win.omgsweeps.info Open in urlscan Pro
3.225.160.67 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://win.omgsweeps.info/
Effective URL:
https://win.omgsweeps.info/api/offer
Submission: On January 28 via manual (January 28th 2022, 11:03:46 am UTC) from IN — Scanned from DE

Summary HTTP 61 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 12 domains to perform 61 HTTP transactions. The main IP is 3.225.160.67, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is win.omgsweeps.info. The Cisco Umbrella rank of the primary domain is 224459.
TLS certificate: Issued by Amazon on October 8th 2021. Valid for: a year.

This is the only time win.omgsweeps.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 5	3.225.160.67 3.225.160.67	14618 (AMAZON-AES) (AMAZON-AES)
21	2600:9000:215... 2600:9000:2156:3800:16:a31f:4840:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	52.49.160.208 52.49.160.208	16509 (AMAZON-02) (AMAZON-02)
2	108.157.4.80 108.157.4.80	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	52.72.180.169 52.72.180.169	14618 (AMAZON-AES) (AMAZON-AES)
2	52.207.0.73 52.207.0.73	14618 (AMAZON-AES) (AMAZON-AES)
61	15

5 3.225.160.67 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-160-67.compute-1.amazonaws.com

win.omgsweeps.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2600:9000:2156:3800:16:a31f:4840:21 (United States)

ASN16509 (AMAZON-02, US)

d3v7hbq4afry8x.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.160.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-160-208.eu-west-1.compute.amazonaws.com

live.r3engage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.4.80 (United States)

ASN16509 (AMAZON-02, US)

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.72.180.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-180-169.compute-1.amazonaws.com

trc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.207.0.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-0-73.compute-1.amazonaws.com

psp.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	cloudfront.net d3v7hbq4afry8x.cloudfront.net
14	gstatic.com www.gstatic.com fonts.gstatic.com	548 KB
7	google.com www.google.com — Cisco Umbrella Rank: 13	84 KB
6	pushnami.com api.pushnami.com — Cisco Umbrella Rank: 3757 trc.pushnami.com — Cisco Umbrella Rank: 3884 psp.pushnami.com — Cisco Umbrella Rank: 16382	63 KB
5	omgsweeps.info 3 redirects win.omgsweeps.info — Cisco Umbrella Rank: 224459	19 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 385	11 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	2 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5557	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 96	444 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	56 KB
1	r3engage.com live.r3engage.com — Cisco Umbrella Rank: 127285	2 KB
61	12

	Domain	Requested by
21	d3v7hbq4afry8x.cloudfront.net	win.omgsweeps.info
9	www.gstatic.com	www.google.com www.gstatic.com
7	www.google.com	win.omgsweeps.info www.gstatic.com www.google.com
5	fonts.gstatic.com	www.google.com
5	win.omgsweeps.info	3 redirects
3	bat.bing.com	www.googletagmanager.com bat.bing.com win.omgsweeps.info
2	psp.pushnami.com	api.pushnami.com
2	trc.pushnami.com	api.pushnami.com
2	www.google-analytics.com	win.omgsweeps.info www.google-analytics.com
2	api.pushnami.com	win.omgsweeps.info api.pushnami.com
2	fonts.googleapis.com	win.omgsweeps.info
1	www.google.de	win.omgsweeps.info
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	win.omgsweeps.info
1	live.r3engage.com	win.omgsweeps.info
61	15

This site contains links to these domains. Also see Links.

Domain
bestdayeversweeps.com
whatif-assets-cdn.s3.amazonaws.com
www.bestdayeversweeps.com

Subject Issuer	Validity	Valid
theclassactionsguide.com Amazon	`2021-10-08` - `2022-11-06`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.r3engage.com Go Daddy Secure Certificate Authority - G2	`2021-12-30` - `2023-01-27`	a year	crt.sh
*.pushnami.com Amazon	`2021-04-18` - `2022-05-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://win.omgsweeps.info/api/offer
Frame ID: 299553BBD13A8AC5967A304203C710F0
Requests: 40 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p&co=aHR0cHM6Ly93aW4ub21nc3dlZXBzLmluZm86NDQz&hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=xwm5dbpfh1gv
Frame ID: BAE85CB90C9AF1BB71187FC85C6785FA
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p
Frame ID: 52B0B30A02C1A5583603F231ABDE61D0
Requests: 11 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: F0A0DCA34CA3902F40032350377C3E7F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Best Day Ever Sweeps

Page URL History Show full URLs

http://win.omgsweeps.info/ HTTP 302
https://win.omgsweeps.info/ HTTP 302
https://win.omgsweeps.info/api/user?site_id=43 Page URL
https://win.omgsweeps.info/api/user?site_id=43 HTTP 302
https://win.omgsweeps.info/api/offer Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Pushnami (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.pushnami\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+class="g-recaptcha"
/recaptcha/api\.js

Page Statistics

61
Requests

100 %
HTTPS

67 %
IPv6

12
Domains

15
Subdomains

15
IPs

4
Countries

805 kB
Transfer

1887 kB
Size

11
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://bestdayeversweeps.com/hosting/staticpages/BDES_Terms.aspx
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://bestdayeversweeps.com/hosting/staticpages/BDES_Privacy.aspx
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://bestdayeversweeps.com/hosting/staticpages/BDES_Rules.aspx
Title: Official Contest Rules

Search URL Search Domain Scan URL

URL: https://bestdayeversweeps.com/hosting/staticpages/BDES_rules.aspx
Title: Official Contest Rules

Search URL Search Domain Scan URL

URL: https://bestdayeversweeps.com/hosting/staticpages/BDES_PrivacyNotice.aspx
Title: Privacy Notice

Search URL Search Domain Scan URL

URL: https://bestdayeversweeps.com/hosting/staticpages/BDES_HowItWorks.aspx
Title: How It Works

Search URL Search Domain Scan URL

URL: https://bestdayeversweeps.com/hosting/staticpages/BDES_AccessibilityNotice.aspx
Title: Accessibility Notice

Search URL Search Domain Scan URL

URL: https://whatif-assets-cdn.s3.amazonaws.com/static/c4rmedia/donotsell/index.html
Title: Do Not Sell My Information

Search URL Search Domain Scan URL

URL: http://www.bestdayeversweeps.com/unsub.aspx
Title: Unsubscribe

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://win.omgsweeps.info/ HTTP 302
https://win.omgsweeps.info/ HTTP 302
https://win.omgsweeps.info/api/user?site_id=43 Page URL
https://win.omgsweeps.info/api/user?site_id=43 HTTP 302
https://win.omgsweeps.info/api/offer Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://win.omgsweeps.info/ HTTP 302
https://win.omgsweeps.info/ HTTP 302
https://win.omgsweeps.info/api/user?site_id=43

61 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

user Show response
win.omgsweeps.info/api/
Redirect Chain

http://win.omgsweeps.info/
https://win.omgsweeps.info/
https://win.omgsweeps.info/api/user?site_id=43

391 B
789 B

182ms
182ms

Document
text/html

3.225.160.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://win.omgsweeps.info/api/user?site_id=43
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.160.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-160-67.compute-1.amazonaws.com
Software: /
Resource Hash: 8a75e9142333ae18ccf5b69eb2b63c7d5c575436e9c1b20d5b0462af2d4d1312

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 28 Jan 2022 11:03:40 GMT
content-type: text/html
content-length: 391

Redirect headers

date: Fri, 28 Jan 2022 11:03:40 GMT
content-length: 0
location: https://win.omgsweeps.info/api/user?site_id=43

GET
H2

200

Primary Request offer Show response
win.omgsweeps.info/api/
Redirect Chain

https://win.omgsweeps.info/api/user?site_id=43
https://win.omgsweeps.info/api/offer

16 KB
17 KB

273ms
273ms

Document
text/html

3.225.160.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://win.omgsweeps.info/api/offer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.160.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-160-67.compute-1.amazonaws.com
Software: /
Resource Hash: 52b578ba3e0ae9c2df664df71e59eff10ff3f6bba38c669b29ff0db880ddf374

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://win.omgsweeps.info
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/api/user?site_id=43

Response headers

date: Fri, 28 Jan 2022 11:03:41 GMT
content-type: text/html
content-length: 16816

Redirect headers

date: Fri, 28 Jan 2022 11:03:40 GMT
content-length: 0
location: https://win.omgsweeps.info/api/offer

GET
H2 403 bootstrap0318.min.css
d3v7hbq4afry8x.cloudfront.net/css/ 0
0 141ms
31ms Stylesheet
text/html 2600:9000:2156:3800:16:a31f:4840:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v7hbq4afry8x.cloudfront.net/css/bootstrap0318.min.css
Requested by: Host: win.omgsweeps.info
URL: https://win.omgsweeps.info/api/offer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 111ms
37ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:700

Requested by

Host: win.omgsweeps.info
URL: https://win.omgsweeps.info/api/offer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5792b2c695cea6551eb1d9b84a4ce1db45084a53d5f663311883e81d1fc1a556

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 09:37:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 28 Jan 2022 11:03:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Jan 2022 11:03:41 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
778 B 112ms
38ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,700,800

Requested by

Host: win.omgsweeps.info
URL: https://win.omgsweeps.info/api/offer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb70c595f8c55628c0c796234268f869df625e5c21fbd02faeca47e0c26be25c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 11:03:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 28 Jan 2022 11:03:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Jan 2022 11:03:41 GMT

GET
H2 403 animate.css
d3v7hbq4afry8x.cloudfront.net/css/omgsweeps/ 0
0 141ms
32ms Stylesheet
text/html 2600:9000:2156:3800:16:a31f:4840:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v7hbq4afry8x.cloudfront.net/css/omgsweeps/animate.css
Requested by: Host: win.omgsweeps.info
URL: https://win.omgsweeps.info/api/offer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 403 BDE-uniquelandingpage-0514-v2.css
d3v7hbq4afry8x.cloudfront.net/css/bde/ 0
0 141ms
32ms Stylesheet
text/html 2600:9000:2156:3800:16:a31f:4840:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v7hbq4afry8x.cloudfront.net/css/bde/BDE-uniquelandingpage-0514-v2.css
Requested by: Host: win.omgsweeps.info
URL: https://win.omgsweeps.info/api/offer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 403 base.css
d3v7hbq4afry8x.cloudfront.net/css/ 0
0 142ms
33ms Stylesheet
text/html 2600:9000:2156:3800:16:a31f:4840:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v7hbq4afry8x.cloudfront.net/css/base.css
Requested by: Host: win.omgsweeps.info
URL: https://win.omgsweeps.info/api/offer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 403 jqueryv1.10.2.js
d3v7hbq4afry8x.cloudfront.net/js/omgsweeps/ 0
0 142ms
33ms Script
text/html 2600:9000:2156:3800:16:a31f:4840:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v7hbq4afry8x.cloudfront.net/js/omgsweeps/jqueryv1.10.2.js
Requested by: Host: win.omgsweeps.info
URL: https://win.omgsweeps.info/api/offer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
968 B 113ms
38ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: win.omgsweeps.info
URL: https://win.omgsweeps.info/api/offer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

61689f3f8cb81a680436abea2be12be3d73e9ecd33e6b281dfb9a4600e11aead

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 11:03:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 11:03:41 GMT

GET
H2 200 1294 Show response
live.r3engage.com/ 1 KB
2 KB 194ms
49ms Script
text/javascript 52.49.160.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.r3engage.com/1294
Requested by: Host: win.omgsweeps.info
URL: https://win.omgsweeps.info/api/offer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.160.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-160-208.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips / PHP/7.2.26
Resource Hash: 2d1b4ad51a6d322b7b06445327083e3510de0945eece6f43188266e4d7ebe562

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 11:03:41 GMT
server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
x-powered-by: PHP/7.2.26
content-type: text/javascript;charset=UTF-8

GET
H2 403 grand_prize.gif
d3v7hbq4afry8x.cloudfront.net/images/omgsweeps/ 0
0 34ms
33ms Image
text/html 2600:9000:2156:3800:16:a31f:4840:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3v7hbq4afry8x.cloudfront.net/images/omgsweeps/grand_prize.gif
Requested by: Host: win.omgsweeps.info
URL: https://win.omgsweeps.info/api/offer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 403 BDEsweepslogofinalnewnew.png
d3v7hbq4afry8x.cloudfront.net/images/bde/ 0
0 53ms
52ms Image
text/html 2600:9000:2156:3800:16:a31f:4840:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3v7hbq4afry8x.cloudfront.net/images/bde/BDEsweepslogofinalnewnew.png
Requested by: Host: win.omgsweeps.info
URL: https://win.omgsweeps.info/api/offer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 403 house.png
d3v7hbq4afry8x.cloudfront.net/images/bde/ 0
0 54ms
53ms Image
text/html 2600:9000:2156:3800:16:a31f:4840:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3v7hbq4afry8x.cloudfront.net/images/bde/house.png
Requested by: Host: win.omgsweeps.info
URL: https://win.omgsweeps.info/api/offer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 403 car.png
d3v7hbq4afry8x.cloudfront.net/images/bde/ 0
0 55ms
53ms Image
text/html 2600:9000:2156:3800:16:a31f:4840:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3v7hbq4afry8x.cloudfront.net/images/bde/car.png
Requested by: Host: win.omgsweeps.info
URL: https://win.omgsweeps.info/api/offer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 403 vacation.png
d3v7hbq4afry8x.cloudfront.net/images/bde/ 0
0 55ms
54ms Image
text/html 2600:9000:2156:3800:16:a31f:4840:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3v7hbq4afry8x.cloudfront.net/images/bde/vacation.png
Requested by: Host: win.omgsweeps.info
URL: https://win.omgsweeps.info/api/offer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 403 sca-logo.png
d3v7hbq4afry8x.cloudfront.net/images/omgsweeps/ 0
0 55ms
54ms Image
text/html 2600:9000:2156:3800:16:a31f:4840:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3v7hbq4afry8x.cloudfront.net/images/omgsweeps/sca-logo.png
Requested by: Host: win.omgsweeps.info
URL: https://win.omgsweeps.info/api/offer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 403 Citibank-logo.png
d3v7hbq4afry8x.cloudfront.net/images/omgsweeps/ 0
0 56ms
55ms Image
text/html 2600:9000:2156:3800:16:a31f:4840:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3v7hbq4afry8x.cloudfront.net/images/omgsweeps/Citibank-logo.png
Requested by: Host: win.omgsweeps.info
URL: https://win.omgsweeps.info/api/offer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 403 FedEx-logo.png
d3v7hbq4afry8x.cloudfront.net/images/omgsweeps/ 0
0 56ms
54ms Image
text/html 2600:9000:2156:3800:16:a31f:4840:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3v7hbq4afry8x.cloudfront.net/images/omgsweeps/FedEx-logo.png
Requested by: Host: win.omgsweeps.info
URL: https://win.omgsweeps.info/api/offer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 403 bootstrap.min.js
d3v7hbq4afry8x.cloudfront.net/js/omgsweeps/ 0
0 140ms
33ms Script
text/html 2600:9000:2156:3800:16:a31f:4840:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v7hbq4afry8x.cloudfront.net/js/omgsweeps/bootstrap.min.js
Requested by: Host: win.omgsweeps.info
URL: https://win.omgsweeps.info/api/offer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 403 validator.js
d3v7hbq4afry8x.cloudfront.net/js/omgsweeps/ 0
0 34ms
32ms Script
text/html 2600:9000:2156:3800:16:a31f:4840:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v7hbq4afry8x.cloudfront.net/js/omgsweeps/validator.js
Requested by: Host: win.omgsweeps.info
URL: https://win.omgsweeps.info/api/offer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 5a95d1da723f3467fc8b7c39 Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 248 KB
61 KB 605ms
494ms Script
application/javascript 108.157.4.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5a95d1da723f3467fc8b7c39
Requested by: Host: win.omgsweeps.info
URL: https://win.omgsweeps.info/api/offer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a3949f8a2b649ad1421629f87f07eeeb415f65f61a6195bf4a50f16605fa482c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 11:03:42 GMT
via: 1.1 374989d04bb9f7efef831637d8f4b234.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
content-encoding: gzip
x-amz-cf-id: APMs90--Cbm1CaNlcn9_hPqUSvKNO4YHJIn6r4dZyZzjOQ2rCaNC0w==

GET
H2 403 elastic-apm-rum.umd.min.js
d3v7hbq4afry8x.cloudfront.net/js/ 0
0 56ms
55ms Script
text/html 2600:9000:2156:3800:16:a31f:4840:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js
Requested by: Host: win.omgsweeps.info
URL: https://win.omgsweeps.info/api/offer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 152 KB
56 KB 134ms
60ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MBVPCH4

Requested by

Host: win.omgsweeps.info
URL: https://win.omgsweeps.info/api/offer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

139b34ee12bf8ed58e2c655f08e325665aaa280459280f6b6fc9ce99e60e8147

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 11:03:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57094
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Jan 2022 11:03:41 GMT

GET
H2 403 BDE-uniquelandingpage-0514-v2.css
d3v7hbq4afry8x.cloudfront.net/css/bde/ 0
0 32ms
31ms Stylesheet
text/html 2600:9000:2156:3800:16:a31f:4840:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v7hbq4afry8x.cloudfront.net/css/bde/BDE-uniquelandingpage-0514-v2.css
Requested by: Host: win.omgsweeps.info
URL: https://win.omgsweeps.info/api/offer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 403 base.css
d3v7hbq4afry8x.cloudfront.net/css/ 0
0 21ms
21ms Stylesheet
text/html 2600:9000:2156:3800:16:a31f:4840:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v7hbq4afry8x.cloudfront.net/css/base.css
Requested by: Host: win.omgsweeps.info
URL: https://win.omgsweeps.info/api/offer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 82ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBVPCH4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 11:03:41 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 71C65520B7544028B2FB76690638B5D4 Ref B: FRAEDGE1212 Ref C: 2022-01-28T11:03:41Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

GET
H2 403 jqueryv1.10.2.js
d3v7hbq4afry8x.cloudfront.net/js/omgsweeps/ 0
0 22ms
21ms Script
text/html 2600:9000:2156:3800:16:a31f:4840:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v7hbq4afry8x.cloudfront.net/js/omgsweeps/jqueryv1.10.2.js
Requested by: Host: win.omgsweeps.info
URL: https://win.omgsweeps.info/api/offer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/ 355 KB
141 KB 37ms
7ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaf591220d6075ab9638f2ddebc32f5fc1d996c359f8c3a9b1f056a7e46dd6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://win.omgsweeps.info/
Origin: https://win.omgsweeps.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 10:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143285
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 05:03:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Jan 2023 10:14:48 GMT

GET
H2 403 bootstrap.min.js
d3v7hbq4afry8x.cloudfront.net/js/omgsweeps/ 0
0 9ms
8ms Script
text/html 2600:9000:2156:3800:16:a31f:4840:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v7hbq4afry8x.cloudfront.net/js/omgsweeps/bootstrap.min.js
Requested by: Host: win.omgsweeps.info
URL: https://win.omgsweeps.info/api/offer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 403 validator.js
d3v7hbq4afry8x.cloudfront.net/js/omgsweeps/ 0
0 8ms
7ms Script
text/html 2600:9000:2156:3800:16:a31f:4840:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v7hbq4afry8x.cloudfront.net/js/omgsweeps/validator.js
Requested by: Host: win.omgsweeps.info
URL: https://win.omgsweeps.info/api/offer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 35ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: win.omgsweeps.info
URL: https://win.omgsweeps.info/api/offer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5328
date: Fri, 28 Jan 2022 09:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 28 Jan 2022 11:34:54 GMT

GET
H2 204 5626509.js Show response
bat.bing.com/p/action/ 0
92 B 356ms
356ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5626509.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 28 Jan 2022 11:03:41 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1C6BB815303744F691F8580ECA23BD98 Ref B: FRAEDGE1212 Ref C: 2022-01-28T11:03:42Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
150 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5626509&tm=gtm002&Ver=2&mid=575f182a-214e-45a6-a232-0b1743242294&sid=f42c68b0802911ecb2b499723d06fe3a&vid=f42cb730802911ec90e5ef46713d82ba&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Best%20Day%20Ever%20Sweeps&p=https%3A%2F%2Fwin.omgsweeps.info%2Fapi%2Foffer&r=https%3A%2F%2Fwin.omgsweeps.info%2Fapi%2Fuser%3Fsite_id%3D43&lt=1343&evt=pageLoad&msclkid=N&sv=1&rn=291727
Requested by: Host: win.omgsweeps.info
URL: https://win.omgsweeps.info/api/offer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 11:03:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 60D25AC0CB64483EB8C2E194DDE7BB08 Ref B: FRAEDGE1212 Ref C: 2022-01-28T11:03:42Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=892008103&t=pageview&_s=1&dl=https%3A%2F%2Fwin.omgsweeps.info%2Fapi%2Foffer&ul=en-us&de=windows-1252&dt=Best%20Day%20Ever%20Sweeps&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=MetaLanding&cs=&cm=NA&ck=NA&cc=NA&_u=YEBAAEABAAAAAC~&jid=842799937&gjid=1794381275&cid=1336554718.1643367822&tid=UA-104092376-1&_gid=692890811.1643367822&_r=1&_slc=1&cd2=646764&cd1=4ef98a50ab050d7a52d61cb908c0c76a&z=2111071066

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://win.omgsweeps.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 11:03:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://win.omgsweeps.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame BAE8 41 KB
21 KB 48ms
30ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p&co=aHR0cHM6Ly93aW4ub21nc3dlZXBzLmluZm86NDQz&hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=xwm5dbpfh1gv

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6e3bad24966340371384bd301d22fc5c70b91f04c2c873a39a069865cf4a742f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eobVCxwh3F4Jsi6OVmhsLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 28 Jan 2022 11:03:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-eobVCxwh3F4Jsi6OVmhsLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 21394
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-104092376-1&cid=1336554718.1643367822&jid=842799937&gjid=1794381275&_gid=692890811.1643367822&_u=YEBAAEAAAAAAAC~&z=1048608716

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://win.omgsweeps.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 28 Jan 2022 11:03:42 GMT
content-type: text/plain
access-control-allow-origin: https://win.omgsweeps.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/ Frame BAE8 51 KB
24 KB 23ms
8ms Stylesheet
text/css 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p&co=aHR0cHM6Ly93aW4ub21nc3dlZXBzLmluZm86NDQz&hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=xwm5dbpfh1gv

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 17:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 05:03:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 17:10:50 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/ Frame BAE8 355 KB
140 KB 28ms
13ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaf591220d6075ab9638f2ddebc32f5fc1d996c359f8c3a9b1f056a7e46dd6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 10:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143285
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 05:03:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Jan 2023 10:14:48 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 31ms
31ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-104092376-1&cid=1336554718.1643367822&jid=842799937&_u=YEBAAEAAAAAAAC~&z=709992956

Requested by

Host: win.omgsweeps.info
URL: https://win.omgsweeps.info/api/offer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 11:03:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 58ms
31ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-104092376-1&cid=1336554718.1643367822&jid=842799937&_u=YEBAAEAAAAAAAC~&z=709992956

Requested by

Host: win.omgsweeps.info
URL: https://win.omgsweeps.info/api/offer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 11:03:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame BAE8 2 KB
2 KB 13ms
13ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 03:05:30 GMT
x-content-type-options: nosniff
age: 201492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 02 Feb 2022 03:05:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BAE8 15 KB
16 KB 33ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 258337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 11:18:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BAE8 15 KB
15 KB 35ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 230634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 18:59:48 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame BAE8 102 B
134 B 16ms
15ms Other
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

739db8d736cf2cf264796656a113e1e2c97fb6d2626cf5a74bde38c219a04de7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p&co=aHR0cHM6Ly93aW4ub21nc3dlZXBzLmluZm86NDQz&hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=xwm5dbpfh1gv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 11:03:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 11:03:42 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 52B0 7 KB
1 KB 23ms
23ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c9c51d36bf956ea197da06093b0f2b71ed8b70e6f007aa7f6b861e0d16229542

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MFL6iYhgeAOuHk+6gFXCbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 28 Jan 2022 11:03:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-MFL6iYhgeAOuHk+6gFXCbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1110
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/ Frame 52B0 51 KB
24 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 17:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 05:03:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 17:10:50 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/ Frame 52B0 355 KB
140 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaf591220d6075ab9638f2ddebc32f5fc1d996c359f8c3a9b1f056a7e46dd6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 10:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143285
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 05:03:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Jan 2023 10:14:48 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 52B0 37 KB
22 KB 90ms
90ms XHR
application/json 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1f2c11bdf5cb46652e78970e5d4f0196c9b77b77f6009102c1b8e99156d088d4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Fri, 28 Jan 2022 11:03:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22883
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 11:03:42 GMT

GET
H2 200 hub Show response
api.pushnami.com/scripts/v1/ Frame F0A0 2 KB
1 KB 11ms
11ms Document
text/html 108.157.4.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushnami.com/scripts/v1/hub

Requested by

Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5a95d1da723f3467fc8b7c39

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *
X-Content-Security-Policy	default-src 'unsafe-inline' *

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://win.omgsweeps.info/

Response headers

content-type: text/html; charset=utf-8
date: Fri, 28 Jan 2022 10:11:10 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: X-Requested-With
content-security-policy: default-src 'unsafe-inline' *
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 374989d04bb9f7efef831637d8f4b234.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: BHTbhU42-y1-j0vy_Un5Fd91BCQdcBRj3eUll9pHcaCiVNr-3vG7CA==
age: 3152

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 114ms
114ms Fetch
text/html 52.72.180.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5a95d1da723f3467fc8b7c39
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.180.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-180-169.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://win.omgsweeps.info/
key: 5a95d1da723f3467fc8b7c39
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 28 Jan 2022 11:03:42 GMT
cache-control: no-cache
content-type: text/html; charset=utf-8
content-length: 2
access-control-expose-headers: WWW-Authenticate,Server-Authorization

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 315ms
107ms Preflight 52.72.180.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.180.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-180-169.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Origin: https://win.omgsweeps.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 28 Jan 2022 11:03:42 GMT
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-max-age: 86400
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache

POST
H2 200 psp Show response
psp.pushnami.com/api/ 2 B
225 B 101ms
100ms Fetch
text/html 52.207.0.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5a95d1da723f3467fc8b7c39
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.0.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-0-73.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://win.omgsweeps.info/
key: 5a95d1da723f3467fc8b7c39
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://win.omgsweeps.info
date: Fri, 28 Jan 2022 11:03:43 GMT
cache-control: no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: accept-encoding
content-type: text/html; charset=utf-8

OPTIONS
H2 200 psp
psp.pushnami.com/api/ Frame 0
0 362ms
130ms Preflight
application/json 52.207.0.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.0.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-0-73.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Origin: https://win.omgsweeps.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 28 Jan 2022 11:03:42 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://win.omgsweeps.info
access-control-allow-credentials: true
access-control-expose-headers: content-type, content-length, etag
access-control-max-age: 600
access-control-allow-headers: key
access-control-allow-methods: POST
cache-control: no-cache
vary: accept-encoding
content-encoding: gzip

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 52B0 600 B
624 B 8ms
7ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 09:45:36 GMT
x-content-type-options: nosniff
age: 177486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 02 Feb 2022 09:45:36 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 52B0 530 B
554 B 8ms
7ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 21:24:06 GMT
x-content-type-options: nosniff
age: 308376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Mon, 31 Jan 2022 21:24:06 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 52B0 665 B
689 B 8ms
7ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:17:53 GMT
x-content-type-options: nosniff
age: 146749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 02 Feb 2022 18:17:53 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 52B0 15 KB
15 KB 21ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 258337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 11:18:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 52B0 15 KB
15 KB 26ms
10ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 06:37:10 GMT
x-content-type-options: nosniff
age: 15992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 28 Jan 2023 06:37:10 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 52B0 15 KB
15 KB 24ms
9ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 230634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 18:59:48 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 52B0 39 KB
39 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AGdBq24PGRCScouJgu71P5Vqitf5mkVFqa1_rmw_579v60OppoxcxvpCwanWTrzgQxvS6JhBGxFk98U8kilp8A0hwwlfPOwvWCnDHRnCtVvLoKPbaJ3ii1JqfKT-mMm40OpYaJABXSZGMZclTs9cWRE2E2cjOimEg3hVOK8Sce8tVJ2qOHoDWsve-2Av8_XUo8Dtp5qfizGo4lCeOF8GBRGI9cT7etzpm3UDCx1gZN4lcJhzr687N5U&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

33041ea44c3636f051ee41d1665f6ee4d38010aff333c27faf8cff4786041881

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 11:03:42 GMT
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39776
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 11:03:42 GMT

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 04:48:39	Name: _GRECAPTCHA Value: 09APj96hQe2l8PHw6qQzwMemXawPtThUiyZvNbkX8mtAbbJCG5Kb2W4IvgDp7B-V4KB1mRSJIUAl7vQi3qyuV5x1g
win.omgsweeps.info/	1969-12-31 23:59:59	Name: vertx-web.session Value: 4ef98a50ab050d7a52d61cb908c0c76a
.omgsweeps.info/	1970-01-20 02:39:03	Name: _gcl_au Value: 1.1.1088502481.1643367822
.bing.com/	1970-01-20 09:51:03	Name: MUID Value: 38D5D12F8877608613A7C01589A56128
.omgsweeps.info/	1970-01-20 00:30:54	Name: _uetsid Value: f42c68b0802911ecb2b499723d06fe3a
.omgsweeps.info/	1970-01-20 09:51:03	Name: _uetvid Value: f42cb730802911ec90e5ef46713d82ba
.omgsweeps.info/	1970-01-20 18:00:39	Name: _ga Value: GA1.2.1336554718.1643367822
.omgsweeps.info/	1970-01-20 00:30:54	Name: _gid Value: GA1.2.692890811.1643367822
.omgsweeps.info/	1970-01-20 00:29:27	Name: _gat Value: 1
win.omgsweeps.info/	1970-01-20 00:39:32	Name: AWSALB Value: beENXbXHr9pki/Nx2RbhIXOJJEr4F/BSGVCT7l5hfMN4M7LV3L+Q8i+pPyBfxn7CBIi7DZ3xAQUcfIavvHSx1za2JPJjRIE90DAwpWHkn0UviYzUSh8go1aEQ1nB
win.omgsweeps.info/	1970-01-20 00:39:32	Name: AWSALBCORS Value: beENXbXHr9pki/Nx2RbhIXOJJEr4F/BSGVCT7l5hfMN4M7LV3L+Q8i+pPyBfxn7CBIi7DZ3xAQUcfIavvHSx1za2JPJjRIE90DAwpWHkn0UviYzUSh8go1aEQ1nB

22 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://d3v7hbq4afry8x.cloudfront.net/css/bootstrap0318.min.css Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://d3v7hbq4afry8x.cloudfront.net/css/omgsweeps/animate.css Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://d3v7hbq4afry8x.cloudfront.net/css/bde/BDE-uniquelandingpage-0514-v2.css Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://d3v7hbq4afry8x.cloudfront.net/js/omgsweeps/bootstrap.min.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://d3v7hbq4afry8x.cloudfront.net/css/base.css Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://d3v7hbq4afry8x.cloudfront.net/js/omgsweeps/jqueryv1.10.2.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://d3v7hbq4afry8x.cloudfront.net/js/omgsweeps/validator.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://d3v7hbq4afry8x.cloudfront.net/images/omgsweeps/grand_prize.gif Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://d3v7hbq4afry8x.cloudfront.net/images/bde/BDEsweepslogofinalnewnew.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://d3v7hbq4afry8x.cloudfront.net/images/bde/house.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://d3v7hbq4afry8x.cloudfront.net/images/bde/car.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://d3v7hbq4afry8x.cloudfront.net/images/bde/vacation.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://d3v7hbq4afry8x.cloudfront.net/images/omgsweeps/sca-logo.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://d3v7hbq4afry8x.cloudfront.net/images/omgsweeps/FedEx-logo.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://d3v7hbq4afry8x.cloudfront.net/images/omgsweeps/Citibank-logo.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://d3v7hbq4afry8x.cloudfront.net/css/bde/BDE-uniquelandingpage-0514-v2.css Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://d3v7hbq4afry8x.cloudfront.net/css/base.css Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://d3v7hbq4afry8x.cloudfront.net/js/omgsweeps/jqueryv1.10.2.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://d3v7hbq4afry8x.cloudfront.net/js/omgsweeps/bootstrap.min.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://d3v7hbq4afry8x.cloudfront.net/js/omgsweeps/validator.js Message: Failed to load resource: the server responded with a status of 403 ()
other	error	URL: https://win.omgsweeps.info/api/offer Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.pushnami.com
bat.bing.com
d3v7hbq4afry8x.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
live.r3engage.com
psp.pushnami.com
stats.g.doubleclick.net
trc.pushnami.com
win.omgsweeps.info
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
108.157.4.80
2600:9000:2156:3800:16:a31f:4840:21
2620:1ec:c11::200
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2004
2a00:1450:4001:831::2008
2a00:1450:400c:c06::9c
3.225.160.67
52.207.0.73
52.49.160.208
52.72.180.169
0eaf591220d6075ab9638f2ddebc32f5fc1d996c359f8c3a9b1f056a7e46dd6e
139b34ee12bf8ed58e2c655f08e325665aaa280459280f6b6fc9ce99e60e8147
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1f2c11bdf5cb46652e78970e5d4f0196c9b77b77f6009102c1b8e99156d088d4
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
2d1b4ad51a6d322b7b06445327083e3510de0945eece6f43188266e4d7ebe562
33041ea44c3636f051ee41d1665f6ee4d38010aff333c27faf8cff4786041881
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
52b578ba3e0ae9c2df664df71e59eff10ff3f6bba38c669b29ff0db880ddf374
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5792b2c695cea6551eb1d9b84a4ce1db45084a53d5f663311883e81d1fc1a556
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
61689f3f8cb81a680436abea2be12be3d73e9ecd33e6b281dfb9a4600e11aead
6e3bad24966340371384bd301d22fc5c70b91f04c2c873a39a069865cf4a742f
739db8d736cf2cf264796656a113e1e2c97fb6d2626cf5a74bde38c219a04de7
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8a75e9142333ae18ccf5b69eb2b63c7d5c575436e9c1b20d5b0462af2d4d1312
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3949f8a2b649ad1421629f87f07eeeb415f65f61a6195bf4a50f16605fa482c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c9c51d36bf956ea197da06093b0f2b71ed8b70e6f007aa7f6b861e0d16229542
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb70c595f8c55628c0c796234268f869df625e5c21fbd02faeca47e0c26be25c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

win.omgsweeps.info Open in urlscan Pro 3.225.160.67 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

100 %HTTPS

67 %IPv6

12 Domains

15 Subdomains

15 IPs

4 Countries

805 kBTransfer

1887 kBSize

11 Cookies

9 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

win.omgsweeps.info Open in urlscan Pro
3.225.160.67 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

100 %
HTTPS

67 %
IPv6

12
Domains

15
Subdomains

15
IPs

4
Countries

805 kB
Transfer

1887 kB
Size

11
Cookies

61 HTTP transactions
0 data transactions