%22%2C%22sub_page_ad_positions%22%3A%221006%2C1100%2C1101%2C1111%2C1113%2C1320%22%2C%22t_epoch%22%3A1663266399%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fwww.sweepstake.com%2F%22%2C%22user_id%22%3A0%2C%22weather_precipitation%22%3A0%2C%22weather_summary%22%3A%22%22%2C%22weather_temperature%22%3A0%2C%22word_count%22%3A1474%2C%22worst_bad_word_level%22%3A0%7D
Requested by: Host: www.sweepstake.com
URL: https://www.sweepstake.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1fx21x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-60-16.compute-1.amazonaws.com
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:39 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
access-control-allow-methods: HEAD, PUT, POST, GET, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.sweepstake.com
x-middleton-display: imp_sol
access-control-max-age: 1728000
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
access-control-allow-headers: Content-Type
content-length: 49
expires: Wed, 14 Sep 2022 18:26:41 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 26 KB
10 KB 214ms
62ms Script
application/javascript 2620:116:800b:21:1456:d0e1:7db4:a56b
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.sweepstake.com
URL: https://www.sweepstake.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1fx21x2fx57x5bx62
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:1456:d0e1:7db4:a56b , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:40 GMT
content-encoding: gzip
etag: "eN3sxSgaav0x5wHLxGB1gQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 22 Sep 2022 18:26:40 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 cmbdv2.js Show response
www.sweepstake.com/detroitchicago/ 41 KB
10 KB 79ms
78ms Script
application/javascript 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sweepstake.com/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-8y0c-6y18-5y5c-22&cmbcb=108&sj=x03x0cx18x5c
Requested by: Host: www.sweepstake.com
URL: https://www.sweepstake.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-60-16.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ffaec87b853633a62ed1952e71f254d41774de9c75d17283a80cd26add436447

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:39 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 pubads_impl_2022091201.js Show response
securepubads.g.doubleclick.net/gpt/ 376 KB
128 KB 66ms
63ms Script
text/javascript 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax30s03-in-f2.1e100.net

Software

sffe /

Resource Hash

feb6fb7964ff50524c107524c1773ae1fa2a13d37c9c2c81a9a7c87da8c970b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131208
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 08:37:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Sep 2023 18:25:13 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 141 B
132 B 205ms
78ms XHR
application/json 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.sweepstake.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax30s03-in-f2.1e100.net

Software

cafe /

Resource Hash

d7f83c29bb0061d6c4725f31b1e0875470cbcd8afa34748e6416c06adeceef55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Sep 2022 18:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107
x-xss-protection: 0
expires: Thu, 15 Sep 2022 18:26:40 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 563782063f6a3aae694c017b31fd4cd2aa823e0203517cd66f2c1f9d0ab1d9e4

Request headers

Referer
Origin: https://www.sweepstake.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 78ms
77ms XHR
text/plain 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=464245169&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sweepstake.com%2F&ul=en-us&de=UTF-8&dt=Sweepstakes%2C%20Contests%2C%20Giveaways%20%26%20More!%20Sweepstake.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1862629787&gjid=1816888625&cid=2102761771.1663266400&tid=UA-16733124-6&_gid=1042558276.1663266400&_r=1&_slc=1&z=1599192908

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sweepstake.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sweepstake.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
441 B 192ms
69ms XHR
text/plain 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-16733124-6&cid=2102761771.1663266400&jid=1862629787&gjid=1816888625&_gid=1042558276.1663266400&_u=YEBAAEAAAAAAAC~&z=1717639882

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sweepstake.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 15 Sep 2022 18:26:40 GMT
content-type: text/plain
access-control-allow-origin: https://www.sweepstake.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-31iz6hfFutd16.js Show response
rules.quantcount.com/ 209 B
681 B 217ms
66ms Script
application/javascript 2600:9000:21dd:ec00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:ec00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df9439b47ccdbd052e6107e94e32b5746e10b400470beaca5d238ca6d32c605e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:11:31 GMT
via: 1.1 80bad22a3308bca7ca55a6da6a46dad4.cloudfront.net (CloudFront)
age: 910
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 209
last-modified: Sun, 28 Aug 2022 10:04:35 GMT
server: AmazonS3
etag: "2c2aa94f66b2314987910c0f30e6c098"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: EWR53-C2
accept-ranges: bytes
x-amz-cf-id: E6hLtxEZutph6YfdWcSYPC5YTQ2HHeREoLhkuT6so1_x_6-BRv9Ssg==

GET
H2 200 fa-brands-400.woff2
www.sweepstake.com/shariff/ 53 KB
53 KB 275ms
275ms Font
font/woff2 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sweepstake.com/shariff/fa-brands-400.woff2

Requested by

Host: www.sweepstake.com
URL: https://www.sweepstake.com/shariff/shariff.complete.css?ff=1&wps=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-60-16.compute-1.amazonaws.com

Software

Apache /

Resource Hash

5fd51333c2943efd4bb78d6dd5d374df2b79fdb6282c47083651afea48265d0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.sweepstake.com/shariff/shariff.complete.css?ff=1&wps=true
Origin: https://www.sweepstake.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:27:24 GMT
content-encoding: br
vary: Accept-Encoding,Origin
display: staticcontent_sol
x-middleton-display: staticcontent_sol
strict-transport-security: max-age=31536000; includeSubDomains; preload
response: 200
last-modified: Wed, 14 Sep 2022 15:50:10 GMT
server: Apache
etag: "d490-56cef1bb9850c-gzip"
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: https://www.sweepstake.com
x-middleton-response: 200
cache-control: public, max-age=3600
expires: Thu, 15 Sep 2022 18:27:25 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 222ms
85ms Script
application/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sweepstake.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Sep 2022 18:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
670 B 939ms
939ms XHR
text/plain 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=637597873105962&correlator=2237978806424035&eid=31068500%2C31068929%2C31068529%2C31067826&output=ldjh&gdfp_req=1&vrg=2022091201&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A10705829087%2Csweepstake_com-medrectangle-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=580x400&ifi=1&adks=1914102123&sfv=1-0-38&fsapi=false&prev_scp=a%3D%257C0%257C%26iid1%3D8529099445095412%26eid%3D8529099445095412%26t%3D134%26d%3D336327%26t1%3D134%26pvc%3D0%26ap%3D1021%26sap%3D1320%26as%3Drevenue%26plat%3D1%26bra%3Dmod67-c%26ic%3D1%26at%3Dmbf%26adr%3D398%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Dsweepstake_com-medrectangle-3-8529099445095412%26eb_br%3Ddc3573d5dc41abdf97751be02f53537f%26eba%3D1%26ebss%3D10061%2C10063%26asau%3D2038571177%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D800%26br2%3D400%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C168%2C0%2C67%2C0%2C168%2C168%2C168%2C157%2C201%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C1794%2C3430%2C3458%2C3460%2C3683%2C3676%2C15%2C16&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1663266400302&lmt=1663266400&dlt=1663266399703&idt=543&adxs=510&adys=1205&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sweepstake.com%2F&frm=20&vis=1&psz=1170x400&msz=580x400&fws=0&ohw=0&ga_vid=2102761771.1663266400&ga_sid=1663266400&ga_hid=464245169&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax30s03-in-f2.1e100.net

Software

cafe /

Resource Hash

84523a234ea14b95236b518c8ed1a0baf9550ab3557e0210c176837e700af542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 640
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sweepstake.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B7EF 6 KB
4 KB 231ms
83ms Document
text/html 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sweepstake.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 18:26:40 GMT
expires: Fri, 15 Sep 2023 18:26:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
570 B 663ms
663ms XHR
text/plain 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=637597873105962&correlator=632611170690722&eid=31068500%2C31068929%2C31068529%2C31067826&output=ldjh&gdfp_req=1&vrg=2022091201&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A10705829087%2Csweepstake_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=2&adks=407620194&sfv=1-0-38&fsapi=false&prev_scp=a%3D%257C0%257C%26iid1%3D1219289573162759%26eid%3D1219289573162759%26t%3D134%26d%3D336327%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod67-c%26ic%3D1%26at%3Dmbf%26adr%3D398%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dsweepstake_com-box-2-1219289573162759%26eb_br%3D6ac330e431a70c7d8ce9fb95aee95c72%26eba%3D1%26ebss%3D10061%2C10063%26asau%3D2038571177%26bv%3D18%26bvm%3D0%26bvr%3D8%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D750%26br2%3D350%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C168%2C0%2C4%2C0%2C193%2C196%2C20%2C71%2C30%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2339%2C3430%2C3458%2C3460%2C3683%2C3676%2C14%2C15%2C16&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1663266400313&lmt=1663266400&dlt=1663266399703&idt=543&adxs=315&adys=142&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sweepstake.com%2F&frm=20&vis=1&psz=1170x90&msz=970x90&fws=0&ohw=0&ga_vid=2102761771.1663266400&ga_sid=1663266400&ga_hid=464245169&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax30s03-in-f2.1e100.net

Software

cafe /

Resource Hash

f06f8e5aba2ef491c43a8ffab171d9db67617134095ce3ff2890cc3e500437dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 540
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sweepstake.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
600 B 667ms
667ms XHR
text/plain 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=637597873105962&correlator=2027984910506311&eid=31068500%2C31068929%2C31068529%2C31067826&output=ldjh&gdfp_req=1&vrg=2022091201&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A10705829087%2Csweepstake_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=3&adks=2277494672&sfv=1-0-38&fsapi=false&prev_scp=a%3D%257C0%257C%26iid1%3D5631579641116581%26eid%3D5631579641116581%26t%3D134%26d%3D336327%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod67-c%26ic%3D1%26at%3Dmbf%26adr%3D398%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dsweepstake_com-medrectangle-2-5631579641116581%26eb_br%3D26dfa00588543c52511429ade391f561%26eba%3D1%26ebss%3D10061%2C10063%26asau%3D2038571177%26bv%3D14%26bvm%3D0%26bvr%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D550%26br2%3D280%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C193%2C0%2C67%2C0%2C168%2C168%2C168%2C157%2C201%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2339%2C3054%2C3430%2C3457%2C3458%2C3460%2C3682%2C3683%2C3676%2C12%2C13%2C14%2C15%2C16&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1663266400317&lmt=1663266400&dlt=1663266399703&idt=543&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sweepstake.com%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=2102761771.1663266400&ga_sid=1663266400&ga_hid=464245169&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax30s03-in-f2.1e100.net

Software

cafe /

Resource Hash

1b59be9cdbe2f257e4e0e63d9e62e4f4c9b85f35107e26b87b283466daffa235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 570
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sweepstake.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
pxl.qccerttest.com/ 35 B
550 B 237ms
66ms Image
image/gif 2600:9000:21dd:e200:11:615:7240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pxl.qccerttest.com/pixel?r=1559334769;fpan=1;fpa=P0-1747333000-1663266400381;pbc=;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;ref=;cm=;gdpr=0;us_privacy=1---;d=sweepstake.com;dst=0;et=1663266400380;tzo=0;url=https%3A%2F%2Fwww.sweepstake.com%2F;ogl=url.https%3A%2F%2Fwww%252Esweepstake%252Ecom%2F%2Ctype.website%2Cimage.https%3A%2F%2Fwww%252Esweepstake%252Ecom%2Fimg%2Fsweepstakefans%252Ejpg

Requested by

Host: www.sweepstake.com
URL: https://www.sweepstake.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:e200:11:615:7240:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 06:12:54 GMT
via: 1.1 4b5889b0a8c8c6a870b430f05a4e162c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 44027
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000
content-length: 35
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "55d25e9dc950d5db4d53a3b195c046c6"
vary: Accept-Encoding, Origin
content-type: image/gif
x-amz-cf-pop: EWR53-C2
accept-ranges: bytes
x-amz-cf-id: 1YeVjtmbzvhZF9fUMNPcoxBBx3KUZB-1_7yP_1iccHK_dY6tp-y7Tg==

GET
H2 200 pixel;r=1912406153;labels=Domain.sweepstake_com%2CDomainId.336327;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fwww.sweepstake.com%2F;uht=2;fpan=0;fpa=P0-1747333000-1663266400381;pbc=;ns=0;ce=1;qjs=1;qv...
pixel.quantserve.com/ 35 B
371 B 67ms
64ms Image
image/gif 2620:116:800b:21:1456:d0e1:7db4:a56b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1912406153;labels=Domain.sweepstake_com%2CDomainId.336327;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fwww.sweepstake.com%2F;uht=2;fpan=0;fpa=P0-1747333000-1663266400381;pbc=;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;us_privacy=1---;ref=;d=sweepstake.com;dst=0;et=1663266400383;tzo=0;ogl=url.https%3A%2F%2Fwww%252Esweepstake%252Ecom%2F%2Ctype.website%2Cimage.https%3A%2F%2Fwww%252Esweepstake%252Ecom%2Fimg%2Fsweepstakefans%252Ejpg;ses=8b99d994-2446-4069-a07e-3f44c3d046dd

Requested by

Host: www.sweepstake.com
URL: https://www.sweepstake.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:1456:d0e1:7db4:a56b , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:40 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 228ms
88ms XHR
application/json 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022091201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d2dbcc5522f66a3e7dfb278e6bf6fbdbf761bb15dc54a5d559a644bb5e2b514

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Sep 2022 18:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11255
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 122ms
121ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Sep 2022 18:26:40 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 219ms
86ms Script
application/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sweepstake.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Sep 2022 18:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
785 B 604ms
604ms XHR
text/plain 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=637597873105962&correlator=2421609299434210&eid=31068500%2C31068929%2C31068529%2C31067826&output=ldjh&gdfp_req=1&vrg=2022091201&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A10705829087%2Csweepstake_com-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=4&adks=107121576&sfv=1-0-38&ists=1&fas=8&fsapi=false&prev_scp=bvr%3D0%26ap%3D9999%26ezoic%3D1%26eb_br%3D4552fb4beab2a055aec0d6113a8d9e42%26br1%3D7000%26ga%3D2497208%26iid1%3D7257474913133604%26tap%3Dsweepstake_com-pixel1-7257474913133604%26bra%3Dmod67-c%26ic%3D1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1663266400913&lmt=1663266400&dlt=1663266399703&idt=543&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sweepstake.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=2102761771.1663266400&ga_sid=1663266400&ga_hid=464245169&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax30s03-in-f2.1e100.net

Software

cafe /

Resource Hash

4a8d059afae13b975d3ed10313ca9765237480fd0e964862b8f02bd56a58af7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 755
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sweepstake.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads_2022091201.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 64ms
64ms Script
text/javascript 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022091201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax30s03-in-f2.1e100.net

Software

sffe /

Resource Hash

cb9f9582d696929ff38ac12ab9123a291e2baa8f82b62bf61c9225b708b4aa44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:49:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 275807
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13606
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 08:37:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 12 Sep 2023 13:49:53 GMT

GET
H2 204 greenoaks.gif Show response
www.sweepstake.com/detroitchicago/ 0
122 B 62ms
60ms XHR
text/plain 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sweepstake.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIxZTRlMDkwMC04ZThhLTRjMGQtNWUyYS03OTA3NjY1ODQ1NmMiLCJkb21haW5faWQiOiIzMzYzMjciLCJ0X2Vwb2NoIjoxNjYzMjY2Mzk5LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiMWU0ZTA5MDAtOGU4YS00YzBkLTVlMmEtNzkwNzY2NTg0NTZjIiwiZG9tYWluX2lkIjoiMzM2MzI3IiwidF9lcG9jaCI6MTY2MzI2NjM5OSwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjItMDktMTUifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxOCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI0In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIxZTRlMDkwMC04ZThhLTRjMGQtNWUyYS03OTA3NjY1ODQ1NmMiLCJkb21haW5faWQiOiIzMzYzMjciLCJ0X2Vwb2NoIjoxNjYzMjY2Mzk5LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIxZTRlMDkwMC04ZThhLTRjMGQtNWUyYS03OTA3NjY1ODQ1NmMiLCJkb21haW5faWQiOiIzMzYzMjciLCJ0X2Vwb2NoIjoxNjYzMjY2Mzk5LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfcHJpbWFyeV9zdWJ0YWciLCJ2YWwiOiJlbiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjFlNGUwOTAwLThlOGEtNGMwZC01ZTJhLTc5MDc2NjU4NDU2YyIsImRvbWFpbl9pZCI6IjMzNjMyNyIsInRfZXBvY2giOjE2NjMyNjYzOTksImRhdGEiOlt7Im5hbWUiOiJuYXZpZ2F0aW9uX3R5cGUiLCJ2YWwiOiIwIn0seyJuYW1lIjoicmVkaXJlY3RfY291bnQiLCJ2YWwiOiIwIn1dfV0=
Requested by: Host: www.sweepstake.com
URL: https://www.sweepstake.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1fx21x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-60-16.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Thu, 15 Sep 2022 18:26:41 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
server: nginx
vary: Accept-Encoding
expires: Wed, 14 Sep 2022 18:26:42 GMT

GET
H2 204 greenoaks.gif Show response
www.sweepstake.com/detroitchicago/ 0
44 B 63ms
60ms XHR
text/plain 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sweepstake.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIxZTRlMDkwMC04ZThhLTRjMGQtNWUyYS03OTA3NjY1ODQ1NmMiLCJkb21haW5faWQiOiIzMzYzMjciLCJ0X2Vwb2NoIjoxNjYzMjY2Mzk5LCJkYXRhIjpbeyJuYW1lIjoicGVyZl9pc190cmFja2VkIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfbmF2X3RvX2Nvbm5lY3QiLCJ2YWwiOiIzNDgifSx7Im5hbWUiOiJwZXJmX2Nvbm5lY3RfdG9fcmVzcF9zdGFydCIsInZhbCI6IjgyOSJ9LHsibmFtZSI6InBlcmZfcmVzcF90aW1lIiwidmFsIjoiNjAifSx7Im5hbWUiOiJwZXJmX2ludGVyYWN0aXZlIiwidmFsIjoiMTQ4In0seyJuYW1lIjoicGVyZl9jb250ZW50bG9hZGVkIiwidmFsIjoiMTQ4In0seyJuYW1lIjoicGVyZl9jb21wbGV0ZSIsInZhbCI6Ijg2MyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjFlNGUwOTAwLThlOGEtNGMwZC01ZTJhLTc5MDc2NjU4NDU2YyIsImRvbWFpbl9pZCI6IjMzNjMyNyIsInRfZXBvY2giOjE2NjMyNjYzOTksImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9wYWludCIsInZhbCI6IjEwMTAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIxZTRlMDkwMC04ZThhLTRjMGQtNWUyYS03OTA3NjY1ODQ1NmMiLCJkb21haW5faWQiOiIzMzYzMjciLCJ0X2Vwb2NoIjoxNjYzMjY2Mzk5LCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfY29udGVudGZ1bF9wYWludCIsInZhbCI6IjEwMTAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIxZTRlMDkwMC04ZThhLTRjMGQtNWUyYS03OTA3NjY1ODQ1NmMiLCJkb21haW5faWQiOiIzMzYzMjciLCJ0X2Vwb2NoIjoxNjYzMjY2Mzk5LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiMWU0ZTA5MDAtOGU4YS00YzBkLTVlMmEtNzkwNzY2NTg0NTZjIiwiZG9tYWluX2lkIjoiMzM2MzI3IiwidF9lcG9jaCI6MTY2MzI2NjM5OSwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZG93bmxpbmsiLCJ2YWwiOiIxMCJ9XX1d
Requested by: Host: www.sweepstake.com
URL: https://www.sweepstake.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1fx21x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-60-16.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Thu, 15 Sep 2022 18:26:41 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
server: nginx
vary: Accept-Encoding
expires: Wed, 14 Sep 2022 18:26:39 GMT

POST
H2 204 greenoaks.gif
www.sweepstake.com/detroitchicago/ 0
39 B 63ms
60ms Ping
text/plain 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sweepstake.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIxZTRlMDkwMC04ZThhLTRjMGQtNWUyYS03OTA3NjY1ODQ1NmMiLCJkb21haW5faWQiOiIzMzYzMjciLCJ0X2Vwb2NoIjoxNjYzMjY2Mzk5LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9ydHQiLCJ2YWwiOiIwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiMWU0ZTA5MDAtOGU4YS00YzBkLTVlMmEtNzkwNzY2NTg0NTZjIiwiZG9tYWluX2lkIjoiMzM2MzI3IiwidF9lcG9jaCI6MTY2MzI2NjM5OSwiZGF0YSI6W3sibmFtZSI6InRpbWVyX2ZpcnN0X2FkX3JlcXVlc3QiLCJ2YWwiOiIxMjU3In1dfV0=
Requested by: Host: www.sweepstake.com
URL: https://www.sweepstake.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1fx21x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-60-16.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: https://www.sweepstake.com
x-middleton-display: ezp_sol
date: Thu, 15 Sep 2022 18:26:40 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Wed, 14 Sep 2022 18:26:40 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FFF3 13 KB
5 KB 198ms
64ms Document
text/html 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sweepstake.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 429
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 18:19:32 GMT
expires: Fri, 15 Sep 2023 18:19:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8D89 783 B
1 KB 223ms
85ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b56bf844d9d6b61523bb6297c4838a8cc6857ffb32a9180d6787c0cd5681ed92

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tnqxWMMTSCu9XbGpxSfOmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sweepstake.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-tnqxWMMTSCu9XbGpxSfOmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 18:26:41 GMT
expires: Thu, 15 Sep 2022 18:26:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js Show response
pagead2.googlesyndication.com/bg/ Frame FFF3 36 KB
16 KB 200ms
67ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e410671658d1dc6f18d8bb5750b4099bd16eff40d2f57ac64a367c0ae27e4928

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 05:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 218066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16025
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Sep 2023 05:52:15 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8D89 0
0 194ms
85ms Image
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022091201&jk=637597873105962&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FFF3 0
10 B 65ms
64ms Image
text/plain 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?n32hMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 85ms
85ms Image
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022091201&jk=637597873105962&bg=!OTqlOn7NAAbG3AOo5tw7ACkAdvg8WlUUpkDwvB4ky3yl3mUGb_Ct0l2pPt5_x7BMwWzKnYIpxLsYZQIAAABhUgAAAANoAQcKAK-zpeG2bB4D2mojNC_W3yaqg0ZVrtiWo9trJMXAfEoosyT8mI1nZWjFJzI8-VsdHqBDfvhw2_a3LpEcZyJVrEhwn2Aq7ZaBzfsOqjHhJauiOGRZLZySPDAU9x42k8LV6nJOUOk1KTtsmfnmkJorQidanL9dasg2BWDgzrgaCPf3GlrRUlP5ugn6l8kYn0U14UkE0rgvAcXibJZig1OFYbuTsP4b6IcX3WRvvLPyvCTlmQLLjXHLNnyDQfo29Wtkewb7IvNtLraAkPAdqk4WkRQMB2QpGoOIRsaqFvr_nzpxYLDc2OZYa5AWpQ26YjEm-IHkiDfQamEDSWRWLmc6dT65Q3y0tF64TX9aobTysj6vcVOMz_JH5VI1csnkpHHeq_MFVrlZq93zj3i7CMEggejzZ0ho3xDhPWsBuyLzmOeam9u117vW51HtxJ95Mq-J8uCg6TEqkQhv5ofthrXAKJg_QDCwc5eXhpGDX4a-dVZVCu8qHYeMc240_c8S5iCv9Tb75YGTLEDA4VnjhZuijqcN54G9XStaH7JsW29vsi_pjcdabbhlrRswwTas6t87HFMNA538jrZuxB3V3sFFtifChjdz9a4UXtCF4RLMA2PUt-5v3HOWV8ga9CGzmAioXuweebuGTbsEGboqnY0x-HQ-GZNaxtyaXmoCnkjCs_7Q2zTRvTlfraH7B6KRYyh0jQChiCZO4tShwIZrAT0POijRpmrJueRsViH6YUiajvmnVLTmpL0rfRfN80xrfQ35UxdQufpA4zQNwHD9SqZBRvyF3ij-9N7iOUs-tSCEatC_mN_Yu_QvQ7Rfjvb5LPcIJ5Vtq9wuWEd_w5-ipNKd63Nl4yyD9jdlnMT8NkZtscPdkRufKRZL4FvQ5RDNrCjo3iA226Nw3iYSG_HZjX5tjPkEoHS7RXc7LUshuYN1bjwkStMiqYpq8CQhiock28JUyicuLA3uj2ALyoH0wDF0y9EB3o5ohkuSR082eBROVbvFARJrqAQZ_WNTtp1FqUgaNVfhuJqqA4g2p43WXVTz4fwc2PMjvJLCugHm0Csa0nXnpfDonLdC4toAS-RH6lBOmlMsnSWAW9E0BNTTwVI9V16IfU7HeG2HxrkIhz4Cj2q5rpRQ1D_KTMGigAMBVdFRAszYD_y9AMIXG0AbFv88fONhqnmPitodxZlZJxJfkg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 87ms
86ms Script
application/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sweepstake.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Sep 2022 18:26:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
727 B 839ms
838ms XHR
text/plain 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=637597873105962&correlator=2219204999634184&eid=31068500%2C31068929%2C31068529%2C31067826&output=ldjh&gdfp_req=1&vrg=2022091201&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A10705829087%2Csweepstake_com-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=5&adks=107121577&sfv=1-0-38&ists=1&fas=8&fsapi=false&prev_scp=bvr%3D0%26ap%3D9999%26ezoic%3D1%26eb_br%3D49d60519eec4f00cfb2d91dec1e48d41%2Cd48c5fce8698cb89b610d65b99900a9a%26br1%3D6000%26ga%3D2497208%26iid1%3D7257474913133604%26tap%3Dsweepstake_com-pixel1-7257474913133604%26bra%3Dmod67-c%26ic%3D2%26lb%3D7000&eri=1&sc=1&cookie=ID%3D857a339d9b7e2a5e-22ac894c3ed70097%3AT%3D1663266400%3AS%3DALNI_MYnAT0cnMC2WxsU0WJKQsFsiZJF8Q&gpic=UID%3D00000575aacc0478%3AT%3D1663266400%3ART%3D1663266400%3AS%3DALNI_MYup5V-2moTy8eIlXezCvH-Mju1VQ&abxe=1&dt=1663266403502&lmt=1663266403&dlt=1663266399703&idt=543&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sweepstake.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=APxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=2102761771.1663266400&ga_sid=1663266400&ga_hid=464245169&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax30s03-in-f2.1e100.net

Software

cafe /

Resource Hash

58a964a5882a9261bcbbf0d189f3f8357befc2c9c5a3dd3d90a7bbf97d06a5a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 696
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sweepstake.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1023 B
527 B 571ms
570ms XHR
text/plain 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=637597873105962&correlator=3350334521380457&eid=31068500%2C31068929%2C31068529%2C31067826&output=ldjh&gdfp_req=1&vrg=2022091201&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A10705829087%2Csweepstake_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=6&adks=407620194&sfv=1-0-38&ris=3&rcs=1&fsapi=false&prev_scp=a%3D%257C0%257C%26iid1%3D1219289573162759%26eid%3D1219289573162759%26t%3D134%26d%3D336327%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod67-c%26ic%3D2%26at%3Dmbf%26adr%3D398%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dsweepstake_com-box-2-1219289573162759%26eb_br%3D76163170a8636ae5b88417f095893e08%26eba%3D1%26ebss%3D10061%2C10063%26asau%3D2038571177%26bv%3D18%26bvm%3D0%26bvr%3D8%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D400%26br2%3D350%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C168%2C0%2C4%2C0%2C193%2C196%2C20%2C71%2C30%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2339%2C3430%2C3458%2C3460%2C3683%2C3676%2C14%2C15%2C16%2C2310%2C2765%2C3054%2C3455%2C3456%2C3457%2C3682%2C10%2C11%2C12%2C13%26lb%3D750%26reqt%3D1663266403511&eri=1&sc=1&cookie=ID%3D857a339d9b7e2a5e-22ac894c3ed70097%3AT%3D1663266400%3AS%3DALNI_MYnAT0cnMC2WxsU0WJKQsFsiZJF8Q&gpic=UID%3D00000575aacc0478%3AT%3D1663266400%3ART%3D1663266400%3AS%3DALNI_MYup5V-2moTy8eIlXezCvH-Mju1VQ&abxe=1&dt=1663266403516&lmt=1663266403&dlt=1663266399703&idt=543&adxs=315&adys=142&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sweepstake.com%2F&frm=20&vis=1&psz=1170x90&msz=970x90&fws=0&ohw=0&psts=APxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=2102761771.1663266400&ga_sid=1663266400&ga_hid=464245169&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax30s03-in-f2.1e100.net

Software

cafe /

Resource Hash

db3dd2a7772d3f3d476d5e09e025c8abd116affa09f9fff310e58733503651b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 496
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sweepstake.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
10 KB 708ms
708ms XHR
text/plain 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=637597873105962&correlator=3096387249146752&eid=31068500%2C31068929%2C31068529%2C31067826&output=ldjh&gdfp_req=1&vrg=2022091201&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A10705829087%2Csweepstake_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=7&adks=2277494672&sfv=1-0-38&ris=3&rcs=1&fsapi=false&prev_scp=a%3D%257C0%257C%26iid1%3D5631579641116581%26eid%3D5631579641116581%26t%3D134%26d%3D336327%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod67-c%26ic%3D2%26at%3Dmbf%26adr%3D398%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dsweepstake_com-medrectangle-2-5631579641116581%26eb_br%3Dc16fac08e79a971524b1c6834f5caad3%26eba%3D1%26ebss%3D10061%2C10063%26asau%3D2038571177%26bv%3D14%26bvm%3D0%26bvr%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D280%26br2%3D280%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C193%2C0%2C67%2C0%2C168%2C168%2C168%2C157%2C201%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2339%2C3054%2C3430%2C3457%2C3458%2C3460%2C3682%2C3683%2C3676%2C12%2C13%2C14%2C15%2C16%2C20%2C2310%2C2526%2C2527%2C2764%2C2765%2C3455%2C3456%2C3684%2C9%2C10%2C11%26lb%3D550%26reqt%3D1663266403509&eri=1&sc=1&cookie=ID%3D857a339d9b7e2a5e-22ac894c3ed70097%3AT%3D1663266400%3AS%3DALNI_MYnAT0cnMC2WxsU0WJKQsFsiZJF8Q&gpic=UID%3D00000575aacc0478%3AT%3D1663266400%3ART%3D1663266400%3AS%3DALNI_MYup5V-2moTy8eIlXezCvH-Mju1VQ&abxe=1&dt=1663266403520&lmt=1663266403&dlt=1663266399703&idt=543&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sweepstake.com%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&psts=APxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=2102761771.1663266400&ga_sid=1663266400&ga_hid=464245169&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax30s03-in-f2.1e100.net

Software

cafe /

Resource Hash

11342cf2d67d932087963a635144a53bfbb8e106eb2d8eae8ec1d8eef56ee793

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10319
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sweepstake.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
533 B 625ms
624ms XHR
text/plain 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=637597873105962&correlator=425426335252022&eid=31068500%2C31068929%2C31068529%2C31067826&output=ldjh&gdfp_req=1&vrg=2022091201&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A10705829087%2Csweepstake_com-medrectangle-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=580x400&ifi=8&adks=1914102123&sfv=1-0-38&ris=3&rcs=1&fsapi=false&prev_scp=a%3D%257C0%257C%26iid1%3D8529099445095412%26eid%3D8529099445095412%26t%3D134%26d%3D336327%26t1%3D134%26pvc%3D0%26ap%3D1021%26sap%3D1320%26as%3Drevenue%26plat%3D1%26bra%3Dmod67-c%26ic%3D2%26at%3Dmbf%26adr%3D398%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Dsweepstake_com-medrectangle-3-8529099445095412%26eb_br%3D76163170a8636ae5b88417f095893e08%26eba%3D1%26ebss%3D10061%2C10063%26asau%3D2038571177%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D400%26br2%3D400%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C168%2C0%2C67%2C0%2C168%2C168%2C168%2C157%2C201%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C1794%2C3430%2C3458%2C3460%2C3683%2C3676%2C15%2C16%2C2339%2C3054%2C3455%2C3456%2C3457%2C3682%2C11%2C12%2C13%2C14%26lb%3D800%26reqt%3D1663266403506&eri=1&sc=1&cookie=ID%3D857a339d9b7e2a5e-22ac894c3ed70097%3AT%3D1663266400%3AS%3DALNI_MYnAT0cnMC2WxsU0WJKQsFsiZJF8Q&gpic=UID%3D00000575aacc0478%3AT%3D1663266400%3ART%3D1663266400%3AS%3DALNI_MYup5V-2moTy8eIlXezCvH-Mju1VQ&abxe=1&dt=1663266403524&lmt=1663266403&dlt=1663266399703&idt=543&adxs=510&adys=1222&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sweepstake.com%2F&frm=20&vis=1&psz=1170x400&msz=580x400&fws=0&ohw=0&psts=APxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=2102761771.1663266400&ga_sid=1663266400&ga_hid=464245169&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax30s03-in-f2.1e100.net

Software

cafe /

Resource Hash

f283028423d5f5bf20850782e25596820f80f184cbe62eb9b27db3e4fc0f885e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 502
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sweepstake.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 144ms
35ms Script
application/javascript 34.102.146.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 09:38:15 GMT
content-encoding: gzip
age: 1241309
x-guploader-uploadid: ADPycdvs4F9n7s2_6EUPi7cWC7qGIH0o1o-iNUu__UaU3-RaGDtS-N152fZiiR9_6OPGldB9uQz8i4n77SbWV3o3vkXemd3rCFoK
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-generation: 1622140251693895
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 01 Sep 2023 09:38:15 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 40 KB
13 KB 177ms
58ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

42f45f5f02529253b737bd85ca20df5d3c3c6f9b9f663788c5997e2169fca92f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:44 GMT
content-encoding: gzip
last-modified: Mon, 12 Sep 2022 11:36:03 GMT
server: nginx
etag: W/"631f19a3-a1cf"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 16 Sep 2022 18:26:44 GMT

GET
H2 200 pubcid.min.js Show response
id.sharedid.org/lib/ 732 B
904 B 391ms
120ms Script
application/javascript 34.209.30.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/lib/pubcid.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.209.30.241 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-209-30-241.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:44 GMT
cache-control: public, max-age=86400
last-modified: Thu, 15 Sep 2022 17:13:47 GMT
accept-ranges: bytes
content-length: 732
vary: accept-encoding
content-type: application/javascript

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 48 KB
14 KB 130ms
43ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9468203d1a374c57d8f34c2df0229524b0b930bd43ed137a2a9bbbb21c1606e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 15 Sep 2022 18:26:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 Aug 2022 11:00:45 GMT
server: cloudflare
age: 673
etag: W/"c7c919b353e8ba2ee51dc077f03d29d1"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 74b369932d820a12-MIA
x-amz-request-id: RD83KHQKPRPXFY3W
x-amz-id-2: e5QX6S9OdBMlXFAl3kVhLhvSlX905aZa0GOvY2/ZRNYXwYuWupriLxM+ttsWAWfIvau+IprWqf8=

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
2 KB 138ms
37ms Script
text/javascript 34.96.70.87
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 17:38:08 GMT
via: 1.1 google
age: 2916
x-guploader-uploadid: ADPycdtamoYBR4_YZuVd4U_1Sujl59dbxO2B2EaXE75KO4kRvdZ4ivWfW3EErUFcmA5tZv4a_kH4SMyZ96Pjot2LJ46A5g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1258
last-modified: Fri, 29 Jul 2022 16:55:09 GMT
server: UploadServer
etag: "f5bc066f146e3dbb049aa6c86c7012e6"
x-goog-hash: crc32c=6QojvA==, md5=9bwGbxRuPbsEmqbIbHAS5g==
x-goog-generation: 1659113709880056
cache-control: public, max-age=3600
x-goog-stored-content-length: 1258
accept-ranges: bytes
content-type: text/javascript
expires: Thu, 15 Sep 2022 18:38:08 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 29 KB
9 KB 216ms
72ms Script
text/javascript 108.138.128.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-28.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 094b946adc39ade08f6d927ea066c8fef3ba6ee5c12919873172315ef7428e92

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 15 Sep 2022 14:52:13 GMT
content-encoding: gzip
last-modified: Tue, 19 Jul 2022 18:12:40 GMT
server: AmazonS3
age: 12872
etag: W/"2fa1275c04d6208db458c1ec8559f92d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 6d9771d39a0475d92b50bdd9caae11c2.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: JFK50-P4
x-amz-cf-id: iJGc0AtKXj-iFMfXqKpoydb5PrWuafEW_83qpZJ_G9U5yX7oaOD4EQ==

GET
H2 200 uid2-sdk-0.0.1b.js Show response
prod.uidapi.com/static/js/ 4 KB
5 KB 241ms
82ms Script
application/javascript 18.189.125.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.189.125.221 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-189-125-221.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:44 GMT
cache-control: public, max-age=86400
last-modified: Tue, 17 May 2022 17:30:07 GMT
accept-ranges: bytes
content-length: 4559
vary: accept-encoding
content-type: application/javascript

GET
H3 200 container.html Show response
777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B5B7 6 KB
3 KB 66ms
65ms Document
text/html 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sweepstake.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 18:26:40 GMT
expires: Fri, 15 Sep 2023 18:26:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 greenoaks.gif
www.sweepstake.com/detroitchicago/ 0
62 B 63ms
62ms Ping
text/plain 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sweepstake.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIxZTRlMDkwMC04ZThhLTRjMGQtNWUyYS03OTA3NjY1ODQ1NmMiLCJkb21haW5faWQiOiIzMzYzMjciLCJ0X2Vwb2NoIjoxNjYzMjY2Mzk5LCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjQ1MzIifV19XQ==
Requested by: Host: www.sweepstake.com
URL: https://www.sweepstake.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1fx21x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-60-16.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: https://www.sweepstake.com
x-middleton-display: ezp_sol
date: Thu, 15 Sep 2022 18:26:45 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Wed, 14 Sep 2022 18:26:45 GMT

POST
H2 204 army.gif
www.sweepstake.com/porpoiseant/ 0
16 B 62ms
60ms Ping
text/plain 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sweepstake.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTYzMTU3OTY0MTExNjU4MSIsImRvbWFpbl9pZCI6IjMzNjMyNyIsInVuaXQiOiJkaXYtZ3B0LWFkLXN3ZWVwc3Rha2VfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjYzMjY2Mzk5LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIxZTRlMDkwMC04ZThhLTRjMGQtNWUyYS03OTA3NjY1ODQ1NmMiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDgzLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjU2MzE1Nzk2NDExMTY1ODEiLCJkb21haW5faWQiOiIzMzYzMjciLCJ1bml0IjoiZGl2LWdwdC1hZC1zd2VlcHN0YWtlX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY2MzI2NjM5OSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiMWU0ZTA5MDAtOGU4YS00YzBkLTVlMmEtNzkwNzY2NTg0NTZjIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4MywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6ImMxNmZhYzA4ZTc5YTk3MTUyNGIxYzY4MzRmNWNhYWQzIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI1NjMxNTc5NjQxMTE2NTgxIiwiZG9tYWluX2lkIjoiMzM2MzI3IiwidW5pdCI6ImRpdi1ncHQtYWQtc3dlZXBzdGFrZV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2NjMyNjYzOTksInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMjgsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDI4LCJiaWRfZmxvb3JfcHJldiI6MC4wMDU1LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIxZTRlMDkwMC04ZThhLTRjMGQtNWUyYS03OTA3NjY1ODQ1NmMiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDgzLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTYzMTU3OTY0MTExNjU4MSIsImRvbWFpbl9pZCI6IjMzNjMyNyIsInVuaXQiOiJkaXYtZ3B0LWFkLXN3ZWVwc3Rha2VfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjYzMjY2Mzk5LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIxZTRlMDkwMC04ZThhLTRjMGQtNWUyYS03OTA3NjY1ODQ1NmMiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDgzLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwMzQ0ODMifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjU2MzE1Nzk2NDExMTY1ODEiLCJkb21haW5faWQiOiIzMzYzMjciLCJ1bml0IjoiZGl2LWdwdC1hZC1zd2VlcHN0YWtlX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY2MzI2NjM5OSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiMWU0ZTA5MDAtOGU4YS00YzBkLTVlMmEtNzkwNzY2NTg0NTZjIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4MywiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: www.sweepstake.com
URL: https://www.sweepstake.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1fx21x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-60-16.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: https://www.sweepstake.com
x-middleton-display: ezp_sol
date: Thu, 15 Sep 2022 18:26:45 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Wed, 14 Sep 2022 18:26:45 GMT

POST
H2 204 army.gif
www.sweepstake.com/porpoiseant/ 0
62 B 62ms
60ms Ping
text/plain 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sweepstake.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTYzMTU3OTY0MTExNjU4MSIsImRvbWFpbl9pZCI6IjMzNjMyNyIsInVuaXQiOiJkaXYtZ3B0LWFkLXN3ZWVwc3Rha2VfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjYzMjY2Mzk5LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIxZTRlMDkwMC04ZThhLTRjMGQtNWUyYS03OTA3NjY1ODQ1NmMiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDgzLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMi0wOS0xNSJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjE4In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: www.sweepstake.com
URL: https://www.sweepstake.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1fx21x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-60-16.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: https://www.sweepstake.com
x-middleton-display: ezp_sol
date: Thu, 15 Sep 2022 18:26:44 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Wed, 14 Sep 2022 18:26:44 GMT

GET
H2 204 army.gif Show response
www.sweepstake.com/porpoiseant/ 0
39 B 62ms
61ms XHR
text/plain 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sweepstake.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNTYzMTU3OTY0MTExNjU4MSIsImRvbWFpbl9pZCI6IjMzNjMyNyIsInVuaXQiOiJkaXYtZ3B0LWFkLXN3ZWVwc3Rha2VfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjYzMjY2Mzk5LCJhdWN0aW9uX2Vwb2NoIjoxNjYzMjY2NDA0LCJhZF9wb3NpdGlvbiI6MTEwMCwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6IjFlNGUwOTAwLThlOGEtNGMwZC01ZTJhLTc5MDc2NjU4NDU2YyIsImJpZF9mbG9vcl9pbml0aWFsIjo1NTAsImJpZF9mbG9vcl9wcmV2Ijo1NTAsImJpZF9mbG9vcl9maWxsZWQiOjI4MCwiYXVjdGlvbl9jb3VudCI6MiwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NzMzLCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
Requested by: Host: www.sweepstake.com
URL: https://www.sweepstake.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1fx21x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-60-16.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Thu, 15 Sep 2022 18:26:44 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
server: nginx
vary: Accept-Encoding
expires: Wed, 14 Sep 2022 18:26:43 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6CF4 624 B
733 B 250ms
95ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COefRxCA_O0CGJfu98sBMAE&v=APEucNXhHm9i1nxALyoh-21QzcyinIxygWRFPONVrMrxO8rcUHgvFNCUWJGsDQWYVjYu48B4dnCCfKRkGR4QcfRrbrIoNNF7ew

Requested by

Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 18:26:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B5B7 81 KB
35 KB 272ms
119ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A387yqLF5ntbGZRk1ng4dg2_1kZ8L9P-GYAL7CE-lCvvq4ThWnvBl8b6OfGEU_uldUmY2mEFztMcuPIuhDgD_r5rQArQv9fL8fTNjvkBsN95QtFeNHHc41Qr5Q3HkD6K2b_yBQTByxBaxXEawdibCN2xq77dpKSrFra6IXfXblIkC_x-0&dbm_d=AKAmf-A8PG-vDLqasFS-tG2Y1aTpiN5YfvXYLDZmc38C5sQoMF6xVFdh9WNt8J2uiB5tOj3ReKGtU9pJ8lyRRKHmqsjqH3l0Iv5D-hozAeKBkSIIISWQwI14dywk-em5QEInSCT9h9yh4qMYCjYRlgOs93HzTKqhNBsO8kfS44P7LL55jEI2i6ulyfY5LRXLsgwpp505QzwbNjoEUwPcW5BIPjxCrWo-HjWQNFoH_kNwuzXi08mbh-TOhthvKaKJi1QYwLdESsoBJFXh8hmCEmIZ8J_mhHa84xgpL-0KM1Fz0RVz-73vWUO118N3NRApp_oE2CENNWIpjEc-LmuqwM4hwY44uEyh4nusMuERhJkrDOsy0dlQ17dzd_YzCHheK5mtNkabIPi4o_8NFjpUB0riAiLKZNUwybb_mugxAdH3P1DoY-0CMP9GERtzDuQ-EOExYEEbcf-h3kksGJ43COpakr3Zi7I79_0q0z0GTSjvEYf9K7im28eRKRpEeLmk3ejqo6_S4OIF0C0fR_4qR6KyPKREVOxb0rxgmJJP-d41RmeCVCACbgtfCssPLwsP-6igDzHAzX7kr3Z_OtyY7PgRotbrh-Vo2bAarvO83EyVoECoDtqXvblGz_ZyRr72tmO5c_oE33yl96-nBZnmSCenCQzOXIRc9pOFAfAFRP_HL1iYNH2k0YO1o3_GlHqqO0QKSkp7ChJ7zgK14XEYcm314Qg4CXVY9DNDsswC4f0zNEmq9-WisrP8dq6w9gc32pEFWZOXmFFaEeOFWgbkqK-X-5ppxyFHFFcyV9ysptZB5nV0T2V6Ip9NXSRWJLupSb-ibfLjrIsoLDDqmDWjEMExrmP-9gsv7u94Ka1hQ_aUZknYo4eO4GBPcIi_A33gfudKOs75VUDOEoqSYDUQzlLFsjQ4AYUWhomfOUCsZ7uTfP9P-k0iyRxyYBdqjUC1ZdSKolecu55kfrGtPdkmJxFL56WkyMfwhZwr_xaqG2dZ2Ng4mjAHq-17bMQx1Z8liepgPQ38u-bTu6wz8IcuamLDuKjLFbeuwRMZ3r99xRSs6er5B4AYknjko7vvBzU4jkrFsk7_3DSBgTelnwPflkU8IYkZqLVnfolcv6NGRiOkU99CNHcIUibRmrhkwcguw6E9Ji_LeTlFRQQ0n4Bq8l5nuRSMEsKatnI8cNtrK0jzKXYYtBJIl1cu95giBMMRE6s4nbWsnp8tau0GNzRNF7fe9F7Ssdpv069ACZ0axia5wRgauouYoaDdZxgT1slSxMV1VR_tcuxs-_zyCioHXXBe6mZ8fiTw-P8OvWVDyn_zmu-SNEM3QbmbjB-Ui2SsWrPlBDlJXCX5iAnKE3_c8QzHwdQ3EdCQ8OD7NfYiRCuYIsnDDU2cfP3qyX5ycRXiigmK1VRQtiiXcCMJNqVb_kavYYcqnfLNxrw7Yj6EvhLFqSZbWgLnvlgtnGmqWGhwlzY2Ihv0Outb4Bfo7_WTdJU93FnUUVfaf3MWNXZpWy_GuqmlzquWOJFI1M-PfW-ZrVkZbfWDaPWeyghwMFBVNf9CLcXm9Ev4M0vo2HjV-qFMiOOmBSTYemOHG_9jpBQ7GH60dMdR1T088jgKsMyz_687bvG8gdCQmFMTN0WsY2nYk_hAjMs6GsncsPsaX8vP2ArkdThOKr3DKzXWB5YDDoUcwHIg0vrwfpxeneIoi1jA2uEz8QyEYHdIe62NTjvHXL7yeEhXCFE1-FonqiczOLD0rpVA5T_mU4eeJcO2h9MylsUrneq5bWwncj-w7FfrUuPt9AjFPU8nqUaPoYxbltGn6ta6CPRkQVui1Ul9Ao5IpohNw_pefq8ZK084vFPx71I90pJ9CTCk0Ppk-dNKanK8ivexRWzn844CYLFUdsQzJwdPd8LzOMeLkWIy2aUrCMI5iUZV7aoR4LTC_yw6TUN1O2lY4Qs79kn1lrWbcAl8nqnK330az1bA_winbxFW5b09UmAIjNTgrSAALp8cAxn9NaSd6xp7DSRpRdALXK8kP1ZmEBfGDr2GD04uN5JK-Mo5tKxB17ptie4X7iZLYhigbkXSFOMbH_UgEsNlCj0ESxhAazRhZE4ci55B_Uk6_3JqyN2JLk4rKGkN_NAzSMNT_Jm4fBMSBF9aqBYdi423s4aWd_h6YK1PYzBxKBCexwTKU87T8sWNpG21I9yujV_Y2OMfJaHGOObIhZHReXc7L69ju8qGPi-e5kMTzk0LkxVkS6y_EPGYXYEZe2g_Qa-m1NdVwoLzzrXibZ1RV0H91ngD4D6a3YNW61nVzvYgvoT9K0NAmbkr4JqunvoKlhzt7_CGrYLZsyJWjESizHRXVAiN563gmOGWTTHhCVOI1h73eG-pCN4hhOBBMxKp07kwzGO8OOcMkqpI9sRAzWQGXWb58tf_ZcwKwrIQXcPzuZpYjy9_pDiCkkp9fOUskReJK6BpfgS5GWvBTS-aRTdRXmY38lqb9r4U0XN5xOWYGQTBLzP_xMS7E6hSN7l2EaLChsAXgFhD9sGMSLeIfz9zgKzDEDRhpbAoWMs8QiFaqS0QvUvpiuC1W3SzKVWr6lNozBqDT1uFY3YOJN-mYVroyVBMw1l_4En2xndVjGHnD0OyRcf2t0tiAzdvE3SflNwnpbFpTa4XQYcssavAUXI-F-p-yj8PodLhzmVaBcYo8QpnPz-K6dtvXwDtRNcBo4OZna841XKDuhFY3o2s-EzpHyy6hqFRZgcIIhfVHnmRTy9XtVcnKBYyujSND-VYcS75ixDvrksr15pbPC7Fp4zgXZKby0P4ng8uHiLlitF7LwxskG0ySMf2ctfyMn81eNLbq8ZPmFSnSV9grP2yFoxNYB3EnBqVzpIc8bzgvQHXD-M4xAGnbXxj5qPQ_9yDuceCE6agXOer2qi_clbvX0rA9t5i0Wlbn_tw0LQSeIin1GhETOJ4Dh-VHl5Nxb8RmiVOqK8YOC5oAc8NtJIddG2KdStmqYDmsRorvKp8Rr9XszU9wJvc17f16td6HQ3siYgAO0tuAu61bBhIjhFPLg_Lz9oBZigfp2Nlmd21JJ06Q74z899yufImC6lEl-cDFSJ1wLhzMrk032eToZp3J3bpy1haBQdl1snSFhbDXEodcPsT0pPluj3t9sheKvmhEdMAbnoSZ95Zb28TTO_Bdpu_Uz1HI40HTOnPsecjFA_aY2nG7C9fTlcGhMlTTvUwfRoC9U_TpxBGa5pusBIY4u4SP2LtHvsJYvxepAYZeA7I-y0AMdoiKKh8pSWku6eaYl8ZkQSdlduzy5qsPWSIV3HxU4c6ja8ISX1Rwyjd5DOfeXXJiP9xgF33hxRvckR4-PCXNDxd3BnML4ksefS5uLrEDKt7Jcv_njNg1qYiurNu0aSjdEpIScSUlx8xJYIATo3OSxKDr5tlAw&cid=CAASJeRoNThpKoH_giFEWMfJdyKaufszdnmB_wEQkxxGkEUzQOiZhW0&rfl=1%2Chttps%253A%252F%252Fwww.sweepstake.com%252F%240

Requested by

Host: www.sweepstake.com
URL: https://www.sweepstake.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d387908b8496cf3b7e00d962f090fcf7345b7a0a0a94c4c48fa71c023ad39c7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35733
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B5B7 42 B
63 B 124ms
123ms Image
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DAVczF2y1zQYkknoimXEr4coG3dw0RjhO62EDFwckBqjOvMU2UUQ39-iNA8EgzMXBXpnL5q8X5lmERIhIebifSZOIZf2mOHT6DiDwWi2RMtHxLLQw

Requested by

Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame B5B7 3 KB
1 KB 67ms
64ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js

Requested by

Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 299
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 18:21:45 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame B5B7 17 KB
7 KB 68ms
65ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:23:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 18:23:41 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B5B7 0
0 236ms
84ms Image
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT8TQedwvBSMkTXpkV9W3p8vVyvFitDbDDZWQJvZRqGaDWNETjBnwtGLBtFtgxQIDIXkiHgkcQJzzxVMJjGROHQ7GM97w
Requested by: Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B5B7 141 KB
44 KB 268ms
117ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Sep 2022 18:26:44 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 84ms
84ms Script
application/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sweepstake.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Sep 2022 18:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 153 KB
44 KB 815ms
815ms XHR
text/plain 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=637597873105962&correlator=565247169409720&eid=31068500%2C31068929%2C31068529%2C31067826&output=ldjh&gdfp_req=1&vrg=2022091201&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A10705829087%2Csweepstake_com-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=9&adks=107121578&sfv=1-0-38&ists=1&fas=8&fsapi=false&prev_scp=bvr%3D0%26ap%3D9999%26ezoic%3D1%26eb_br%3Dempty%26br1%3D5500%26ga%3D2497208%26iid1%3D7257474913133604%26tap%3Dsweepstake_com-pixel1-7257474913133604%26bra%3Dmod67-c%26ic%3D3%26lb%3D6000&eri=1&sc=1&cookie=ID%3D857a339d9b7e2a5e%3AT%3D1663266400%3AS%3DALNI_MZ1K4AXMg9V4M3sPUIW2TPDPzK8Og&gpic=UID%3D00000575aacc0478%3AT%3D1663266400%3ART%3D1663266400%3AS%3DALNI_MYup5V-2moTy8eIlXezCvH-Mju1VQ&abxe=1&dt=1663266404359&lmt=1663266404&dlt=1663266399703&idt=543&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sweepstake.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=APxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=2102761771.1663266400&ga_sid=1663266400&ga_hid=464245169&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax30s03-in-f2.1e100.net

Software

cafe /

Resource Hash

620031f07d8deb5fdad2a48408cf283b0efdaa5bc0c6fe232ec48ab852255974

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44852
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sweepstake.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
327 B 466ms
154ms XHR
text/plain 162.19.138.118

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sweepstake.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sweepstake.com
date: Thu, 15 Sep 2022 18:26:43 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
strict-transport-security: max-age=63072000; includeSubDomains; preload

POST
H3 200 encrypt Show response
esp.rtbhouse.com/ 221 B
238 B 231ms
161ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: www.sweepstake.com
URL: https://www.sweepstake.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1fx21x2fx57x5bx62
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 8d9da4a13e73d9f963ec8345d4d246875708f363784d1656dfb365597acc6d3f

Request headers

Referer: https://www.sweepstake.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Sep 2022 18:26:44 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: c006c74c057f5e1d7fc3dfb729b04864
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 237ms
155ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.sweepstake.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://www.sweepstake.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Thu, 15 Sep 2022 18:26:44 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: 6fc25d782bf2b4c9d2f9d69207ac8caf

GET
H3

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sweepstake.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sweepstake.com%2F&rid=esp&cc=1

85 B
103 B

131ms
82ms

Fetch
application/json

34.120.135.53
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sweepstake.com%2F&rid=esp&cc=1
Protocol: H3
Server: 34.120.135.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 06185a715e63f15a760b26dcd886732546628582456551e2bf20331de8221619

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:44 GMT
via: 1.1 google
etag: W/"55-XVESeo8EG6PN2ZSyt0rKOBroRZs"
x-powered-by: Express
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sweepstake.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Thu, 15 Sep 2022 18:26:44 GMT
via: 1.1 google
access-control-allow-origin: https://www.sweepstake.com
x-powered-by: Express
vary: Origin
location: /esp?url=https%3A%2F%2Fwww.sweepstake.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame FCFC 15 KB
6 KB 180ms
59ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.sweepstake.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b043a79fc3e5aa25fc53b624db4dfc612198a4e62e43780296ab07dafb6f8f83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sweepstake.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 18:26:44 GMT
server: Kestrel
server-processing-duration-in-ticks: 1007614
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6CF4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECUBntXYl75baT7phSy8Zuw&google_cver=1

43 B
846 B

88ms
88ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECUBntXYl75baT7phSy8Zuw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COefRxCA_O0CGJfu98sBMAE&v=APEucNXhHm9i1nxALyoh-21QzcyinIxygWRFPONVrMrxO8rcUHgvFNCUWJGsDQWYVjYu48B4dnCCfKRkGR4QcfRrbrIoNNF7ew
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74b369966bce6dcd-MIA
pragma: no-cache
date: Thu, 15 Sep 2022 18:26:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNRyYQRALPlOmGYi2wi1YvWMse2eIBKLLFAb0%2BTGWT%2FNWG45bho4Av6BfNZhbFTP6gWuOf989HB%2F%2BYiul58P2eShuO52Hupivg93E6C8XqLKVlAD2txIkvAUw4p%2BjmTw0UBAAu2d%2Fn9yDw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECUBntXYl75baT7phSy8Zuw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6CF4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyNuZJvWFqZ2R70ojLL7BwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECUBntXYl75baT7phSy8Zuw&google_cver=1

43 B
842 B

103ms
103ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECUBntXYl75baT7phSy8Zuw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COefRxCA_O0CGJfu98sBMAE&v=APEucNXhHm9i1nxALyoh-21QzcyinIxygWRFPONVrMrxO8rcUHgvFNCUWJGsDQWYVjYu48B4dnCCfKRkGR4QcfRrbrIoNNF7ew
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74b369980eec6dcd-MIA
pragma: no-cache
date: Thu, 15 Sep 2022 18:26:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7BRgiTzMDgJwJRw60xNPERc%2BKPn5qlTPFZNnsiR2s71Nbq5WScULVB7wFt2pMKHj53xP8C4vKXkT0wK1ke5hnB3KufzsqWhjFoGfumj%2BizKv7jMAtfeoWRC%2BF9lydmQak%2BCsRdoZQsl6g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECUBntXYl75baT7phSy8Zuw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 6CF4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGe1ne22xcwv_4bG2C1aZ4g&google_cver=1

43 B
1014 B

95ms
79ms

Image
image/gif

68.67.179.87

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGe1ne22xcwv_4bG2C1aZ4g&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COefRxCA_O0CGJfu98sBMAE&v=APEucNXhHm9i1nxALyoh-21QzcyinIxygWRFPONVrMrxO8rcUHgvFNCUWJGsDQWYVjYu48B4dnCCfKRkGR4QcfRrbrIoNNF7ew

Protocol

HTTP/1.1

Server

68.67.179.87 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Sep 2022 18:26:44 GMT
X-Proxy-Origin: 38.132.118.74; 38.132.118.74; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2daa5359-26b6-43fa-be96-c3542476fe27
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGe1ne22xcwv_4bG2C1aZ4g&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6CF4
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE3ODAzNTM1ODc0NDA4NjQ%3D

170 B
188 B

83ms
78ms

Image
image/png

142.250.65.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE3ODAzNTM1ODc0NDA4NjQ%3D

Requested by

Protocol

Server

142.250.65.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 15 Sep 2022 18:26:44 GMT
X-Proxy-Origin: 38.132.118.74; 38.132.118.74; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 57bd913d-bc49-4a65-8022-b0ce3ebe79d1
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE3ODAzNTM1ODc0NDA4NjQ%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1042606/63588122/ Frame B5B7 236 KB
70 KB 219ms
61ms Script
application/javascript 2600:1f18:1aca:4282:4cee:aa83:8a18:ee3

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1042606/63588122/skeleton.js?ias_dspID=3&ias_campId=28355840&ias_pubId=pub-6396844742497208&ias_chanId=1&ias_placementId=17161437572&bidurl=https://www.sweepstake.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h3TSDwxOCYG26yo7H1LNGP
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A387yqLF5ntbGZRk1ng4dg2_1kZ8L9P-GYAL7CE-lCvvq4ThWnvBl8b6OfGEU_uldUmY2mEFztMcuPIuhDgD_r5rQArQv9fL8fTNjvkBsN95QtFeNHHc41Qr5Q3HkD6K2b_yBQTByxBaxXEawdibCN2xq77dpKSrFra6IXfXblIkC_x-0&dbm_d=AKAmf-A8PG-vDLqasFS-tG2Y1aTpiN5YfvXYLDZmc38C5sQoMF6xVFdh9WNt8J2uiB5tOj3ReKGtU9pJ8lyRRKHmqsjqH3l0Iv5D-hozAeKBkSIIISWQwI14dywk-em5QEInSCT9h9yh4qMYCjYRlgOs93HzTKqhNBsO8kfS44P7LL55jEI2i6ulyfY5LRXLsgwpp505QzwbNjoEUwPcW5BIPjxCrWo-HjWQNFoH_kNwuzXi08mbh-TOhthvKaKJi1QYwLdESsoBJFXh8hmCEmIZ8J_mhHa84xgpL-0KM1Fz0RVz-73vWUO118N3NRApp_oE2CENNWIpjEc-LmuqwM4hwY44uEyh4nusMuERhJkrDOsy0dlQ17dzd_YzCHheK5mtNkabIPi4o_8NFjpUB0riAiLKZNUwybb_mugxAdH3P1DoY-0CMP9GERtzDuQ-EOExYEEbcf-h3kksGJ43COpakr3Zi7I79_0q0z0GTSjvEYf9K7im28eRKRpEeLmk3ejqo6_S4OIF0C0fR_4qR6KyPKREVOxb0rxgmJJP-d41RmeCVCACbgtfCssPLwsP-6igDzHAzX7kr3Z_OtyY7PgRotbrh-Vo2bAarvO83EyVoECoDtqXvblGz_ZyRr72tmO5c_oE33yl96-nBZnmSCenCQzOXIRc9pOFAfAFRP_HL1iYNH2k0YO1o3_GlHqqO0QKSkp7ChJ7zgK14XEYcm314Qg4CXVY9DNDsswC4f0zNEmq9-WisrP8dq6w9gc32pEFWZOXmFFaEeOFWgbkqK-X-5ppxyFHFFcyV9ysptZB5nV0T2V6Ip9NXSRWJLupSb-ibfLjrIsoLDDqmDWjEMExrmP-9gsv7u94Ka1hQ_aUZknYo4eO4GBPcIi_A33gfudKOs75VUDOEoqSYDUQzlLFsjQ4AYUWhomfOUCsZ7uTfP9P-k0iyRxyYBdqjUC1ZdSKolecu55kfrGtPdkmJxFL56WkyMfwhZwr_xaqG2dZ2Ng4mjAHq-17bMQx1Z8liepgPQ38u-bTu6wz8IcuamLDuKjLFbeuwRMZ3r99xRSs6er5B4AYknjko7vvBzU4jkrFsk7_3DSBgTelnwPflkU8IYkZqLVnfolcv6NGRiOkU99CNHcIUibRmrhkwcguw6E9Ji_LeTlFRQQ0n4Bq8l5nuRSMEsKatnI8cNtrK0jzKXYYtBJIl1cu95giBMMRE6s4nbWsnp8tau0GNzRNF7fe9F7Ssdpv069ACZ0axia5wRgauouYoaDdZxgT1slSxMV1VR_tcuxs-_zyCioHXXBe6mZ8fiTw-P8OvWVDyn_zmu-SNEM3QbmbjB-Ui2SsWrPlBDlJXCX5iAnKE3_c8QzHwdQ3EdCQ8OD7NfYiRCuYIsnDDU2cfP3qyX5ycRXiigmK1VRQtiiXcCMJNqVb_kavYYcqnfLNxrw7Yj6EvhLFqSZbWgLnvlgtnGmqWGhwlzY2Ihv0Outb4Bfo7_WTdJU93FnUUVfaf3MWNXZpWy_GuqmlzquWOJFI1M-PfW-ZrVkZbfWDaPWeyghwMFBVNf9CLcXm9Ev4M0vo2HjV-qFMiOOmBSTYemOHG_9jpBQ7GH60dMdR1T088jgKsMyz_687bvG8gdCQmFMTN0WsY2nYk_hAjMs6GsncsPsaX8vP2ArkdThOKr3DKzXWB5YDDoUcwHIg0vrwfpxeneIoi1jA2uEz8QyEYHdIe62NTjvHXL7yeEhXCFE1-FonqiczOLD0rpVA5T_mU4eeJcO2h9MylsUrneq5bWwncj-w7FfrUuPt9AjFPU8nqUaPoYxbltGn6ta6CPRkQVui1Ul9Ao5IpohNw_pefq8ZK084vFPx71I90pJ9CTCk0Ppk-dNKanK8ivexRWzn844CYLFUdsQzJwdPd8LzOMeLkWIy2aUrCMI5iUZV7aoR4LTC_yw6TUN1O2lY4Qs79kn1lrWbcAl8nqnK330az1bA_winbxFW5b09UmAIjNTgrSAALp8cAxn9NaSd6xp7DSRpRdALXK8kP1ZmEBfGDr2GD04uN5JK-Mo5tKxB17ptie4X7iZLYhigbkXSFOMbH_UgEsNlCj0ESxhAazRhZE4ci55B_Uk6_3JqyN2JLk4rKGkN_NAzSMNT_Jm4fBMSBF9aqBYdi423s4aWd_h6YK1PYzBxKBCexwTKU87T8sWNpG21I9yujV_Y2OMfJaHGOObIhZHReXc7L69ju8qGPi-e5kMTzk0LkxVkS6y_EPGYXYEZe2g_Qa-m1NdVwoLzzrXibZ1RV0H91ngD4D6a3YNW61nVzvYgvoT9K0NAmbkr4JqunvoKlhzt7_CGrYLZsyJWjESizHRXVAiN563gmOGWTTHhCVOI1h73eG-pCN4hhOBBMxKp07kwzGO8OOcMkqpI9sRAzWQGXWb58tf_ZcwKwrIQXcPzuZpYjy9_pDiCkkp9fOUskReJK6BpfgS5GWvBTS-aRTdRXmY38lqb9r4U0XN5xOWYGQTBLzP_xMS7E6hSN7l2EaLChsAXgFhD9sGMSLeIfz9zgKzDEDRhpbAoWMs8QiFaqS0QvUvpiuC1W3SzKVWr6lNozBqDT1uFY3YOJN-mYVroyVBMw1l_4En2xndVjGHnD0OyRcf2t0tiAzdvE3SflNwnpbFpTa4XQYcssavAUXI-F-p-yj8PodLhzmVaBcYo8QpnPz-K6dtvXwDtRNcBo4OZna841XKDuhFY3o2s-EzpHyy6hqFRZgcIIhfVHnmRTy9XtVcnKBYyujSND-VYcS75ixDvrksr15pbPC7Fp4zgXZKby0P4ng8uHiLlitF7LwxskG0ySMf2ctfyMn81eNLbq8ZPmFSnSV9grP2yFoxNYB3EnBqVzpIc8bzgvQHXD-M4xAGnbXxj5qPQ_9yDuceCE6agXOer2qi_clbvX0rA9t5i0Wlbn_tw0LQSeIin1GhETOJ4Dh-VHl5Nxb8RmiVOqK8YOC5oAc8NtJIddG2KdStmqYDmsRorvKp8Rr9XszU9wJvc17f16td6HQ3siYgAO0tuAu61bBhIjhFPLg_Lz9oBZigfp2Nlmd21JJ06Q74z899yufImC6lEl-cDFSJ1wLhzMrk032eToZp3J3bpy1haBQdl1snSFhbDXEodcPsT0pPluj3t9sheKvmhEdMAbnoSZ95Zb28TTO_Bdpu_Uz1HI40HTOnPsecjFA_aY2nG7C9fTlcGhMlTTvUwfRoC9U_TpxBGa5pusBIY4u4SP2LtHvsJYvxepAYZeA7I-y0AMdoiKKh8pSWku6eaYl8ZkQSdlduzy5qsPWSIV3HxU4c6ja8ISX1Rwyjd5DOfeXXJiP9xgF33hxRvckR4-PCXNDxd3BnML4ksefS5uLrEDKt7Jcv_njNg1qYiurNu0aSjdEpIScSUlx8xJYIATo3OSxKDr5tlAw&cid=CAASJeRoNThpKoH_giFEWMfJdyKaufszdnmB_wEQkxxGkEUzQOiZhW0&rfl=1%2Chttps%253A%252F%252Fwww.sweepstake.com%252F%240
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:4cee:aa83:8a18:ee3 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5129a47917f4f4ba7de143e4daa8ee37bba99ee3b886f998f198aecb8c07ff1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:44 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220912/r20110914/ Frame B5B7 30 KB
11 KB 66ms
66ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220912/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A387yqLF5ntbGZRk1ng4dg2_1kZ8L9P-GYAL7CE-lCvvq4ThWnvBl8b6OfGEU_uldUmY2mEFztMcuPIuhDgD_r5rQArQv9fL8fTNjvkBsN95QtFeNHHc41Qr5Q3HkD6K2b_yBQTByxBaxXEawdibCN2xq77dpKSrFra6IXfXblIkC_x-0&dbm_d=AKAmf-A8PG-vDLqasFS-tG2Y1aTpiN5YfvXYLDZmc38C5sQoMF6xVFdh9WNt8J2uiB5tOj3ReKGtU9pJ8lyRRKHmqsjqH3l0Iv5D-hozAeKBkSIIISWQwI14dywk-em5QEInSCT9h9yh4qMYCjYRlgOs93HzTKqhNBsO8kfS44P7LL55jEI2i6ulyfY5LRXLsgwpp505QzwbNjoEUwPcW5BIPjxCrWo-HjWQNFoH_kNwuzXi08mbh-TOhthvKaKJi1QYwLdESsoBJFXh8hmCEmIZ8J_mhHa84xgpL-0KM1Fz0RVz-73vWUO118N3NRApp_oE2CENNWIpjEc-LmuqwM4hwY44uEyh4nusMuERhJkrDOsy0dlQ17dzd_YzCHheK5mtNkabIPi4o_8NFjpUB0riAiLKZNUwybb_mugxAdH3P1DoY-0CMP9GERtzDuQ-EOExYEEbcf-h3kksGJ43COpakr3Zi7I79_0q0z0GTSjvEYf9K7im28eRKRpEeLmk3ejqo6_S4OIF0C0fR_4qR6KyPKREVOxb0rxgmJJP-d41RmeCVCACbgtfCssPLwsP-6igDzHAzX7kr3Z_OtyY7PgRotbrh-Vo2bAarvO83EyVoECoDtqXvblGz_ZyRr72tmO5c_oE33yl96-nBZnmSCenCQzOXIRc9pOFAfAFRP_HL1iYNH2k0YO1o3_GlHqqO0QKSkp7ChJ7zgK14XEYcm314Qg4CXVY9DNDsswC4f0zNEmq9-WisrP8dq6w9gc32pEFWZOXmFFaEeOFWgbkqK-X-5ppxyFHFFcyV9ysptZB5nV0T2V6Ip9NXSRWJLupSb-ibfLjrIsoLDDqmDWjEMExrmP-9gsv7u94Ka1hQ_aUZknYo4eO4GBPcIi_A33gfudKOs75VUDOEoqSYDUQzlLFsjQ4AYUWhomfOUCsZ7uTfP9P-k0iyRxyYBdqjUC1ZdSKolecu55kfrGtPdkmJxFL56WkyMfwhZwr_xaqG2dZ2Ng4mjAHq-17bMQx1Z8liepgPQ38u-bTu6wz8IcuamLDuKjLFbeuwRMZ3r99xRSs6er5B4AYknjko7vvBzU4jkrFsk7_3DSBgTelnwPflkU8IYkZqLVnfolcv6NGRiOkU99CNHcIUibRmrhkwcguw6E9Ji_LeTlFRQQ0n4Bq8l5nuRSMEsKatnI8cNtrK0jzKXYYtBJIl1cu95giBMMRE6s4nbWsnp8tau0GNzRNF7fe9F7Ssdpv069ACZ0axia5wRgauouYoaDdZxgT1slSxMV1VR_tcuxs-_zyCioHXXBe6mZ8fiTw-P8OvWVDyn_zmu-SNEM3QbmbjB-Ui2SsWrPlBDlJXCX5iAnKE3_c8QzHwdQ3EdCQ8OD7NfYiRCuYIsnDDU2cfP3qyX5ycRXiigmK1VRQtiiXcCMJNqVb_kavYYcqnfLNxrw7Yj6EvhLFqSZbWgLnvlgtnGmqWGhwlzY2Ihv0Outb4Bfo7_WTdJU93FnUUVfaf3MWNXZpWy_GuqmlzquWOJFI1M-PfW-ZrVkZbfWDaPWeyghwMFBVNf9CLcXm9Ev4M0vo2HjV-qFMiOOmBSTYemOHG_9jpBQ7GH60dMdR1T088jgKsMyz_687bvG8gdCQmFMTN0WsY2nYk_hAjMs6GsncsPsaX8vP2ArkdThOKr3DKzXWB5YDDoUcwHIg0vrwfpxeneIoi1jA2uEz8QyEYHdIe62NTjvHXL7yeEhXCFE1-FonqiczOLD0rpVA5T_mU4eeJcO2h9MylsUrneq5bWwncj-w7FfrUuPt9AjFPU8nqUaPoYxbltGn6ta6CPRkQVui1Ul9Ao5IpohNw_pefq8ZK084vFPx71I90pJ9CTCk0Ppk-dNKanK8ivexRWzn844CYLFUdsQzJwdPd8LzOMeLkWIy2aUrCMI5iUZV7aoR4LTC_yw6TUN1O2lY4Qs79kn1lrWbcAl8nqnK330az1bA_winbxFW5b09UmAIjNTgrSAALp8cAxn9NaSd6xp7DSRpRdALXK8kP1ZmEBfGDr2GD04uN5JK-Mo5tKxB17ptie4X7iZLYhigbkXSFOMbH_UgEsNlCj0ESxhAazRhZE4ci55B_Uk6_3JqyN2JLk4rKGkN_NAzSMNT_Jm4fBMSBF9aqBYdi423s4aWd_h6YK1PYzBxKBCexwTKU87T8sWNpG21I9yujV_Y2OMfJaHGOObIhZHReXc7L69ju8qGPi-e5kMTzk0LkxVkS6y_EPGYXYEZe2g_Qa-m1NdVwoLzzrXibZ1RV0H91ngD4D6a3YNW61nVzvYgvoT9K0NAmbkr4JqunvoKlhzt7_CGrYLZsyJWjESizHRXVAiN563gmOGWTTHhCVOI1h73eG-pCN4hhOBBMxKp07kwzGO8OOcMkqpI9sRAzWQGXWb58tf_ZcwKwrIQXcPzuZpYjy9_pDiCkkp9fOUskReJK6BpfgS5GWvBTS-aRTdRXmY38lqb9r4U0XN5xOWYGQTBLzP_xMS7E6hSN7l2EaLChsAXgFhD9sGMSLeIfz9zgKzDEDRhpbAoWMs8QiFaqS0QvUvpiuC1W3SzKVWr6lNozBqDT1uFY3YOJN-mYVroyVBMw1l_4En2xndVjGHnD0OyRcf2t0tiAzdvE3SflNwnpbFpTa4XQYcssavAUXI-F-p-yj8PodLhzmVaBcYo8QpnPz-K6dtvXwDtRNcBo4OZna841XKDuhFY3o2s-EzpHyy6hqFRZgcIIhfVHnmRTy9XtVcnKBYyujSND-VYcS75ixDvrksr15pbPC7Fp4zgXZKby0P4ng8uHiLlitF7LwxskG0ySMf2ctfyMn81eNLbq8ZPmFSnSV9grP2yFoxNYB3EnBqVzpIc8bzgvQHXD-M4xAGnbXxj5qPQ_9yDuceCE6agXOer2qi_clbvX0rA9t5i0Wlbn_tw0LQSeIin1GhETOJ4Dh-VHl5Nxb8RmiVOqK8YOC5oAc8NtJIddG2KdStmqYDmsRorvKp8Rr9XszU9wJvc17f16td6HQ3siYgAO0tuAu61bBhIjhFPLg_Lz9oBZigfp2Nlmd21JJ06Q74z899yufImC6lEl-cDFSJ1wLhzMrk032eToZp3J3bpy1haBQdl1snSFhbDXEodcPsT0pPluj3t9sheKvmhEdMAbnoSZ95Zb28TTO_Bdpu_Uz1HI40HTOnPsecjFA_aY2nG7C9fTlcGhMlTTvUwfRoC9U_TpxBGa5pusBIY4u4SP2LtHvsJYvxepAYZeA7I-y0AMdoiKKh8pSWku6eaYl8ZkQSdlduzy5qsPWSIV3HxU4c6ja8ISX1Rwyjd5DOfeXXJiP9xgF33hxRvckR4-PCXNDxd3BnML4ksefS5uLrEDKt7Jcv_njNg1qYiurNu0aSjdEpIScSUlx8xJYIATo3OSxKDr5tlAw&cid=CAASJeRoNThpKoH_giFEWMfJdyKaufszdnmB_wEQkxxGkEUzQOiZhW0&rfl=1%2Chttps%253A%252F%252Fwww.sweepstake.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4831f38d5033e932ef3b079d240c86ffa99b3efa45e5f2a14ed3d1f4d1c3b3be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:21:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11716
x-xss-protection: 0
server: cafe
etag: 11026421231030424798
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 18:21:31 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220912/r20110914/elements/html/ Frame B5B7 8 KB
3 KB 66ms
66ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220912/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 549
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 18:17:35 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B5B7 0
613 B 264ms
119ms Ping
image/gif 142.250.65.194

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvm98mi4V20kz-Q6pQqsNb_FQjBgueBj7dL-eGIIRE_kBLVCr4-Pp2EgqER2qoPRmTPNLTiuhZIScUhKHKbLY7qWf7_r2GxKoeR5mxK3YnNaxEia_zNCDr-LOt0UVlYe0uPY0AQxf7uN0HbgwZxcZAnxZRDT0hb4XJr0aoC5PHTVYwTcxj9-FEMxNcU_X42awUChVJ5mC2ZejhgFSihNNaa09zKXKzC1OVjg38UkPJwKmMt4s_uPNso6WolJBChutvum4CN5wLWkA4YJ3uSb9yaZTp2FoRgGq3K2RrL4V7wUYb43AvB2l2bsVeaUh0vUtwD7q8G862-eUoeRcUaIY8vI-OGfu64nosEW4YHAVsBQ_-OteGqyKZz5kDE65G9QmH_zZ1lizE_7B9tVqXXIaNcZxXnog3cEn5ecXzTT126I_YUJsPm8CPKAr8CR661lYB-QaKe-16m-vLo3GUcl79hMlzWLpIiFywcwV4lDUKsuPYOnQXvZJER-Z0O9pqn1FF6P-TS-0IZi8jUhv_tR8xZoyGdyHON47NZgdVR39U_FdsO108ua8fqWoaJw8CorPdgLu7yPzSbSNLn-DMgm0vTfoyijoL2S5NuXIGKQQWvgKJp3GLaBQNu_ksuWJ6n8aM_QRxKYjDkLm53EebMubgFPoxXZEZAX5zjAL52L_Son4kjuav4L666280z9kEiNqIXeCGxqDU4ApzVk8ZnPnJq7F1mjTqjnFsRMIjhPBcdrbIEFcP40U1tW-W_a-v9mwrdLo9ahNo-TH2Euyq27adU5xrwNCce3sbP3XsOnNc85aA_CZqmZWxBjArUQR6NHWtnFEfy4G42CtXE_OCAYNFUIE5aVZ0b8eWe_tYhKm_zuwon9VbPeXR0k7hd7J4jrdegVqv64-Z6yCzbbnWfvJeIxUoKEaGjpoZnkAhDNSDOQ5PWNnC52LJkweHhu2lJmRPuISW7qMBhSjmICw-uA_jRYfnw3HOg6Aoog9M-zN9yCIJOsxhxOyC-6IXptco5Ki3nyYv8gB3VFQ2rrDKyaXFNV0PxsxWJ-4qoDRtd3pM-LpzwqF-gGwczpehrfsFSytiO5RmDBv5jDcwG7C4V3Oe3ayGbX2U4__fsqQu7Zdu_52pMf1yAUDTGbd23d4ObTnpVKgVRqAJuAJU8BVym9bEj_F40KXlfjcfYCB6UTlEOpJ3_BmUoZbLlLdzkcp1drG4Ew2aZwxX3hUEK-p8C3HQWVwue2VfbzmTdq85F8m2lcVXJGXxhAXtK2fx7F7YM6U8_O0sIEWp450wBUC8SU0Eo-7aN&sai=AMfl-YQMlmJ-mNMQ0Fj5W4JwbWtiVvLszzJbZ9kKdwWbRIvrXW-Xjip3LVNUclmRoS_50DtsPg52_3sTJ_omMBMpJ2qktamF14W5KLMQmLO2GcPYT1DHfwLh2FfxuzWkP9b6vWcoZZpB1uQxl2eC7tgHtwdgRfk9azal1YkmadLF5CnLQupoa55U24Ty2qbl-RgKCk14QzmSYa6WEmUC5WkeqsBz&sig=Cg0ArKJSzOWD5Xi0uFG3EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220912.59556&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 15 Sep 2022 18:26:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B5B7 41 KB
15 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 15:29:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183433
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 15:29:31 GMT

GET
H2 200 17746675369233589474
s0.2mdn.net/simgad/ Frame B5B7 45 KB
46 KB 219ms
66ms Image
image/jpeg 2607:f8b0:4006:808::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17746675369233589474

Requested by

Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1b464b966f2d6d73707c389a7d6f5688d9be181b755fcd173ce77ac8703ac573

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 01:00:17 GMT
x-content-type-options: nosniff
age: 321987
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46392
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 23:06:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Sep 2023 01:00:17 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame FCFC
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=sweepstake.com&sn=ChromeSyncframe&so=0&topUrl=www.sweepstake.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=m1sLtnxIQlJWOGlCa01mQ0xQVzIzcWJrY3FMVlE4azk3elFEa1RkLzZsOTF3dHF4ejdTVENYQldDSEt4NkU0L3BrT3FhOTZCZFBYeEwvY0o0UG1nNGFYb0JMTWNQNWE4dmFuQzhoT0M5ajJhcjF1UE01MU4zbGNTSFZZWE...

428 B
656 B

429ms
56ms

Fetch
application/json

74.119.119.139

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=m1sLtnxIQlJWOGlCa01mQ0xQVzIzcWJrY3FMVlE4azk3elFEa1RkLzZsOTF3dHF4ejdTVENYQldDSEt4NkU0L3BrT3FhOTZCZFBYeEwvY0o0UG1nNGFYb0JMTWNQNWE4dmFuQzhoT0M5ajJhcjF1UE01MU4zbGNTSFZZWEM0L3k0WW5Tc0pTNlVnUUxZYzVNUFh1d0k5WUY1TlAycmNUeXdmbUJObEdHSVFrL09xK1lYcHhlR1dqTmpoaTB1WENCZDgwMGtIM3l6MkJpeEU1OWRkT1NYQjBMN1d6eG1KSDZMQ2tueDRLT0hlSnUyT0w0bGRGZmFhNGovN2dKbDUwdGNJWmVhNFl5ejVkVU1aZGdVOG1UdVpyODlsZz09fA&cppv=2

Protocol

Server

74.119.119.139 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

2fcc0e4b73a6ee76961c7dd2a779a94f507f44cd00a070153087550dbe03650e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:44 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1299434
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:44 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=m1sLtnxIQlJWOGlCa01mQ0xQVzIzcWJrY3FMVlE4azk3elFEa1RkLzZsOTF3dHF4ejdTVENYQldDSEt4NkU0L3BrT3FhOTZCZFBYeEwvY0o0UG1nNGFYb0JMTWNQNWE4dmFuQzhoT0M5ajJhcjF1UE01MU4zbGNTSFZZWEM0L3k0WW5Tc0pTNlVnUUxZYzVNUFh1d0k5WUY1TlAycmNUeXdmbUJObEdHSVFrL09xK1lYcHhlR1dqTmpoaTB1WENCZDgwMGtIM3l6MkJpeEU1OWRkT1NYQjBMN1d6eG1KSDZMQ2tueDRLT0hlSnUyT0w0bGRGZmFhNGovN2dKbDUwdGNJWmVhNFl5ejVkVU1aZGdVOG1UdVpyODlsZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 694686
content-length: 0
expires: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame DC20 623 B
836 B 143ms
66ms Document
text/html 35.244.159.8

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash: e46ca91df4905600874c945e5098e57400893b66410ecddf73b9c153a887c141

Request headers

Referer: https://www.sweepstake.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 410
content-type: text/html
date: Thu, 15 Sep 2022 18:26:44 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

POST
H2 200 cookie_sync Show response
pb-server.ezoic.com/ 275 B
498 B 201ms
59ms XHR
application/json 52.1.231.196

General

Check archive.org

Show headers Download Go to

Full URL: https://pb-server.ezoic.com/cookie_sync
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,nobid,onemobile,onetag,pubmatic,pulsepoint,sharethrough&cb=195-0-45
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.231.196 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 73d8828126ae3435ffef589ef431c970da716ddfd04f6fc3bcdbbf0d1f54b4f0

Request headers

Referer: https://www.sweepstake.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:44 GMT
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sweepstake.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 275
expires: 0

POST
H2 200 auction Show response
pb-server.ezoic.com/openrtb2/ 231 B
462 B 317ms
178ms XHR
application/json 52.1.231.196

General

Check archive.org

Show headers Download Go to

Full URL: https://pb-server.ezoic.com/openrtb2/auction
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,nobid,onemobile,onetag,pubmatic,pulsepoint,sharethrough&cb=195-0-45
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.231.196 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7464f1d4187b92f844e6d0ceb8e3b276951d93768eb3e900d8c01ca17ac317d8

Request headers

Referer: https://www.sweepstake.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:45 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.sweepstake.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 231
expires: 0

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 5 KB
6 KB 543ms
151ms XHR
application/json 52.4.33.45

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691b20174742046e2210bface012a&pos=8a9699b701747420431021125b3b0010&cmd=bid&eidquantcast.com=P0-1747333000-1663266400381&secure=1&us_privacy=1---
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,nobid,onemobile,onetag,pubmatic,pulsepoint,sharethrough&cb=195-0-45
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.4.33.45 -, , ASN (),
Reverse DNS
Software: ATS/9.1.10.25 /
Resource Hash: 632891d966ce3fa516a9678479cd3a8920562a037a85d0ceb9b91c6703c83e90

Request headers

Referer: https://www.sweepstake.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Sep 2022 18:26:45 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.sweepstake.com
access-control-allow-credentials: true
content-length: 5500

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
463 B 490ms
99ms XHR
application/json 52.4.33.45

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691b20174742046e2210bface012a&pos=8a9691b20174742046e22111e7a80180&cmd=bid&eidquantcast.com=P0-1747333000-1663266400381&secure=1&us_privacy=1---
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,nobid,onemobile,onetag,pubmatic,pulsepoint,sharethrough&cb=195-0-45
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.4.33.45 -, , ASN (),
Reverse DNS
Software: ATS/9.1.10.25 /
Resource Hash: ecf66798705d3e1f9b94061c1e3415f3d5984162a10425a1eed388dc12f75b6e

Request headers

Referer: https://www.sweepstake.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Sep 2022 18:26:45 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.sweepstake.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
261 B 494ms
103ms XHR
application/json 52.4.33.45

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691b20174742046e2210bface012a&pos=8a9691b20174742046e221123b5701a7&cmd=bid&eidquantcast.com=P0-1747333000-1663266400381&secure=1&us_privacy=1---
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,nobid,onemobile,onetag,pubmatic,pulsepoint,sharethrough&cb=195-0-45
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.4.33.45 -, , ASN (),
Reverse DNS
Software: ATS/9.1.10.25 /
Resource Hash: 99878ce4720eeb0689cefe9827989fd2bcdb6b73a6c0219a6eff89c120df9948

Request headers

Referer: https://www.sweepstake.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Sep 2022 18:26:45 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.sweepstake.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
260 B 489ms
99ms XHR
application/json 52.4.33.45

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691b20174742046e2210bface012a&pos=8a9691b20174742046e2211210620194&cmd=bid&eidquantcast.com=P0-1747333000-1663266400381&secure=1&us_privacy=1---
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,nobid,onemobile,onetag,pubmatic,pulsepoint,sharethrough&cb=195-0-45
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.4.33.45 -, , ASN (),
Reverse DNS
Software: ATS/9.1.10.25 /
Resource Hash: 80b170aecdaa359a77ca306e13ac66fe0a5f06b344fc9c5b5d7dc480728cb15b

Request headers

Referer: https://www.sweepstake.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Sep 2022 18:26:45 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.sweepstake.com
access-control-allow-credentials: true
content-length: 62

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
118 B 449ms
84ms XHR
text/plain 104.36.115.111

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,nobid,onemobile,onetag,pubmatic,pulsepoint,sharethrough&cb=195-0-45
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sweepstake.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sweepstake.com
date: Thu, 15 Sep 2022 18:26:45 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
366 B 460ms
77ms XHR
application/json 51.222.39.185

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,nobid,onemobile,onetag,pubmatic,pulsepoint,sharethrough&cb=195-0-45

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 -, , ASN (),

Reverse DNS

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.sweepstake.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.sweepstake.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK v1 Show response
btlr.sharethrough.com/universal/ 753 B
1014 B 527ms
146ms XHR
application/json 54.204.127.33

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,nobid,onemobile,onetag,pubmatic,pulsepoint,sharethrough&cb=195-0-45
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.204.127.33 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f28c9c3b9273c15b5980d361385e2a46ae45b52e34741a904b217f8ce31e2b23

Request headers

Referer: https://www.sweepstake.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 15 Sep 2022 18:26:45 GMT
content-encoding: gzip
x-openrtb-version: 2.5
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.sweepstake.com
Cache-Control: private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 471

POST
H/1.1 200
OK v1 Show response
btlr.sharethrough.com/universal/ 739 B
994 B 553ms
173ms XHR
application/json 54.204.127.33

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,nobid,onemobile,onetag,pubmatic,pulsepoint,sharethrough&cb=195-0-45
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.204.127.33 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96eeb7b3bfd663979ec03eded7bf0e1685b35e538bf01e8aceaad2434a7409a1

Request headers

Referer: https://www.sweepstake.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 15 Sep 2022 18:26:45 GMT
content-encoding: gzip
x-openrtb-version: 2.5
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.sweepstake.com
Cache-Control: private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 451

POST
H/1.1 200
OK v1 Show response
btlr.sharethrough.com/universal/ 683 B
1 KB 535ms
155ms XHR
application/json 54.204.127.33

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,nobid,onemobile,onetag,pubmatic,pulsepoint,sharethrough&cb=195-0-45
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.204.127.33 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 26d23334081a13bc243633884a4cea142392a43fb36c253376ad40b8980f695a

Request headers

Referer: https://www.sweepstake.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 15 Sep 2022 18:26:45 GMT
content-encoding: gzip
x-openrtb-version: 2.5
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.sweepstake.com
Cache-Control: private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 482

POST
H/1.1 200
OK v1 Show response
btlr.sharethrough.com/universal/ 525 B
912 B 509ms
132ms XHR
application/json 54.204.127.33

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,nobid,onemobile,onetag,pubmatic,pulsepoint,sharethrough&cb=195-0-45
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.204.127.33 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b37c8261a67d8e8220d5c7133b8eefacd9fb1999898e2f1739e77eb55c40497d

Request headers

Referer: https://www.sweepstake.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 15 Sep 2022 18:26:45 GMT
content-encoding: gzip
x-openrtb-version: 2.5
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.sweepstake.com
Cache-Control: private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 369

POST
H2 204 ortb Show response
bid.contextweb.com/header/ 0
190 B 996ms
619ms XHR
text/plain 198.148.27.134

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb?src=prebid
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,nobid,onemobile,onetag,pubmatic,pulsepoint,sharethrough&cb=195-0-45
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.148.27.134 -, , ASN (),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sweepstake.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sweepstake.com
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
x-envoy-upstream-service-time: 552
x-no-bid-reason: Passback by decision
date: Thu, 15 Sep 2022 18:26:45 GMT
server: envoy

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 31B4 1 KB
749 B 66ms
65ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2481
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 17:45:23 GMT
etag: 48472445140208031
expires: Fri, 16 Sep 2022 17:45:23 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 823E 22 KB
8 KB 65ms
64ms Document
text/html 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 261680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 17:45:24 GMT
expires: Tue, 12 Sep 2023 17:45:24 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B5B7 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 523fa52031decb1568842a3ad41322003ec19b496ad850b19f45123c798336ff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 503 ny75r2x0
sync-tm.everesttech.net/upi/pid/ Frame DC20 0
177 B 304ms
34ms Image
text/plain 151.101.2.49

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 -, , ASN (),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:45 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1663266405.174729,VS0,VE0
x-cache: MISS
cache-control: no-cache
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-mia11363-MIA

GET
H2 200 7ebe5094-baec-e8bf-f9c7-c5d4dbf77bf1
pr-bh.ybp.yahoo.com/sync/openx/ Frame DC20 43 B
602 B 332ms
65ms Image
image/gif 2600:1f18:4e9:5a07:dc3:ed1a:ad6b:ca3d

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/7ebe5094-baec-e8bf-f9c7-c5d4dbf77bf1?gdpr=0

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a07:dc3:ed1a:ad6b:ca3d -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:45 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
content-length: 43
x-content-type-options: nosniff

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame DC20
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=ea7936d0-2a40-7af6-c810-d32124a0b6b8&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=ea7936d0-2a40-7af6-c810-d32124a0b6b8&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=84563276-a2b1-45b0-b827-2c716f93cb51&ttd_puid=ea7936d0-2a40-7af6-c810-d32124a0b6b8&gdpr=0&gdpr_consent=

43 B
62 B

98ms
52ms

Image
image/gif

35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=84563276-a2b1-45b0-b827-2c716f93cb51&ttd_puid=ea7936d0-2a40-7af6-c810-d32124a0b6b8&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H3
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:45 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:45 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=84563276-a2b1-45b0-b827-2c716f93cb51&ttd_puid=ea7936d0-2a40-7af6-c810-d32124a0b6b8&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 335

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame DC20 170 B
188 B 207ms
81ms Image
image/png 142.250.65.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzYxNmU1MWEtZTMzNy0yNDUyLWRkZjAtODk5OGVlNDI3OGQ4

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame DC20
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM50NlYvya1OH0f-DPynbvs&google_cver=1

43 B
180 B

55ms
53ms

Image
image/gif

35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM50NlYvya1OH0f-DPynbvs&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:45 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM50NlYvya1OH0f-DPynbvs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 31B4 35 B
362 B 67ms
63ms Image
image/gif 2620:116:800b:21:1456:d0e1:7db4:a56b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEByVsVnjQzWhtCIz2zN5A7Q&google_cver=1&google_push=AZmPxg8qEPEj-Do-u9oZpBgbgJCG4t7l8wFooBuxtUJZqH02_2QEFce7_vBabPj-vd5ZArcPLVUtibn9tUzl9rVVgloBXXDA_-ePRLGxo5teanMHtpkICvm4s9krAQwtIvZ1quVpbk9V_NAbNx2uVCWXjA

Requested by

Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:1456:d0e1:7db4:a56b , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:44 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 31B4
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEC4WX3HA15gAu_NxQ0jA2n0&google_cver=1&google_push=AZmPxg_8e_tPALCMPse1wPRXjuRYpZljdlAghJ7zBqiOhG7XVU3FO91...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=3cbca9ba4cc51852&is_secure=true&networkId=14000&version=1&google_gid=CAESEC4WX3HA15gAu_NxQ0jA2n0&google_cver=1&google_push=AZmPxg_8e_tP...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHEnyXSq2RZQMvpp3IAAAAAAA&expiration=1663352805&google_cver=1&is_secure=true&google_gid=CAESEC4WX3HA15gAu_NxQ0jA2...

170 B
188 B

82ms
80ms

Image
image/png

142.250.65.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHEnyXSq2RZQMvpp3IAAAAAAA&expiration=1663352805&google_cver=1&is_secure=true&google_gid=CAESEC4WX3HA15gAu_NxQ0jA2n0&google_push=AZmPxg_8e_tPALCMPse1wPRXjuRYpZljdlAghJ7zBqiOhG7XVU3FO91zDgxJWp99Mrlf-ZViA-e5fjjHIrnwyT_g4LizS-8nkJMenbypTmwkRT3KFoOg8xAXlC1PS7_8VKzsS2VAbvoPU4F6kuonx0ZJHbc

Requested by

Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.65.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:45 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHEnyXSq2RZQMvpp3IAAAAAAA&expiration=1663352805&google_cver=1&is_secure=true&google_gid=CAESEC4WX3HA15gAu_NxQ0jA2n0&google_push=AZmPxg_8e_tPALCMPse1wPRXjuRYpZljdlAghJ7zBqiOhG7XVU3FO91zDgxJWp99Mrlf-ZViA-e5fjjHIrnwyT_g4LizS-8nkJMenbypTmwkRT3KFoOg8xAXlC1PS7_8VKzsS2VAbvoPU4F6kuonx0ZJHbc
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 31B4
Redirect Chain

https://aep.mxptint.net/sn.ashx?google_gid=CAESEA3bc1f1YOuzkYnAfKminBE&google_cver=1&google_push=AZmPxg_YIDgYUXpxe1ZuCIfK_SXDxq0nFKVJv7MmK54GZe0bUy9uFrLzX6q0iBUenv7L2WpFBo1c_dDuUwdZpYXai3SAVTV6sMnL...
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AZmPxg_YIDgYUXpxe1ZuCIfK_SXDxq0nFKVJv7MmK54GZe0bUy9uFrLzX6q0iBUenv7L2WpFBo1c_dDuUwdZpYXai3SAVTV6sMnL1oRW7nxmRW8MMMq4QR5-6PxD4RK...

170 B
188 B

79ms
79ms

Image
image/png

142.250.65.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AZmPxg_YIDgYUXpxe1ZuCIfK_SXDxq0nFKVJv7MmK54GZe0bUy9uFrLzX6q0iBUenv7L2WpFBo1c_dDuUwdZpYXai3SAVTV6sMnL1oRW7nxmRW8MMMq4QR5-6PxD4RKQ7gH655eqLpLyltzZvG24oSHx5Aw&google_hm=UjFENTMwX0Y2NDI5NTRDXzcwMzNGOUFG

Requested by

Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.65.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AZmPxg_YIDgYUXpxe1ZuCIfK_SXDxq0nFKVJv7MmK54GZe0bUy9uFrLzX6q0iBUenv7L2WpFBo1c_dDuUwdZpYXai3SAVTV6sMnL1oRW7nxmRW8MMMq4QR5-6PxD4RKQ7gH655eqLpLyltzZvG24oSHx5Aw&google_hm=UjFENTMwX0Y2NDI5NTRDXzcwMzNGOUFG
Date: Thu, 15 Sep 2022 18:26:44 GMT
Cache-Control: private
P3P: CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length: 393
Strict-Transport-Security: max-age=-346253205; includeSubDomains
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 31B4
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEBp40Tp_N2m6VLoey84lHx0&google_cver=1&google_push=AZmPxg8UlY18nf3MvXXV-AvB9mS6FuBDLadzAtzFalNJIgGDKiw78cHwP6SYHcPQw8qgC0g6mRNrHL6d25hev99ZND1OR26qTJmmGS0-...
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RUU2RkMwRjNBMzVFNEEzNw==

170 B
188 B

81ms
81ms

Image
image/png

142.250.65.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RUU2RkMwRjNBMzVFNEEzNw==

Requested by

Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.65.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RUU2RkMwRjNBMzVFNEEzNw==
date: Thu, 15 Sep 2022 18:26:45 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 31B4
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEC...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg_n68T26e1wdcOnQm-LzOMVUWbQi4G7ks0uR-MrEu3EBY43rfTJu6vzqogx8ZvU-9eKJaNu4jMnIKCA2YDzGEQf3J-xBowulEX6HGdKkZLHHioPaRBeKXzJZXNG2Ve...
https://sync.targeting.unrulymedia.com/csync/RX-01793fac-0e35-46f5-918a-db25ba9bc556-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg_n68T26e1wdcOnQm-Lz...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg_n68T26e1wdcOnQm-LzOMVUWbQi4G7ks0uR-MrEu3EBY43rfTJu6vzqogx8ZvU-9eKJaNu4jMnIKCA2YDzGEQf3J-xBowulEX6HGdKkZLHHioPaRBeKXzJZXNG2Ve7Y-_q...

170 B
188 B

81ms
80ms

Image
image/png

142.250.65.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg_n68T26e1wdcOnQm-LzOMVUWbQi4G7ks0uR-MrEu3EBY43rfTJu6vzqogx8ZvU-9eKJaNu4jMnIKCA2YDzGEQf3J-xBowulEX6HGdKkZLHHioPaRBeKXzJZXNG2Ve7Y-_qhpfaS6i1DjVxbfa2DS8&google_hm=BQF5P6wONUb1kYrbJbqbxVY

Protocol

Server

142.250.65.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg_n68T26e1wdcOnQm-LzOMVUWbQi4G7ks0uR-MrEu3EBY43rfTJu6vzqogx8ZvU-9eKJaNu4jMnIKCA2YDzGEQf3J-xBowulEX6HGdKkZLHHioPaRBeKXzJZXNG2Ve7Y-_qhpfaS6i1DjVxbfa2DS8&google_hm=BQF5P6wONUb1kYrbJbqbxVY
Date: Thu, 15 Sep 2022 18:26:45 GMT
Connection: keep-alive
Content-Type: text/html
ETag: RX01793fac0e3546f5918adb25ba9bc556005
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 31B4
Redirect Chain

https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEM_OXdjdQa0sKc8qGPWdErw&google_cver=1&google_push=AZmPxg-UZ2lDCMARp1VY03jSosF44AwfgJpManvlKSJHs5WGZt0ra1vDrvnJIPhsL_dVOX8eHTgE1TVF58mdRS_rVnnc6...
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Demx_eb%26google_hm%3DNTM1MTE2NjMyNjY0MDUyMDE0NzdhMw%3D%3D&b6...
https://cs.emxdgt.com/umcheck?apnxid=71780353587440864&redirect=https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTM1MTE2NjMyNjY0MDUyMDE0NzdhMw==&b64_redirect=aHR0cHM6Ly9jbS5nLmRvdWJs...
https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTM1MTE2NjMyNjY0MDUyMDE0NzdhMw==

170 B
188 B

82ms
79ms

Image
image/png

142.250.65.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTM1MTE2NjMyNjY0MDUyMDE0NzdhMw==

Requested by

Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.65.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTM1MTE2NjMyNjY0MDUyMDE0NzdhMw==
date: Thu, 15 Sep 2022 18:26:44 GMT
content-length: 0
content-type: text/html

GET
H/1.1

200
OK

/
b1sync.zemanta.com/usersync/googleadx/ Frame 31B4
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEIqDFPRh6zCqr-CV28A6kZQ&google_cver=1&google_push=AZmPxg9bpHbfiAHA8_Yf5K2-j949oTA4GlUNXYW8cKBzIjIJ4-HtQZDuqDygDPVHUvSC0sp8S3BiUJ0rN7yku...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEIqDFPRh6zCqr-CV28A6kZQ&google_push=AZmPxg9bpHbfiAHA8_Yf5K2-j949oTA4GlUNXYW8cKBzIjIJ4-HtQZDuqDygDPVHUvSC0sp8S3BiUJ0rN7yku...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9bpHbfiAHA8_Yf5K2-j949oTA4GlUNXYW8cKBzIjIJ4-HtQZDuqDygDPVHUvSC0sp8S3BiUJ0rN7ykuwNTll8ohhF_w_TT8Hff6MTUwzhRWxbAGOoVpl9ocRzk4KX...
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5

26 B
127 B

65ms
64ms

Image
image/gif

64.202.112.63

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Requested by: Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 64.202.112.63 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 15 Sep 2022 18:26:45 GMT
Content-Length: 26
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 258
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 31B4 0
12 B 204ms
82ms Image
text/html 142.250.65.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JXY5OETKVO7x1jYr3igl_jRNhfELGYtYYw-Iubztewk-elD3tMnj3HC-Vd-VGtj91vQ6BswY0

Requested by

Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js Show response
pagead2.googlesyndication.com/bg/ Frame 823E 36 KB
16 KB 65ms
65ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e410671658d1dc6f18d8bb5750b4099bd16eff40d2f57ac64a367c0ae27e4928

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 05:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 218069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16025
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Sep 2023 05:52:15 GMT

GET

SPug
image4.pubmatic.com/AdServer/
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=1---&cb=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjEyOTQ2Q0MtNDZGOS00MjgyLUJDRDAtRUZCNTIxQTE3QUM5&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F399%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Df4a97b0c-26e8-4f62-bf60-3d819e05a3...

0
0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B5B7 0
26 B 213ms
86ms Ping
image/gif 142.250.65.194

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Sep 2022 18:26:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame B5B7
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1042606/63588122/4.js?ias_dspID=3&ias_campId=28355840&ias_pubId=pub-6396844742497208&ias_chanId=1&ias_placementId=17161437572&bidurl=https://www.sweepstake.com...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

200ms
97ms

Script
application/javascript

2600:9000:21dd:6c00:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:21dd:6c00:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 15:30:47 GMT
content-encoding: gzip
age: 269759
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 12 Sep 2022 15:30:27 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
x-amz-version-id: 3XSF7PVxprOH5CcOf2Zt0hyjiL5I.3gC
via: 1.1 dd50f5bdd8da1cdd9e698cc2d6f8e828.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: EWR53-C2
content-type: application/javascript
x-amz-cf-id: q8AoBhKhZ2GbqrI50qt6oVnrnh2pGfYfCh2ksBTyyJZqzYpEX8tCPw==

Redirect headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:45 GMT
x-server-name: app03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 37C9 80 KB
21 KB 258ms
76ms Script
application/javascript 2600:9000:21dd:6c00:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:6c00:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: en-US,en;q=0.9
Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 06:50:21 GMT
content-encoding: gzip
age: 7990585
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 dd50f5bdd8da1cdd9e698cc2d6f8e828.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: EWR53-C2
content-type: application/javascript
x-amz-cf-id: -ox5bCqUaOpZ0rBHaqsQxQpRxPvTpiNnH8-uEFZa-S4Qk5WWNHFZuQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B5B7 43 B
215 B 366ms
118ms Image
image/gif 2600:1f13:800:7780:8036:fe64:f036:acd6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1042606&asId=bd3cfb09-261a-2e84-b7df-a04bfbf18731&tv=%7Bc:ojdHPm,pingTime:-3,time:52,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:20%7D,%7Bpiv:0,vs:o,r:l,t:51%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:52,n:50,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B45~1,0~0%5D,as:%5B45~728.90%5D%7D%7D,%7Bsl:o,t:50,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thwQkAE+11%7C12%7C13*.1042606-63588122%7C131%7C132%7C133%7C14%7C15,idMap:13*,rmeas:1,rend:1,renddet:IMG.qs,siq:21%7D&br=c
Requested by: Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:8036:fe64:f036:acd6 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:45 GMT
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B5B7 43 B
216 B 359ms
115ms Image
image/gif 2600:1f13:800:7780:8036:fe64:f036:acd6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1042606&asId=bd3cfb09-261a-2e84-b7df-a04bfbf18731&tv=%7Bc:ojdHPn,pingTime:-6,time:53,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:53,n:50,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B45~1,0~0%5D,as:%5B45~728.90%5D%7D%7D,%7Bsl:o,t:50,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thwQkAE+11%7C12%7C13*.1042606-63588122%7C131%7C132%7C133%7C14%7C15,idMap:13*,rmeas:1,rend:1,renddet:IMG.qs,siq:21%7D&tpiLookup=ao:www.sweepstake.com*&br=c
Requested by: Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:8036:fe64:f036:acd6 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:45 GMT
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B5B7 43 B
215 B 357ms
117ms Image
image/gif 2600:1f13:800:7780:8036:fe64:f036:acd6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1042606&asId=bd3cfb09-261a-2e84-b7df-a04bfbf18731&tv=%7Bc:ojdHPv,pingTime:-2,time:61,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:788,beZ:789,mfA:791,cmA:792,inA:793,inZ:797,prA:797,prZ:802,si:809,poA:810,poZ:836,cmZ:836,mfZ:836,loA:841,loZ:844,ltA:848,ltZ:849%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:20%7D,%7Bpiv:0,vs:o,r:l,t:51%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:61,n:50,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B45~1,0~0%5D,as:%5B45~728.90%5D%7D%7D,%7Bsl:o,t:50,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B10~0%5D,as:%5B10~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thwQkAE+11%7C12%7C13*.1042606-63588122%7C131%7C132%7C133%7C14%7C15,idMap:13*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:21,sinceFw:39,readyFired:true%7D&br=c
Requested by: Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:8036:fe64:f036:acd6 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:45 GMT
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 87ms
86ms Script
application/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sweepstake.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Sep 2022 18:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 918 B
426 B 610ms
610ms XHR
text/plain 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=637597873105962&correlator=990780215067671&eid=31068500%2C31068929%2C31068529%2C31067826&output=ldjh&gdfp_req=1&vrg=2022091201&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A10705829087%2Csweepstake_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=10&adks=407620194&sfv=1-0-38&ris=2&rcs=2&fsapi=false&prev_scp=a%3D%257C0%257C%26iid1%3D1219289573162759%26eid%3D1219289573162759%26t%3D134%26d%3D336327%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod67-c%26ic%3D3%26at%3Dmbf%26adr%3D398%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dsweepstake_com-box-2-1219289573162759%26eb_br%3Dc16fac08e79a971524b1c6834f5caad3%26eba%3D1%26ebss%3D10061%2C10063%26asau%3D2038571177%26bv%3D18%26bvm%3D0%26bvr%3D8%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D280%26br2%3D350%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C168%2C0%2C4%2C0%2C193%2C196%2C20%2C71%2C30%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2339%2C3430%2C3458%2C3460%2C3683%2C3676%2C14%2C15%2C16%2C2310%2C2765%2C3054%2C3455%2C3456%2C3457%2C3682%2C10%2C11%2C12%2C13%2C20%2C2310%2C2526%2C2527%2C2764%2C2765%2C3054%2C3455%2C3456%2C3457%2C3682%2C3684%2C9%2C10%2C11%2C12%2C13%26lb%3D400%26reqt%3D1663266404099&eri=1&sc=1&cookie=ID%3D857a339d9b7e2a5e%3AT%3D1663266400%3AS%3DALNI_MZ1K4AXMg9V4M3sPUIW2TPDPzK8Og&gpic=UID%3D00000575aacc0478%3AT%3D1663266400%3ART%3D1663266400%3AS%3DALNI_MYup5V-2moTy8eIlXezCvH-Mju1VQ&abxe=1&dt=1663266405109&lmt=1663266405&dlt=1663266399703&idt=543&adxs=315&adys=142&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sweepstake.com%2F&frm=20&vis=1&psz=1170x90&msz=970x90&fws=0&ohw=0&psts=APxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=2102761771.1663266400&ga_sid=1663266400&ga_hid=464245169&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YlfGck7QwSABSAghvEhkKCnB1YmNpZC5vcmcYm_Kck7QwSABSAghqEsIBCghydGJob3VzZRKsAWtlMzh4MzZ1TVM2eUx6S1JDc0VhWDdTRk1zZXUveTRvTmhBcVlpcVBHbm9BdG1iNEJUNWNENkRKcGU1NW5QVjY5QVB1K3N0b21LRVl4a1FiZzRZSFhpTW9zWkpRVzlFMWUzVlJ6aVA4TThtWTFJRnVtb1RaWGlGVFNTREkyMmhSY2JzK3g1V3V0bjZzcE1EOEkyem1paEJIeGVQUHhaek5WelU5UnhaMEtETT0YhPSck7QwSAASPgoFb3BlbngSLGV5SnBJam9pVDJSVlNtbFpVRWhTVVVkVGVHaDJTbEZKWlVaU1VUMDlJbjA9GPXynJO0MEgAEhsKDGlkNS1zeW5jLmNvbRiA9JyTtDBIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax30s03-in-f2.1e100.net

Software

cafe /

Resource Hash

0f56d3b7e8d1396f235e0c0eea6c4c89039f27af40d9f76c893025ee4cd8ef01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 397
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sweepstake.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 928 B
437 B 577ms
577ms XHR
text/plain 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=637597873105962&correlator=2175431713156416&eid=31068500%2C31068929%2C31068529%2C31067826&output=ldjh&gdfp_req=1&vrg=2022091201&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A10705829087%2Csweepstake_com-medrectangle-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=580x400&ifi=11&adks=1914102123&sfv=1-0-38&ris=2&rcs=2&fsapi=false&prev_scp=a%3D%257C0%257C%26iid1%3D8529099445095412%26eid%3D8529099445095412%26t%3D134%26d%3D336327%26t1%3D134%26pvc%3D0%26ap%3D1021%26sap%3D1320%26as%3Drevenue%26plat%3D1%26bra%3Dmod67-c%26ic%3D3%26at%3Dmbf%26adr%3D398%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Dsweepstake_com-medrectangle-3-8529099445095412%26eb_br%3Dc16fac08e79a971524b1c6834f5caad3%26eba%3D1%26ebss%3D10061%2C10063%26asau%3D2038571177%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D280%26br2%3D400%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C168%2C0%2C67%2C0%2C168%2C168%2C168%2C157%2C201%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C1794%2C3430%2C3458%2C3460%2C3683%2C3676%2C15%2C16%2C2339%2C3054%2C3455%2C3456%2C3457%2C3682%2C11%2C12%2C13%2C14%2C20%2C2310%2C2339%2C2526%2C2527%2C2764%2C2765%2C3054%2C3455%2C3456%2C3457%2C3682%2C3684%2C9%2C10%2C11%2C12%2C13%2C14%26lb%3D400%26reqt%3D1663266404155&eri=1&sc=1&cookie=ID%3D857a339d9b7e2a5e%3AT%3D1663266400%3AS%3DALNI_MZ1K4AXMg9V4M3sPUIW2TPDPzK8Og&gpic=UID%3D00000575aacc0478%3AT%3D1663266400%3ART%3D1663266400%3AS%3DALNI_MYup5V-2moTy8eIlXezCvH-Mju1VQ&abxe=1&dt=1663266405183&lmt=1663266405&dlt=1663266399703&idt=543&adxs=510&adys=1222&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sweepstake.com%2F&frm=20&vis=1&psz=1170x400&msz=580x400&fws=0&ohw=0&psts=APxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=2102761771.1663266400&ga_sid=1663266400&ga_hid=464245169&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YlfGck7QwSABSAghvEhkKCnB1YmNpZC5vcmcYm_Kck7QwSABSAghqEsIBCghydGJob3VzZRKsAWtlMzh4MzZ1TVM2eUx6S1JDc0VhWDdTRk1zZXUveTRvTmhBcVlpcVBHbm9BdG1iNEJUNWNENkRKcGU1NW5QVjY5QVB1K3N0b21LRVl4a1FiZzRZSFhpTW9zWkpRVzlFMWUzVlJ6aVA4TThtWTFJRnVtb1RaWGlGVFNTREkyMmhSY2JzK3g1V3V0bjZzcE1EOEkyem1paEJIeGVQUHhaek5WelU5UnhaMEtETT0YhPSck7QwSAASPgoFb3BlbngSLGV5SnBJam9pVDJSVlNtbFpVRWhTVVVkVGVHaDJTbEZKWlVaU1VUMDlJbjA9GPXynJO0MEgAEhsKDGlkNS1zeW5jLmNvbRiA9JyTtDBIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax30s03-in-f2.1e100.net

Software

cafe /

Resource Hash

815652be3eac17416a06a5e802a7857982f744c6ee04b60a1e5f16eba7e05ff7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 408
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sweepstake.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5FC3 6 KB
3 KB 65ms
64ms Document
text/html 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sweepstake.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 18:26:40 GMT
expires: Fri, 15 Sep 2023 18:26:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 army.gif Show response
www.sweepstake.com/porpoiseant/ 0
16 B 63ms
60ms XHR
text/plain 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sweepstake.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzI1NzQ3NDkxMzEzMzYwNCIsImRvbWFpbl9pZCI6IjMzNjMyNyIsInVuaXQiOiJzd2VlcHN0YWtlX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjYzMjY2Mzk5LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIxZTRlMDkwMC04ZThhLTRjMGQtNWUyYS03OTA3NjY1ODQ1NmMiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjMifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjcyNTc0NzQ5MTMxMzM2MDQiLCJkb21haW5faWQiOiIzMzYzMjciLCJ1bml0Ijoic3dlZXBzdGFrZV9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY2MzI2NjM5OSwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiMWU0ZTA5MDAtOGU4YS00YzBkLTVlMmEtNzkwNzY2NTg0NTZjIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6ImVtcHR5In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI3MjU3NDc0OTEzMTMzNjA0IiwiZG9tYWluX2lkIjoiMzM2MzI3IiwidW5pdCI6InN3ZWVwc3Rha2VfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2NjMyNjYzOTksInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjA1NSwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjA1NSwiYmlkX2Zsb29yX3ByZXYiOjAuMDYsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6IjFlNGUwOTAwLThlOGEtNGMwZC01ZTJhLTc5MDc2NjU4NDU2YyIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI3MjU3NDc0OTEzMTMzNjA0IiwiZG9tYWluX2lkIjoiMzM2MzI3IiwidW5pdCI6InN3ZWVwc3Rha2VfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2NjMyNjYzOTksImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6IjFlNGUwOTAwLThlOGEtNGMwZC01ZTJhLTc5MDc2NjU4NDU2YyIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDAzNDQ4MyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzI1NzQ3NDkxMzEzMzYwNCIsImRvbWFpbl9pZCI6IjMzNjMyNyIsInVuaXQiOiJzd2VlcHN0YWtlX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjYzMjY2Mzk5LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIxZTRlMDkwMC04ZThhLTRjMGQtNWUyYS03OTA3NjY1ODQ1NmMiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: www.sweepstake.com
URL: https://www.sweepstake.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1fx21x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-60-16.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Thu, 15 Sep 2022 18:26:45 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
server: nginx
vary: Accept-Encoding
expires: Wed, 14 Sep 2022 18:26:45 GMT

GET
H2 204 army.gif Show response
www.sweepstake.com/porpoiseant/ 0
16 B 63ms
60ms XHR
text/plain 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sweepstake.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzI1NzQ3NDkxMzEzMzYwNCIsImRvbWFpbl9pZCI6IjMzNjMyNyIsInVuaXQiOiJzd2VlcHN0YWtlX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjYzMjY2Mzk5LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIxZTRlMDkwMC04ZThhLTRjMGQtNWUyYS03OTA3NjY1ODQ1NmMiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMi0wOS0xNSJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjE4In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: www.sweepstake.com
URL: https://www.sweepstake.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1fx21x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-60-16.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Thu, 15 Sep 2022 18:26:45 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
server: nginx
vary: Accept-Encoding
expires: Wed, 14 Sep 2022 18:26:44 GMT

POST
H2 204 army.gif
www.sweepstake.com/porpoiseant/ 0
16 B 65ms
64ms Ping
text/plain 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sweepstake.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNzI1NzQ3NDkxMzEzMzYwNCIsImRvbWFpbl9pZCI6IjMzNjMyNyIsInVuaXQiOiJzd2VlcHN0YWtlX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjYzMjY2Mzk5LCJhdWN0aW9uX2Vwb2NoIjoxNjYzMjY2NDA1LCJhZF9wb3NpdGlvbiI6OTk5OSwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6IjFlNGUwOTAwLThlOGEtNGMwZC01ZTJhLTc5MDc2NjU4NDU2YyIsImJpZF9mbG9vcl9pbml0aWFsIjo3MDAwLCJiaWRfZmxvb3JfcHJldiI6NjAwMCwiYmlkX2Zsb29yX2ZpbGxlZCI6NTUwMCwiYXVjdGlvbl9jb3VudCI6MywicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6ODg4LCJtdWx0aV9hZF91bml0IjpudWxsLCJtdWx0aV9hZF9jb3VudCI6bnVsbCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
Requested by: Host: www.sweepstake.com
URL: https://www.sweepstake.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1fx21x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-60-16.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: https://www.sweepstake.com
x-middleton-display: ezp_sol
date: Thu, 15 Sep 2022 18:26:44 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Wed, 14 Sep 2022 18:26:44 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 823E 0
20 B 130ms
129ms Image
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BN0siZG4jY4iPIeGaoPMP2eyCwAwAAAAAOAHgBAI&bg=!7u2l7anNAAbG3AOo5tw7ACkAdvg8Wnt6gdkGvNo-hQKYWspuozj4wnRZOOxcVjTm-S70ZlxAZL_RFgIAAACbUgAAAAJoAQcKAA4PYFeA5qeXenpaUWSBfZkDLhFyWOAgEo0ZkiqlwEQ_A9u4TQ1rn7lgYHrxi95ZR2Vf5p5BAdkB4TBorwi3tE59PHc5dRQh2Lgm3KdjiS_UjHKvQSLF3765qVRqD42YK07_11oxUfx9pCZO2m0QpjULvJR7BM5kgVDdWC0VnA9t0qVy9PvB086dRJ4PUyQ9KsojTvvWtL0N7DTIRuDrFIEMXcyiCgtYODI8rLKheSI8wc39fj7NScwApGKLSbuovW0t-i9VKgL-jgwUeQWwuDrjHj8WGWkKaNdwbZNUYzka0l2oIgtvn2-YW5OonDJ5P4ZRKl_eLXCZE75kPKw4pwHYVTkFW43RFFX6cRNK5hv1wlUCWa_1y9xYbb8giNAlEefYha1AMyxYn5w491R5V7r3rcVxCjJmokM0cxnIS-OXoKZvNFiL3cWcDRUUD9YuUaDI_bn_v9AuBi0vGKKN1qVwABpbjaPHJIXJoqSHCbe6G2sTAyaE1Qsaha9k5oSOjwrw-O4X0u1X74BsjoMD1RYuO9w7qMF2OgFFnIcNAljPHGiuDIlboBppKE0yLiA8sni7sIlY_0V37C7K0sfc_a6UBCmUHBk6LdqChqnIlUMo_GfCRAGhRk9h-VGubOClQh53SqyES4PeKh2MbF0TaVyFdNT05a2t_Q6D6du8pvMVZnRe2wHVXHcDf6op79HzVf5sRRRzsPRG9BEt_Z2yXpiWE7bOhUAE9iDHXksXZdy12wkRs7gfInfEm_kXakP28W4O3Xyi3HHcgIYmmmx4ohQRkIRCATH9JTHs4aBIT36rzmwGtYTRjJVFRmT8PjyfPztFubVKWzs6m9Dtr-1R0sW8j-dn4PV3yClRllpcfk3RFRWXEn_tBcYtjcGA4h5qZNpjbglBk6AuxlmLqszXGrcSYL-9e4LY6_sXkrcOIFTPZyez3NMzcZvJJ4-kRKxDfMJrVGA28Pn62bJfIqrrGGsQWW2oA1avZQ7RUpeLeeSX29GZZ3fvP-JBeloOOTRqqiVFVLOKxwL_hCfNaD5EtENBG_KWxK_4YF5uTJDcXYOiCUfxCTG_QkOQg9Uwfj1jI1CAKAad4FZ-uxfBTaXdvwk

Requested by

Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 5FC3 4 KB
1 KB 219ms
79ms Stylesheet
text/css 2607:f8b0:4006:808::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 18:05:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 15 Sep 2022 18:26:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Sep 2022 18:26:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E6C4 8 KB
966 B 188ms
81ms Stylesheet
text/css 2607:f8b0:4006:808::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 16:55:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 15 Sep 2022 18:26:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Sep 2022 18:26:45 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame E6C4 2 KB
904 B 99ms
94ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 16:11:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 16:11:03 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame E6C4 23 KB
9 KB 69ms
64ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite_fy2021.js

Requested by

Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:24:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9550
x-xss-protection: 0
server: cafe
etag: 715955199520789971
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 18:24:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame E6C4 3 KB
1 KB 97ms
93ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js

Requested by

Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 18:21:45 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame E6C4 17 KB
7 KB 74ms
70ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:23:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 18:23:41 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E6C4 0
0 86ms
82ms Image
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQlB9pDtppNtokHTswNLujR5QTruqd5bIY7WB5bSZpZ6XvQL0eIcOBAeZCIZI7mCIiVXu_2WohEunhYg0Pp7dLsQwkjaA
Requested by: Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E6C4 141 KB
44 KB 260ms
121ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Sep 2022 18:26:45 GMT

GET
H2 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame E6C4 33 KB
14 KB 207ms
67ms Script
text/javascript 2607:f8b0:4006:80c::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:53:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 21:57:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 15:53:01 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/ Frame 5FC3 19 KB
8 KB 79ms
76ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a29ee7f631d3e9d0982fb25160454b11de5bcebfb7197decf36bd4e735091644

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 00:18:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65281
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8202
x-xss-protection: 0
server: cafe
etag: 12420716543898108158
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 00:18:44 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5FC3 205 B
520 B 222ms
82ms Image
image/png 2607:f8b0:4006:80c::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 22:40:56 GMT
x-content-type-options: nosniff
age: 243949
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 12 Sep 2023 22:40:56 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5FC3 604 B
696 B 224ms
84ms Image
image/png 2607:f8b0:4006:80c::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 00:11:42 GMT
x-content-type-options: nosniff
age: 411303
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 11 Sep 2023 00:11:42 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3897 1 KB
749 B 71ms
65ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2482
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 17:45:23 GMT
etag: 48472445140208031
expires: Fri, 16 Sep 2022 17:45:23 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 3897
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAVOlH3TkbFQh5nmD02CScE&google_cver=1&google_push=AZmPxg_4uxDQgtSiz_sZKtNJTcFkmqwKTRDqZqNIPbKJWB8dAO_nsiarNSAO6k9ALMFM65vBOn4v8geIdUx58QDiM050dAdEVrL1O...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODEyMzgyNTEyMzcyMDI4ODUyNA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAVOlH3TkbFQh5nmD02CScE&google_cver=1

0
0

GET

1
cr-p1.ladsp.com/cookiesender/ Frame 3897
Redirect Chain

https://cr-p1.ladsp.com/cookiesender/1?google_push=AZmPxg9b2919bAZzDzIwqeGNgeiaEwhjB0ACmoK___58sMpBkiawATzShkLiP1843AcQD-YxZxRGBFnswbE1rb8dotRkyWf-TASymTZdVig1qtZZZp9pRXD-qzHDYuHRc51I6VHecaFe6x9JFp...
https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AZmPxg9b2919bAZzDzIwqeGNgeiaEwhjB0ACmoK___58sMpBkiawATzShkLiP1843AcQD-YxZxRGBFnswbE1rb8dotRkyWf-TASymTZdVig1qtZZZp9pRXD-qzHDYuHRc51I6VHeca...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3897
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEM6FFITgp-tFp2yQCD3KUWI&google_cver=1&google_push=AZmPxg8N13bTjJ0Uz_58-nXxtBgVLDdCDr0KIUd3jFA42MG3OHztzduPANVN5eWP0Z1i8GbSeN9B4nxrP9KWaq3qfhGyShhFlQ9B35nY...
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RUU2RkMwRjNBMzVFNEEzNw==

170 B
188 B

83ms
80ms

Image
image/png

142.250.65.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RUU2RkMwRjNBMzVFNEEzNw==

Requested by

Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.65.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RUU2RkMwRjNBMzVFNEEzNw==
date: Thu, 15 Sep 2022 18:26:45 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3897
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEAU2e2SGdOT2KvgIB2QAfiA&google_cver=1&google_push=AZmPxg_v4b21ZNvoo2qEFvFgpS1tVaT4PvMcgBlVRxz94U0xjEpKnuZ2RSqBQlz10-_3N2laUq_vT3rOUyuLZ...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg_v4b21ZNvoo2qEFvFgpS1tVaT4PvMcgBlVRxz94U0xjEpKnuZ2RSqBQlz10-_3N2laUq_vT3rOUyuLZrE-gtkRJeZT4PZh-UMk21K3-CvoADk7rBy5v3p_1e3ws67...

170 B
188 B

82ms
78ms

Image
image/png

142.250.65.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg_v4b21ZNvoo2qEFvFgpS1tVaT4PvMcgBlVRxz94U0xjEpKnuZ2RSqBQlz10-_3N2laUq_vT3rOUyuLZrE-gtkRJeZT4PZh-UMk21K3-CvoADk7rBy5v3p_1e3ws67DFvsOfHm1lNtxIs6pacYfTQ&google_hm=bUhMR2otSVpRSGR5MHgydGdmNC0=

Requested by

Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.65.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 15 Sep 2022 18:26:45 GMT
P3p: CP="We do not support P3P header."
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg_v4b21ZNvoo2qEFvFgpS1tVaT4PvMcgBlVRxz94U0xjEpKnuZ2RSqBQlz10-_3N2laUq_vT3rOUyuLZrE-gtkRJeZT4PZh-UMk21K3-CvoADk7rBy5v3p_1e3ws67DFvsOfHm1lNtxIs6pacYfTQ&google_hm=bUhMR2otSVpRSGR5MHgydGdmNC0=
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 290
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3897
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAZmPxg_JLdQ9zusT2mxa0Ld330RfD1vTntKiak_pbdVIjHzPwd2FdLATUtU5J6OgSBGinFFHAbGtR4ZlSS...
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AZmPxg_JLdQ9zusT2mxa0Ld330RfD1vTntKiak_pbdVIjHzPwd2FdLATUtU5J6OgSBGinFFHAbGtR4ZlSSXARAfRwixGZW-jaiaMJywA7XMxxYmFn5xt5S50xiQxeaK4RYVz...

170 B
188 B

81ms
80ms

Image
image/png

142.250.65.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AZmPxg_JLdQ9zusT2mxa0Ld330RfD1vTntKiak_pbdVIjHzPwd2FdLATUtU5J6OgSBGinFFHAbGtR4ZlSSXARAfRwixGZW-jaiaMJywA7XMxxYmFn5xt5S50xiQxeaK4RYVz0xn-fmSY1j4mhYvZjDJDbw&google_hm=bad80289-3d0d-4ad8-b1a5-8e59fc65e75f

Protocol

Server

142.250.65.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 15 Sep 2022 18:26:45 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-159
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AZmPxg_JLdQ9zusT2mxa0Ld330RfD1vTntKiak_pbdVIjHzPwd2FdLATUtU5J6OgSBGinFFHAbGtR4ZlSSXARAfRwixGZW-jaiaMJywA7XMxxYmFn5xt5S50xiQxeaK4RYVz0xn-fmSY1j4mhYvZjDJDbw&google_hm=bad80289-3d0d-4ad8-b1a5-8e59fc65e75f
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3897
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEF9q_-ml_nEah01NbzrKAMI&google_cver=1&google_push=AZmPxg9SROMkbhca0p2W_nOcpENE-pS2cMvFO2MXWIMh1OkKR-XhXAZiNAyCPdHzw0u8YqGEpSZIf9vvSLb1CkSYbXr-p4fwP-v...
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg9SROMkbhca0p2W_nOcpENE-pS2cMvFO2MXWIMh1OkKR-XhXAZiNAyCPdHzw0u8YqGEpSZIf9vvSLb1CkSYbXr-p4fwP-vlm-0ieOuDLZcC_Gk7o2m_cml4GFikg_l...

170 B
188 B

80ms
79ms

Image
image/png

142.250.65.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg9SROMkbhca0p2W_nOcpENE-pS2cMvFO2MXWIMh1OkKR-XhXAZiNAyCPdHzw0u8YqGEpSZIf9vvSLb1CkSYbXr-p4fwP-vlm-0ieOuDLZcC_Gk7o2m_cml4GFikg_lg6b0gbcdtFi0iIck2XYLOiQ&google_hm=Z2ZlMzZiMTViYWJlZjY0MzVmYmM=

Protocol

Server

142.250.65.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:45 GMT
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg9SROMkbhca0p2W_nOcpENE-pS2cMvFO2MXWIMh1OkKR-XhXAZiNAyCPdHzw0u8YqGEpSZIf9vvSLb1CkSYbXr-p4fwP-vlm-0ieOuDLZcC_Gk7o2m_cml4GFikg_lg6b0gbcdtFi0iIck2XYLOiQ&google_hm=Z2ZlMzZiMTViYWJlZjY0MzVmYmM=
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 3897
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMYVblTR0TFa-uzIJOjeV0c&google_cver=1&google_push=AZmPxg8f8Y-YHPBVmxN80kQPlYkFQR5Kk775Kenoh-lj6Y_ivQdWECt55RcEDd4ZlXjUg7oGmoKA_ZCizpe...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8f8Y-YHPBVmxN80kQPlYkFQR5Kk775Kenoh-lj6Y_ivQdWECt55RcEDd4ZlXjUg7oGmoKA_ZCizpeD_YXMkvF7n5reckgYUQi9deW0eohO3lLKd1Ij...
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

73ms
73ms

Image
text/plain

51.222.39.185

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Protocol

Server

51.222.39.185 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3897 0
12 B 80ms
78ms Image
text/html 142.250.65.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LjMs3N8V0k5jQ2XWdwZYKsHwzgAx3MtFDdJD01PFqFNeuzYvpvnBu-LBL_uVSlOnN4RUK9Jw

Requested by

Host: 777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
URL: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:26:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 army.gif Show response
www.sweepstake.com/porpoiseant/ 0
39 B 63ms
59ms XHR
text/plain 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sweepstake.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTIxOTI4OTU3MzE2Mjc1OSIsImRvbWFpbl9pZCI6IjMzNjMyNyIsInVuaXQiOiJkaXYtZ3B0LWFkLXN3ZWVwc3Rha2VfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjYzMjY2Mzk5LCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIxZTRlMDkwMC04ZThhLTRjMGQtNWUyYS03OTA3NjY1ODQ1NmMiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMjIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijg1MjkwOTk0NDUwOTU0MTIiLCJkb21haW5faWQiOiIzMzYzMjciLCJ1bml0IjoiZGl2LWdwdC1hZC1zd2VlcHN0YWtlX2NvbS1tZWRyZWN0YW5nbGUtMy0wIiwidF9lcG9jaCI6MTY2MzI2NjM5OSwiYWRfcG9zaXRpb24iOjEwMjEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiMWU0ZTA5MDAtOGU4YS00YzBkLTVlMmEtNzkwNzY2NTg0NTZjIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjI4MCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTYzMTU3OTY0MTExNjU4MSIsImRvbWFpbl9pZCI6IjMzNjMyNyIsInVuaXQiOiJkaXYtZ3B0LWFkLXN3ZWVwc3Rha2VfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjYzMjY2Mzk5LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIxZTRlMDkwMC04ZThhLTRjMGQtNWUyYS03OTA3NjY1ODQ1NmMiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDgzLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMjY3In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: www.sweepstake.com
URL: https://www.sweepstake.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1fx21x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-60-16.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Thu, 15 Sep 2022 18:26:45 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
server: nginx
vary: Accept-Encoding
expires: Wed, 14 Sep 2022 18:26:46 GMT

GET
H2 204 army.gif Show response
www.sweepstake.com/porpoiseant/ 0
16 B 65ms
60ms XHR
text/plain 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sweepstake.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTIxOTI4OTU3MzE2Mjc1OSIsImRvbWFpbl9pZCI6IjMzNjMyNyIsInVuaXQiOiJkaXYtZ3B0LWFkLXN3ZWVwc3Rha2VfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjYzMjY2Mzk5LCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIxZTRlMDkwMC04ZThhLTRjMGQtNWUyYS03OTA3NjY1ODQ1NmMiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIzMTUifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjE0MiJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijg1MjkwOTk0NDUwOTU0MTIiLCJkb21haW5faWQiOiIzMzYzMjciLCJ1bml0IjoiZGl2LWdwdC1hZC1zd2VlcHN0YWtlX2NvbS1tZWRyZWN0YW5nbGUtMy0wIiwidF9lcG9jaCI6MTY2MzI2NjM5OSwiYWRfcG9zaXRpb24iOjEwMjEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiMWU0ZTA5MDAtOGU4YS00YzBkLTVlMmEtNzkwNzY2NTg0NTZjIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiNTEwIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxMjIyIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTYzMTU3OTY0MTExNjU4MSIsImRvbWFpbl9pZCI6IjMzNjMyNyIsInVuaXQiOiJkaXYtZ3B0LWFkLXN3ZWVwc3Rha2VfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjYzMjY2Mzk5LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIxZTRlMDkwMC04ZThhLTRjMGQtNWUyYS03OTA3NjY1ODQ1NmMiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDgzLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIwIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxMTA0In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJ0cnVlIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: www.sweepstake.com
URL: https://www.sweepstake.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1fx21x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-60-16.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Thu, 15 Sep 2022 18:26:45 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
server: nginx
vary: Accept-Encoding
expires: Wed, 14 Sep 2022 18:26:45 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B5B7 43 B
215 B 117ms
115ms Image
image/gif 2600:1f13:800:7780:8036:fe64:f036:acd6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1042606&asId=bd3cfb09-261a-2e84-b7df-a04bfbf18731&tv=%7Bc:ojdHZ8,pingTime:-10,time:658,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuMTI1IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1663266405697%7C%7C4d89bf1feb89f1b2395fc6451b38e6e3%7C%7Ca6d005963b3621e7f0de2da18354c282%7C%7C87fb981f23099bd19d7900fa5b865e5d%7C%7Cc9ac199b54d4774ca44d1e8ae1c702e3%7C%7C88f7b98820658441eae3cb98dd3ba415%7C%7C21ff826263658b7a37ab5aac4b051214%7C%7Cd16f446118aa71ad879e09fa8a5adc37%7C%7C1629390669%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:8036:fe64:f036:acd6 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 18:26:45 GMT
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js Show response
pagead2.googlesyndication.com/bg/ Frame DBEF 36 KB
16 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js

Requested by

Host: www.sweepstake.com
URL: https://www.sweepstake.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16105
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 19:21:22 GMT

GET
H2 204 army.gif Show response
www.sweepstake.com/porpoiseant/ 0
39 B 62ms
61ms XHR
text/plain 35.175.60.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sweepstake.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTYzMTU3OTY0MTExNjU4MSIsImRvbWFpbl9pZCI6IjMzNjMyNyIsInVuaXQiOiJkaXYtZ3B0LWFkLXN3ZWVwc3Rha2VfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjYzMjY2Mzk5LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIxZTRlMDkwMC04ZThhLTRjMGQtNWUyYS03OTA3NjY1ODQ1NmMiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDgzLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbNzI4LDkwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTYzMTU3OTY0MTExNjU4MSIsImRvbWFpbl9pZCI6IjMzNjMyNyIsInVuaXQiOiJkaXYtZ3B0LWFkLXN3ZWVwc3Rha2VfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjYzMjY2Mzk5LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIxZTRlMDkwMC04ZThhLTRjMGQtNWUyYS03OTA3NjY1ODQ1NmMiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDgzLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjU2MzE1Nzk2NDExMTY1ODEiLCJkb21haW5faWQiOiIzMzYzMjciLCJ1bml0IjoiZGl2LWdwdC1hZC1zd2VlcHN0YWtlX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY2MzI2NjM5OSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiMWU0ZTA5MDAtOGU4YS00YzBkLTVlMmEtNzkwNzY2NTg0NTZjIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4MywiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIxOTMifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: www.sweepstake.com
URL: https://www.sweepstake.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1fx21x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.175.60.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-60-16.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Thu, 15 Sep 2022 18:26:45 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
server: nginx
vary: Accept-Encoding
expires: Wed, 14 Sep 2022 18:26:47 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 88ms
87ms Script
application/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sweepstake.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sweepstake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Sep 2022 18:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET ads
securepubads.g.doubleclick.net/gampad/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: image4.pubmatic.com
URL: https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F399%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Df4a97b0c-26e8-4f62-bf60-3d819e05a3d1%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9wYi1zZXJ2ZXIuZXpvaWMuY29tL3NldHVpZD9iaWRkZXI9YW14JmdkcHI9JmdkcHJfY29uc2VudD0mZj1pJnVpZD0%253D%26uid%3D212946CC-46F9-4282-BCD0-EFB521A17AC9

Domain: r.turn.com
URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAVOlH3TkbFQh5nmD02CScE&google_cver=1

Domain: cr-p1.ladsp.com
URL: https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AZmPxg9b2919bAZzDzIwqeGNgeiaEwhjB0ACmoK___58sMpBkiawATzShkLiP1843AcQD-YxZxRGBFnswbE1rb8dotRkyWf-TASymTZdVig1qtZZZp9pRXD-qzHDYuHRc51I6VHecaFe6x9JFpv_nNNPHvY&google_gid=CAESEC6Ma6wkmIet-AOi0jdQCJA&google_cver=1

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?pvsid=637597873105962&correlator=1873715182565517&eid=31068500%2C31068929%2C31068529%2C31067826&output=ldjh&gdfp_req=1&vrg=2022091201&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A10705829087%2Csweepstake_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=12&adks=407620194&sfv=1-0-38&ris=1&rcs=3&fsapi=false&prev_scp=a%3D%257C0%257C%26iid1%3D1219289573162759%26eid%3D1219289573162759%26t%3D134%26d%3D336327%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod67-c%26ic%3D4%26at%3Dmbf%26adr%3D398%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dsweepstake_com-box-2-1219289573162759%26eb_br%3D57914c3716312cb7e954090f0717ea25%26eba%3D1%26ebss%3D10061%2C10063%26asau%3D2038571177%26bv%3D18%26bvm%3D0%26bvr%3D8%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D260%26br2%3D350%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C168%2C0%2C4%2C0%2C193%2C196%2C20%2C71%2C30%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2339%2C3430%2C3458%2C3460%2C3683%2C3676%2C14%2C15%2C16%2C2310%2C2765%2C3054%2C3455%2C3456%2C3457%2C3682%2C10%2C11%2C12%2C13%2C20%2C2310%2C2526%2C2527%2C2764%2C2765%2C3054%2C3455%2C3456%2C3457%2C3682%2C3684%2C9%2C10%2C11%2C12%2C13%2C20%2C2310%2C2526%2C2527%2C2764%2C2765%2C3054%2C3154%2C3455%2C3456%2C3457%2C3682%2C3684%2C9%2C10%2C11%2C12%2C13%26lb%3D280%26reqt%3D1663266405766&eri=1&sc=1&cookie=ID%3D857a339d9b7e2a5e%3AT%3D1663266400%3AS%3DALNI_MZ1K4AXMg9V4M3sPUIW2TPDPzK8Og&gpic=UID%3D00000575aacc0478%3AT%3D1663266400%3ART%3D1663266400%3AS%3DALNI_MYup5V-2moTy8eIlXezCvH-Mju1VQ&abxe=1&dt=1663266405773&lmt=1663266405&dlt=1663266399703&idt=543&adxs=315&adys=142&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sweepstake.com%2F&frm=20&vis=1&psz=1170x90&msz=970x90&fws=0&ohw=0&psts=APxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=2102761771.1663266400&ga_sid=1663266400&ga_hid=464245169&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YlfGck7QwSABSAghvEhkKCnB1YmNpZC5vcmcYm_Kck7QwSABSAghqEsIBCghydGJob3VzZRKsAWtlMzh4MzZ1TVM2eUx6S1JDc0VhWDdTRk1zZXUveTRvTmhBcVlpcVBHbm9BdG1iNEJUNWNENkRKcGU1NW5QVjY5QVB1K3N0b21LRVl4a1FiZzRZSFhpTW9zWkpRVzlFMWUzVlJ6aVA4TThtWTFJRnVtb1RaWGlGVFNTREkyMmhSY2JzK3g1V3V0bjZzcE1EOEkyem1paEJIeGVQUHhaek5WelU5UnhaMEtETT0YhPSck7QwSAASPgoFb3BlbngSLGV5SnBJam9pVDJSVlNtbFpVRWhTVVVkVGVHaDJTbEZKWlVaU1VUMDlJbjA9GPXynJO0MEgAEhsKDGlkNS1zeW5jLmNvbRiA9JyTtDBIAFICCGo.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?pvsid=637597873105962&correlator=914100833360867&eid=31068500%2C31068929%2C31068529%2C31067826&output=ldjh&gdfp_req=1&vrg=2022091201&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A10705829087%2Csweepstake_com-medrectangle-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=580x400&ifi=13&adks=1914102123&sfv=1-0-38&ris=1&rcs=3&fsapi=false&prev_scp=a%3D%257C0%257C%26iid1%3D8529099445095412%26eid%3D8529099445095412%26t%3D134%26d%3D336327%26t1%3D134%26pvc%3D0%26ap%3D1021%26sap%3D1320%26as%3Drevenue%26plat%3D1%26bra%3Dmod67-c%26ic%3D4%26at%3Dmbf%26adr%3D398%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Dsweepstake_com-medrectangle-3-8529099445095412%26eb_br%3D57914c3716312cb7e954090f0717ea25%26eba%3D1%26ebss%3D10061%2C10063%26asau%3D2038571177%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D260%26br2%3D400%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C168%2C0%2C67%2C0%2C168%2C168%2C168%2C157%2C201%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C1794%2C3430%2C3458%2C3460%2C3683%2C3676%2C15%2C16%2C2339%2C3054%2C3455%2C3456%2C3457%2C3682%2C11%2C12%2C13%2C14%2C20%2C2310%2C2339%2C2526%2C2527%2C2764%2C2765%2C3054%2C3455%2C3456%2C3457%2C3682%2C3684%2C9%2C10%2C11%2C12%2C13%2C14%2C20%2C2310%2C2339%2C2526%2C2527%2C2764%2C2765%2C3054%2C3154%2C3455%2C3456%2C3457%2C3682%2C3684%2C9%2C10%2C11%2C12%2C13%2C14%26lb%3D280%26reqt%3D1663266405782&eri=1&sc=1&cookie=ID%3D857a339d9b7e2a5e%3AT%3D1663266400%3AS%3DALNI_MZ1K4AXMg9V4M3sPUIW2TPDPzK8Og&gpic=UID%3D00000575aacc0478%3AT%3D1663266400%3ART%3D1663266400%3AS%3DALNI_MYup5V-2moTy8eIlXezCvH-Mju1VQ&abxe=1&dt=1663266405787&lmt=1663266405&dlt=1663266399703&idt=543&adxs=510&adys=1222&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sweepstake.com%2F&frm=20&vis=1&psz=1170x400&msz=580x400&fws=0&ohw=0&psts=APxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=2102761771.1663266400&ga_sid=1663266400&ga_hid=464245169&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YlfGck7QwSABSAghvEhkKCnB1YmNpZC5vcmcYm_Kck7QwSABSAghqEsIBCghydGJob3VzZRKsAWtlMzh4MzZ1TVM2eUx6S1JDc0VhWDdTRk1zZXUveTRvTmhBcVlpcVBHbm9BdG1iNEJUNWNENkRKcGU1NW5QVjY5QVB1K3N0b21LRVl4a1FiZzRZSFhpTW9zWkpRVzlFMWUzVlJ6aVA4TThtWTFJRnVtb1RaWGlGVFNTREkyMmhSY2JzK3g1V3V0bjZzcE1EOEkyem1paEJIeGVQUHhaek5WelU5UnhaMEtETT0YhPSck7QwSAASPgoFb3BlbngSLGV5SnBJam9pVDJSVlNtbFpVRWhTVVVkVGVHaDJTbEZKWlVaU1VUMDlJbjA9GPXynJO0MEgAEhsKDGlkNS1zeW5jLmNvbRiA9JyTtDBIAFICCGo.

Verdicts & Comments Add Verdict or Comment

317 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sweepstake.com/	1970-01-20 06:01:08	Name: ezoadgid_336327 Value: -2
.sweepstake.com/	1970-01-20 06:01:13	Name: ezoref_336327 Value:
.sweepstake.com/	1970-01-20 14:46:42	Name: ezosuibasgeneris-1 Value: 176c38df-6613-46b1-4490-ddef04e45dd2
.sweepstake.com/	1970-01-20 06:01:13	Name: ezoab_336327 Value: mod67-c
.sweepstake.com/	1970-01-20 06:03:59	Name: active_template::336327 Value: pub_site.1663266399
.sweepstake.com/	1970-01-20 06:01:08	Name: ezopvc_336327 Value: 1
.sweepstake.com/	1970-01-20 06:02:32	Name: ezepvv Value: 0
.sweepstake.com/	1970-01-20 06:01:08	Name: ezovid_336327 Value: 1806130692
.sweepstake.com/	1970-01-20 06:01:08	Name: lp_336327 Value: https://www.sweepstake.com/
.sweepstake.com/	1970-01-20 06:03:59	Name: ezovuuidtime_336327 Value: 1663266399
.sweepstake.com/	1970-01-20 06:01:08	Name: ezovuuid_336327 Value: 0dc2738d-0e22-44c1-6604-d9d7f8d7187a
www.sweepstake.com/	1970-01-20 15:37:06	Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
www.sweepstake.com/	1970-01-20 15:37:06	Name: ezohw Value: w%3D1600%2Ch%3D1200
.sweepstake.com/	1970-01-20 15:37:06	Name: _ga Value: GA1.2.2102761771.1663266400
.sweepstake.com/	1970-01-20 06:02:32	Name: _gid Value: GA1.2.1042558276.1663266400
.sweepstake.com/	1970-01-20 06:01:06	Name: _gat Value: 1
www.sweepstake.com/	1970-01-20 15:25:35	Name: qcSxc Value: 1663266400385
.quantserve.com/	1970-01-20 15:31:20	Name: mc Value: 63236e60-66cb6-02fe8-22fce
.sweepstake.com/	1970-01-20 15:25:35	Name: __qca Value: P0-1747333000-1663266400381
www.sweepstake.com/	1970-01-20 14:46:42	Name: ezux_lpl_336327 Value: 1663266400622\|1e4e0900-8e8a-4c0d-5e2a-79076658456c\|false
.sweepstake.com/	1970-01-20 15:22:42	Name: __gpi Value: UID=00000575aacc0478:T=1663266400:RT=1663266400:S=ALNI_MYup5V-2moTy8eIlXezCvH-Mju1VQ
.sweepstake.com/	1970-01-20 15:22:42	Name: __gads Value: ID=857a339d9b7e2a5e:T=1663266400:S=ALNI_MZ1K4AXMg9V4M3sPUIW2TPDPzK8Og
www.sweepstake.com/	1969-12-31 23:59:59	Name: ezouspvv Value: 280
www.sweepstake.com/	1969-12-31 23:59:59	Name: ezouspva Value: 1
www.sweepstake.com/	1969-12-31 23:59:59	Name: ezouspvh Value: 280
.doubleclick.net/	1970-01-20 15:37:06	Name: IDE Value: AHWqTUlWYaY5Hcwnmu0_WV2E0DYvb-QMWv_4uAucvEY3UQL-GdMi-YUNBBEMW4tdHUo
.sweepstake.com/	1970-01-20 06:01:06	Name: lotame_domain_check Value: sweepstake.com
.openx.net/	1970-01-20 14:46:42	Name: i Value: 39d50989-83c7-4501-92c6-1bc940878545\|1663266404
.criteo.com/	1970-01-20 15:22:42	Name: uid Value: 0530e05a-dc37-4813-af82-d87de381f909
www.sweepstake.com/	1970-01-20 06:44:18	Name: _pbjs_userid_consent_data Value: 3524755945110770
.casalemedia.com/	1970-01-20 14:46:42	Name: CMID Value: YyNuZJvWFqZ2R70ojLL7BwAA
.casalemedia.com/	1970-01-20 08:10:42	Name: CMPS Value: 380
.casalemedia.com/	1970-01-20 08:10:42	Name: CMPRO Value: 380

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.sweepstake.com/(Line 694) Message: Failed to decode downloaded font: data:application/font-woff2,
network	error	URL: https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D Message: Failed to load resource: the server responded with a status of 503 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

777d0c8c4d69db5316150a8a67cf7dfb.safeframe.googlesyndication.com
ads.yieldmo.com
adservice.google.com
aep.mxptint.net
b1sync.zemanta.com
basher.ezodn.com
bid.contextweb.com
btlr.sharethrough.com
c2shb.ssp.yahoo.com
cdn.id5-sync.com
cm.g.doubleclick.net
cms.quantserve.com
cr-p1.ladsp.com
cs.emxdgt.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
esp.rtbhouse.com
fksnk.com
fonts.googleapis.com
fw.adsafeprotected.com
go.ezodn.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id.sharedid.org
id5-sync.com
image4.pubmatic.com
invstatic101.creativecdn.com
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
pb-server.ezoic.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
prod.uidapi.com
pxl.qccerttest.com
r.turn.com
rules.quantcount.com
s0.2mdn.net
secure.quantserve.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sweepstake.com
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.targeting.unrulymedia.com
tags.crwdcntrl.net
tpc.googlesyndication.com
us-u.openx.net
wh.ip-adress.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.sweepstake.com
cr-p1.ladsp.com
image4.pubmatic.com
r.turn.com
securepubads.g.doubleclick.net
104.18.18.126
104.36.115.111
108.138.128.28
142.250.65.194
142.250.65.226
15.197.193.217
151.101.2.49
162.19.138.118
172.217.165.130
18.189.125.221
198.148.27.134
199.127.204.142
209.126.124.88
2600:1f13:800:7780:8036:fe64:f036:acd6
2600:1f18:1aca:4282:4cee:aa83:8a18:ee3
2600:1f18:4e9:5a07:dc3:ed1a:ad6b:ca3d
2600:9000:21dd:6c00:8:48e:53c0:93a1
2600:9000:21dd:e200:11:615:7240:93a1
2600:9000:21dd:ec00:6:44e3:f8c0:93a1
2606:4700:10::6816:3456
2606:4700:3031::ac43:bb22
2606:4700:3035::6815:48a9
2606:ae80:1450:16::2040
2607:f8b0:4004:c06::9a
2607:f8b0:4006:808::2006
2607:f8b0:4006:808::200a
2607:f8b0:4006:80b::2001
2607:f8b0:4006:80c::2003
2607:f8b0:4006:817::2002
2607:f8b0:4006:81d::2002
2607:f8b0:4006:820::2002
2607:f8b0:4006:820::2004
2607:f8b0:4006:823::200e
2620:100:a001::4
2620:100:a001::c
2620:116:800b:21:1456:d0e1:7db4:a56b
34.102.146.192
34.120.135.53
34.209.30.241
34.96.70.87
35.175.60.16
35.190.39.111
35.244.159.8
38.67.14.224
44.209.207.157
51.222.39.185
52.1.231.196
52.2.211.96
52.4.33.45
54.159.78.82
54.204.127.33
64.202.112.63
68.67.179.87
69.166.1.12
74.119.119.139
95.217.104.34
06185a715e63f15a760b26dcd886732546628582456551e2bf20331de8221619
094b946adc39ade08f6d927ea066c8fef3ba6ee5c12919873172315ef7428e92
09de5a449f485d76db4f6f5a5c416a7d1ece066b75e0ff846ff6268d06c20bd9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f56d3b7e8d1396f235e0c0eea6c4c89039f27af40d9f76c893025ee4cd8ef01
11342cf2d67d932087963a635144a53bfbb8e106eb2d8eae8ec1d8eef56ee793
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1302c371fac86ede2417616fc401e0a97ffa7b91d39a4d8890ab990e662fb770
162082dad6efe05e8e32cccdaef4084c6ffb120d4bdbc49bb25a21189a1d091b
18b894a19490530dd59a66473c6331fb71bb224fb494d6e2e78423546bac1dd2
1b464b966f2d6d73707c389a7d6f5688d9be181b755fcd173ce77ac8703ac573
1b59be9cdbe2f257e4e0e63d9e62e4f4c9b85f35107e26b87b283466daffa235
20347bc1628168110b9f0a20feb40784d54722fe12782cc14b8256e5680be0ac
20f7e2d3055aaa43a8475467f9d70a9e432328a06c3d6347345426aabcb741e6
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8
26d23334081a13bc243633884a4cea142392a43fb36c253376ad40b8980f695a
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f
2b972296698fe0e87dec1c9c59bfef10f53259fb019665bf1d5bb392c2319e9d
2e2ab403ce0a5c3511c205a6fec337f8ec56812414e34bac95fe0b5f95d311b0
2fcc0e4b73a6ee76961c7dd2a779a94f507f44cd00a070153087550dbe03650e
30066eb89e4346049eee402796f77632f26e40eb79637fd36f5ddf5dd0b6a639
308d01e12679c189b14c3fbdc247e6616328876b7d94f870f12636034fce85d4
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745
3572c5966d84f904eedb007c1b495c6e049fa6fc09dadc038147dbc79be38869
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
42f45f5f02529253b737bd85ca20df5d3c3c6f9b9f663788c5997e2169fca92f
42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc
4831f38d5033e932ef3b079d240c86ffa99b3efa45e5f2a14ed3d1f4d1c3b3be
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a8d059afae13b975d3ed10313ca9765237480fd0e964862b8f02bd56a58af7b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5179ccc7d97ce359e09ca8c16391c4aa25995fe6e582803c8acbb3a3f1808485
523fa52031decb1568842a3ad41322003ec19b496ad850b19f45123c798336ff
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5493aea9dfbfc47ce2b8cecc5f827ccd191abb335e109286f893e9f2a30ac9d7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
563782063f6a3aae694c017b31fd4cd2aa823e0203517cd66f2c1f9d0ab1d9e4
58a964a5882a9261bcbbf0d189f3f8357befc2c9c5a3dd3d90a7bbf97d06a5a8
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5fd51333c2943efd4bb78d6dd5d374df2b79fdb6282c47083651afea48265d0b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620031f07d8deb5fdad2a48408cf283b0efdaa5bc0c6fe232ec48ab852255974
6238d0bcbbdf7b5c5b31d4b09dde4658bcc8c6e8a26bb6ff25d578e97ea63095
632891d966ce3fa516a9678479cd3a8920562a037a85d0ceb9b91c6703c83e90
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67b95f39b615fffd291ff5f77103dc3171e7c845351a76b89588399e06869401
6b04328351e6f710d4b28f0ae2fc5533397138b86fbd3fce7a1be4c267100376
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f257ac53524852020ca9a5012dfcf38b793a950b8cc210adb85d0df91e155cc
73d8828126ae3435ffef589ef431c970da716ddfd04f6fc3bcdbbf0d1f54b4f0
7464f1d4187b92f844e6d0ceb8e3b276951d93768eb3e900d8c01ca17ac317d8
782e26f81e86b30ec4fe69bc4341cd6817ca4966e936769b64057dde69505cc7
80b170aecdaa359a77ca306e13ac66fe0a5f06b344fc9c5b5d7dc480728cb15b
815652be3eac17416a06a5e802a7857982f744c6ee04b60a1e5f16eba7e05ff7
84523a234ea14b95236b518c8ed1a0baf9550ab3557e0210c176837e700af542
87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d9da4a13e73d9f963ec8345d4d246875708f363784d1656dfb365597acc6d3f
96eeb7b3bfd663979ec03eded7bf0e1685b35e538bf01e8aceaad2434a7409a1
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
99878ce4720eeb0689cefe9827989fd2bcdb6b73a6c0219a6eff89c120df9948
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b0a5c6773dd49f99e95dafa902f22cf0e6ffe2537a2c7648235c7c519bd7540
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
9d2dbcc5522f66a3e7dfb278e6bf6fbdbf761bb15dc54a5d559a644bb5e2b514
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a29ee7f631d3e9d0982fb25160454b11de5bcebfb7197decf36bd4e735091644
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5129a47917f4f4ba7de143e4daa8ee37bba99ee3b886f998f198aecb8c07ff1
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ad17f917a0c9a881781b1855c747877e25e3419989e4cbe624dd9f3abac23dde
adbd898659041a06390aec3d886c7669946739187af1dc74ddcc2963a1c8252a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b043a79fc3e5aa25fc53b624db4dfc612198a4e62e43780296ab07dafb6f8f83
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b37c8261a67d8e8220d5c7133b8eefacd9fb1999898e2f1739e77eb55c40497d
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
b56bf844d9d6b61523bb6297c4838a8cc6857ffb32a9180d6787c0cd5681ed92
b9468203d1a374c57d8f34c2df0229524b0b930bd43ed137a2a9bbbb21c1606e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
cb9f9582d696929ff38ac12ab9123a291e2baa8f82b62bf61c9225b708b4aa44
cefa23d7fbbab0c9df178dd099405d8822bd69045b8ffa4400a563d4926b627a
d387908b8496cf3b7e00d962f090fcf7345b7a0a0a94c4c48fa71c023ad39c7e
d4ce63ce40a71e3a4074e3fb3a33deecef0ee49769b527848b0822f7f035103c
d5c6597c067a6e619f9ba5e6b9a085fb0ede59196d2900ca304d752728bf4cd3
d674aab606f7c6008645854a9dcad2637e3d3a0af1c259badcbfa91f746dc8be
d7f83c29bb0061d6c4725f31b1e0875470cbcd8afa34748e6416c06adeceef55
db3dd2a7772d3f3d476d5e09e025c8abd116affa09f9fff310e58733503651b4
dc3071836af1a842787e14996ae5654f4d36e2b8adf2a695ddde7d8caabd1b44
dc7fefd4d56b1c512aa392edbe1978fabe1c216c902c53678649767ded813644
dc920e7cfdc23cfd3f92057ab7a80eb9dafe8d22d951045b58d12937511a5984
dcc0b6437eeec474b65774198371749c6e3f11c12b0bc14f3a971714d0d0e52b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
def0d8346ec2059f738529ed16024982b3c285cf97891325c72dda4afb6956c5
df9439b47ccdbd052e6107e94e32b5746e10b400470beaca5d238ca6d32c605e
e256262d08e5cfdc75805c941beae5bd4920000f3bfa640d53048208b88da425
e2bd5ebe077d0c4c231c119bc1f959a7510aba9334719908f1985d1bce902b9a
e3925d05458b5a9717f4a329c38b34213d3ef0d3275e3262543e828ad29814bc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e410671658d1dc6f18d8bb5750b4099bd16eff40d2f57ac64a367c0ae27e4928
e46ca91df4905600874c945e5098e57400893b66410ecddf73b9c153a887c141
e5989f59c2a6d13449af8a23bfb56a7609c1c127e65687ff46e5c4d474e7d9a1
ecf66798705d3e1f9b94061c1e3415f3d5984162a10425a1eed388dc12f75b6e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f06f8e5aba2ef491c43a8ffab171d9db67617134095ce3ff2890cc3e500437dc
f283028423d5f5bf20850782e25596820f80f184cbe62eb9b27db3e4fc0f885e
f28c9c3b9273c15b5980d361385e2a46ae45b52e34741a904b217f8ce31e2b23
f438ae2e9387171848edb4d5ba886cb9425656fa401b3489e4642c21ada675b9
f4ed6ab66a9f1fc0cf135ea3cdad365c16252b225936673b8302ed793bbc8590
f668055871b22aaa7f4e56da5ba56de46b4e657eab3ffcebf4298d23465a9ee1
f73e90959cb244773f2c1c0f8a51f95c91719f4cc46a9a86b499a2c761ae2188
feb6fb7964ff50524c107524c1773ae1fa2a13d37c9c2c81a9a7c87da8c970b8
ffaec87b853633a62ed1952e71f254d41774de9c75d17283a80cd26add436447

www.sweepstake.com Open in urlscan Pro 35.175.60.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

175 Requests

86 %HTTPS

41 %IPv6

46 Domains

65 Subdomains

48 IPs

3 Countries

1870 kBTransfer

3703 kBSize

33 Cookies

43 Outgoing links

Page URL History

Redirected requests

175 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.sweepstake.com Open in urlscan Pro
35.175.60.16 Public Scan

Screenshot
Live screenshot

Full Image

175
Requests

86 %
HTTPS

41 %
IPv6

46
Domains

65
Subdomains

48
IPs

3
Countries

1870 kB
Transfer

3703 kB
Size

33
Cookies

175 HTTP transactions
15 data transactions