play.sweepstakesalerts.com Open in urlscan Pro
54.82.225.97 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true
Submission Tags: https://phish.report @phish_report Search All
Submission: On April 21 via api (April 21st 2023, 12:09:07 am UTC) from FI — Scanned from FI

Summary HTTP 122 Redirects Behaviour Indicators

Summary

This website contacted 61 IPs in 9 countries across 48 domains to perform 122 HTTP transactions. The main IP is 54.82.225.97, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is play.sweepstakesalerts.com. The Cisco Umbrella rank of the primary domain is 313093.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 28th 2023. Valid for: a year.

This is the only time play.sweepstakesalerts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	54.82.225.97 54.82.225.97	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
5	18.66.147.89 18.66.147.89	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
8	18.66.122.104 18.66.122.104	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
3	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	2600:9000:223... 2600:9000:223c:1000:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2.16.186.224 2.16.186.224	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.32.99.21 13.32.99.21	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:730... 2600:1f18:730:b110:3460:230f:215a:ce35	14618 (AMAZON-AES) (AMAZON-AES)
1	44.194.121.192 44.194.121.192	14618 (AMAZON-AES) (AMAZON-AES)
4 5	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	3.217.79.33 3.217.79.33	14618 (AMAZON-AES) (AMAZON-AES)
2	54.201.177.101 54.201.177.101	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1 3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6816:26b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:223... 2600:9000:223d:e600:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	18.196.237.241 18.196.237.241	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2 2	37.252.171.84 37.252.171.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.59.23.97 52.59.23.97	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.94 185.86.139.94	201081 (SMARTADSE...) (SMARTADSERVER)
3	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	46.51.167.113 46.51.167.113	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
1 2	34.247.72.187 34.247.72.187	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.159.93.177 18.159.93.177	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.159 64.202.112.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4216:cb74:941d:17a3:a3a6	14618 (AMAZON-AES) (AMAZON-AES)
1	23.45.237.121 23.45.237.121	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.72.159.51 54.72.159.51	16509 (AMAZON-02) (AMAZON-02)
5	44.195.7.210 44.195.7.210	14618 (AMAZON-AES) (AMAZON-AES)
1	54.229.94.229 54.229.94.229	16509 (AMAZON-02) (AMAZON-02)
5	35.153.6.197 35.153.6.197	14618 (AMAZON-AES) (AMAZON-AES)
1	3.141.139.120 3.141.139.120	16509 (AMAZON-02) (AMAZON-02)
1	13.32.23.67 13.32.23.67	16509 (AMAZON-02) (AMAZON-02)
1	3.220.50.246 3.220.50.246	14618 (AMAZON-AES) (AMAZON-AES)
122	61

3 54.82.225.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-225-97.compute-1.amazonaws.com

play.sweepstakesalerts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.66.147.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-89.fra60.r.cloudfront.net

cdn.play.sweepstakesalerts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.66.122.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-104.fra60.r.cloudfront.net

plugin.ai.sweepstakesalerts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:1000:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.16.186.224 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-224.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-21.fra60.r.cloudfront.net

static.newsbreak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b110:3460:230f:215a:ce35 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.194.121.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-121-192.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.217.79.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-79-33.compute-1.amazonaws.com

engine.ai.sweepstakesalerts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.201.177.101 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-201-177-101.us-west-2.compute.amazonaws.com

business.newsbreak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:26b6 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:e600:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.237.241 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-237-241.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.84 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.215 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.23.97 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-23-97.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.51.167.113 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-46-51-167-113.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.247.72.187 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-72-187.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.159.93.177 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-93-177.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.159 (Chicago, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:cb74:941d:17a3:a3a6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.237.121 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-237-121.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.159.51 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-159-51.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 44.195.7.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-7-210.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.94.229 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-94-229.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.153.6.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-153-6-197.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.141.139.120 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-141-139-120.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.23.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-67.fra56.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.220.50.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-50-246.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	sweepstakesalerts.com play.sweepstakesalerts.com — Cisco Umbrella Rank: 313093 cdn.play.sweepstakesalerts.com — Cisco Umbrella Rank: 445254 plugin.ai.sweepstakesalerts.com — Cisco Umbrella Rank: 789012 engine.ai.sweepstakesalerts.com — Cisco Umbrella Rank: 685430	662 KB
11	criteo.com 5 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3191 gum.criteo.com — Cisco Umbrella Rank: 442 mug.criteo.com — Cisco Umbrella Rank: 1686 sslwidget.criteo.com — Cisco Umbrella Rank: 1930 widget.us.criteo.com — Cisco Umbrella Rank: 17390 dis.criteo.com — Cisco Umbrella Rank: 941	29 KB
10	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 776	27 KB
7	trustedform.com cdn.trustedform.com — Cisco Umbrella Rank: 32889 api.trustedform.com — Cisco Umbrella Rank: 27503	42 KB
7	google.com 3 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2930 www.google.com — Cisco Umbrella Rank: 16	3 KB
6	doubleclick.net 4 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 166 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 313	4 KB
5	leadid.com create.leadid.com — Cisco Umbrella Rank: 19267	3 KB
5	google.fi www.google.fi — Cisco Umbrella Rank: 19881	707 B
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 794	103 KB
5	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1073 trc.taboola.com — Cisco Umbrella Rank: 839 sync-t1.taboola.com — Cisco Umbrella Rank: 1472 trc-events.taboola.com — Cisco Umbrella Rank: 2128	20 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 319 secure.adnxs.com — Cisco Umbrella Rank: 604	4 KB
4	bing.com bat.bing.com — Cisco Umbrella Rank: 519	13 KB
3	gstatic.com fonts.gstatic.com	41 KB
3	newsbreak.com static.newsbreak.com — Cisco Umbrella Rank: 64573 business.newsbreak.com — Cisco Umbrella Rank: 15879	3 KB
3	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 3443 rp.liadm.com — Cisco Umbrella Rank: 2091 rp4.liadm.com — Cisco Umbrella Rank: 5523	15 KB
3	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 187	5 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	65 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 812	878 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 277	2 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1838	2 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 402	509 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 427	875 B
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1478 pixel.quantserve.com — Cisco Umbrella Rank: 1327	9 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	170 KB
1	trueleadid.com deviceid.trueleadid.com — Cisco Umbrella Rank: 20671	2 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net	2 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2576	269 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 807	337 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2613	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 3632	235 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2806	400 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 976	582 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 987	145 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1620	885 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2879	274 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 612	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1151	235 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1622	163 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 535	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2185	172 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 774	114 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 777	357 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 447	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 838	802 B
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 28325	39 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 477	397 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1291	1 KB
122	48

	Domain	Requested by
10	js-agent.newrelic.com	play.sweepstakesalerts.com
8	plugin.ai.sweepstakesalerts.com	play.sweepstakesalerts.com plugin.ai.sweepstakesalerts.com
5	create.leadid.com	play.sweepstakesalerts.com deviceid.trueleadid.com
5	api.trustedform.com	cdn.trustedform.com
5	gum.criteo.com	4 redirects dynamic.criteo.com
5	www.google.fi	play.sweepstakesalerts.com
5	analytics.tiktok.com	play.sweepstakesalerts.com analytics.tiktok.com
5	cdn.play.sweepstakesalerts.com	play.sweepstakesalerts.com cdn.trustedform.com
4	engine.ai.sweepstakesalerts.com	play.sweepstakesalerts.com
4	www.google.com	3 redirects play.sweepstakesalerts.com
4	bat.bing.com	www.googletagmanager.com bat.bing.com play.sweepstakesalerts.com
3	googleads.g.doubleclick.net	3 redirects
3	region1.analytics.google.com	www.googletagmanager.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.googleadservices.com	www.googletagmanager.com
3	www.google-analytics.com	www.googletagmanager.com play.sweepstakesalerts.com
3	play.sweepstakesalerts.com	play.sweepstakesalerts.com
2	trc-events.taboola.com	play.sweepstakesalerts.com
2	ad.360yield.com	1 redirects
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	secure.adnxs.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	x.bidswitch.net	1 redirects
2	cdn.trustedform.com	plugin.ai.sweepstakesalerts.com cdn.trustedform.com
2	business.newsbreak.com	static.newsbreak.com
2	stats.g.doubleclick.net	www.googletagmanager.com play.sweepstakesalerts.com
2	fonts.googleapis.com	cdn.play.sweepstakesalerts.com client
2	www.googletagmanager.com	play.sweepstakesalerts.com www.googletagmanager.com
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	s.thebrighttag.com
1	beacon.krxd.net
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	cm.g.doubleclick.net	1 redirects
1	create.lidstatic.com	plugin.ai.sweepstakesalerts.com
1	bam.nr-data.net	js-agent.newrelic.com
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	mug.criteo.com	play.sweepstakesalerts.com
1	pixel.quantserve.com	play.sweepstakesalerts.com
1	trc.taboola.com	cdn.taboola.com
1	rp4.liadm.com	play.sweepstakesalerts.com
1	rp.liadm.com	1 redirects
1	rules.quantcount.com	secure.quantserve.com
1	static.newsbreak.com	play.sweepstakesalerts.com
1	dynamic.criteo.com	www.googletagmanager.com
1	b-code.liadm.com	www.googletagmanager.com
1	cdn.taboola.com	play.sweepstakesalerts.com
1	secure.quantserve.com	www.googletagmanager.com
122	68

This site contains no links.

Subject Issuer	Validity	Valid
sweepstakesalerts.com Amazon RSA 2048 M02	`2023-02-28` - `2024-02-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
cdn.play.sweepstakesalerts.com Amazon RSA 2048 M02	`2023-02-28` - `2023-11-17`	9 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.ai.financebuzz.com Amazon RSA 2048 M01	`2023-04-10` - `2024-05-09`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-30`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
newsbreak.com Amazon RSA 2048 M01	`2023-02-24` - `2023-08-23`	6 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.fi GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
quantserve.com R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh
*.ai.sweepstakesalerts.com Amazon RSA 2048 M02	`2023-02-23` - `2023-10-11`	8 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2023-02-28` - `2024-02-28`	a year	crt.sh
cdn.trustedform.com Amazon RSA 2048 M02	`2023-03-15` - `2024-04-12`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
teads.tv R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
itm.ivitrack.com R3	`2023-04-04` - `2023-07-03`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M01	`2023-02-11` - `2023-08-04`	6 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.trustedform.com Amazon RSA 2048 M02	`2023-02-22` - `2023-10-09`	8 months	crt.sh
create.leadid.com Amazon RSA 2048 M02	`2023-02-23` - `2023-10-19`	8 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
deviceid.trueleadid.com Amazon RSA 2048 M02	`2023-02-24` - `2024-01-06`	10 months	crt.sh

This page contains 7 frames:

Primary Page: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true
Frame ID: FC78B037F9621A567CA8C2CFCEB3E836
Requests: 84 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=play.sweepstakesalerts.com&origin=onetag
Frame ID: 8E08B57DD006C15C56EE1BB63F5DD123
Requests: 2 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-7x4N54UxA0-zuiqfUFMQKl7YTJW_lzDq8egCJg&expires=30
Frame ID: BCF8046EB17E9CA95752D095589154CE
Requests: 27 HTTP requests in this frame

Frame: https://api.trustedform.com/certs
Frame ID: B30AAD62F6389CE572378BD1BEDA9864
Requests: 1 HTTP requests in this frame

Frame: https://api.trustedform.com/certs/7e9f390982824563ea27b4f6e803f48169dfda4e/snapshot
Frame ID: 03D49CC119A1593D34893D805932805D
Requests: 4 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=EB25CC6C-01E2-9971-2157-BCA8B4C4EB52&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=ACA6987B-56D0-C81C-EF15-4611498F09A0&lac=D807E300-CF86-C252-F33B-644726D9F3F6
Frame ID: F37C339AAF5B50E4AA6E9FC4B9A4D8A3
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=EB25CC6C-01E2-9971-2157-BCA8B4C4EB52&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=ACA6987B-56D0-C81C-EF15-4611498F09A0&lac=D807E300-CF86-C252-F33B-644726D9F3F6
Frame ID: 486DC73B4837DF6E7F5CCF7E231CB310
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Win $5k Questions

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

122
Requests

87 %
HTTPS

30 %
IPv6

48
Domains

68
Subdomains

61
IPs

9
Countries

1273 kB
Transfer

4635 kB
Size

66
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944441858/?random=1518356268&cv=11&fst=1682035740935&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue&label=DP8vCP33hsUBEIKUrMID&hn=www.googleadservices.com&frm=0&tiba=Win%20%245k%20Questions&value=0&auid=1685992995.1682035741&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=HdRBZLCDCM_IxwKwg7UQ&sscte=1&crd=&eitems=ChEI8MWDogYQvubZl-bdyqDyARIdAD742C_MdMe9JDvdPLJaxm_CfScfehXgSWPJ734&pscrd=Ek5DaEFJOE1XRG9nWVF1TW1LcWNhVmlaMHNFaVlBLXZ0Q2RtX3FlaER1ZEpWOFdIVWs5Rm1sa0gxUlJkd05PTzA4WTdYcW9hM2JURjNmU1EaWkNoRUk4TVdEb2dZUXdJQ0M5N21pZ09YVEFSSXVBT2IyZTlKR0dzdXNkajNIMXRWUl9iMy1oUGg2dlIwd1pJenJyc0ZuQ1FDQ0poNHpHOTVwWTBqREdNQ08tUQ HTTP 302
https://www.google.com/pagead/1p-conversion/944441858/?random=1518356268&cv=11&fst=1682035740935&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue&label=DP8vCP33hsUBEIKUrMID&hn=www.googleadservices.com&frm=0&tiba=Win%20%245k%20Questions&value=0&auid=1685992995.1682035741&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE1XRG9nWVF1TW1LcWNhVmlaMHNFaVlBLXZ0Q2RtX3FlaER1ZEpWOFdIVWs5Rm1sa0gxUlJkd05PTzA4WTdYcW9hM2JURjNmU1EaWkNoRUk4TVdEb2dZUXdJQ0M5N21pZ09YVEFSSXVBT2IyZTlKR0dzdXNkajNIMXRWUl9iMy1oUGg2dlIwd1pJenJyc0ZuQ1FDQ0poNHpHOTVwWTBqREdNQ08tUQ&is_vtc=1&ocp_id=HdRBZLCDCM_IxwKwg7UQ&eitems=ChEI8MWDogYQvubZl-bdyqDyARIdAD742C-tREofNYTKDRd5xhLOxH3H6nelY0i-FMk&random=3917144991 HTTP 302
https://www.google.fi/pagead/1p-conversion/944441858/?random=1518356268&cv=11&fst=1682035740935&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue&label=DP8vCP33hsUBEIKUrMID&hn=www.googleadservices.com&frm=0&tiba=Win%20%245k%20Questions&value=0&auid=1685992995.1682035741&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE1XRG9nWVF1TW1LcWNhVmlaMHNFaVlBLXZ0Q2RtX3FlaER1ZEpWOFdIVWs5Rm1sa0gxUlJkd05PTzA4WTdYcW9hM2JURjNmU1EaWkNoRUk4TVdEb2dZUXdJQ0M5N21pZ09YVEFSSXVBT2IyZTlKR0dzdXNkajNIMXRWUl9iMy1oUGg2dlIwd1pJenJyc0ZuQ1FDQ0poNHpHOTVwWTBqREdNQ08tUQ&is_vtc=1&ocp_id=HdRBZLCDCM_IxwKwg7UQ&eitems=ChEI8MWDogYQvubZl-bdyqDyARIdAD742C-tREofNYTKDRd5xhLOxH3H6nelY0i-FMk&random=3917144991&ipr=y&prhg=0

Request Chain 32

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944467835/?random=1464008033&cv=11&fst=1682035740945&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue&label=JROgCLuylIAYEPvercID&hn=www.googleadservices.com&frm=0&tiba=Win%20%245k%20Questions&value=0&auid=1685992995.1682035741&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=HdRBZPGDCJTC1wbTwIf4AQ&sscte=1&crd=&eitems=ChEI8MWDogYQvubZl-bdyqDyARIdAD742C89L5lAUPZ_i2QOB9XjfTbp_x5t8aAvpmw&pscrd=Ek5DaEFJOE1XRG9nWVF1TW1LcWNhVmlaMHNFaVlBLXZ0Q2RtX3FlaER1ZEpWOFdIVWs5Rm1sa0gxUlJkd05PTzA4WTdYcW9hM2JURjNmU1EaWkNoRUk4TVdEb2dZUXdJQ0M5N21pZ09YVEFSSXVBT2IyZTlJV3dSdGlZZnhpRC1tM2pvbUFOM2I5VTRtYVhYemU3Vmhlb1dHQlpnVEotWEJHbDBuLVJpdVlyUQ HTTP 302
https://www.google.com/pagead/1p-conversion/944467835/?random=1464008033&cv=11&fst=1682035740945&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue&label=JROgCLuylIAYEPvercID&hn=www.googleadservices.com&frm=0&tiba=Win%20%245k%20Questions&value=0&auid=1685992995.1682035741&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE1XRG9nWVF1TW1LcWNhVmlaMHNFaVlBLXZ0Q2RtX3FlaER1ZEpWOFdIVWs5Rm1sa0gxUlJkd05PTzA4WTdYcW9hM2JURjNmU1EaWkNoRUk4TVdEb2dZUXdJQ0M5N21pZ09YVEFSSXVBT2IyZTlJV3dSdGlZZnhpRC1tM2pvbUFOM2I5VTRtYVhYemU3Vmhlb1dHQlpnVEotWEJHbDBuLVJpdVlyUQ&is_vtc=1&ocp_id=HdRBZPGDCJTC1wbTwIf4AQ&eitems=ChEI8MWDogYQvubZl-bdyqDyARIdAD742C-ufg4KfzajXJLMsJYTL2hsjd4h4hXChjY&random=2156556188 HTTP 302
https://www.google.fi/pagead/1p-conversion/944467835/?random=1464008033&cv=11&fst=1682035740945&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue&label=JROgCLuylIAYEPvercID&hn=www.googleadservices.com&frm=0&tiba=Win%20%245k%20Questions&value=0&auid=1685992995.1682035741&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE1XRG9nWVF1TW1LcWNhVmlaMHNFaVlBLXZ0Q2RtX3FlaER1ZEpWOFdIVWs5Rm1sa0gxUlJkd05PTzA4WTdYcW9hM2JURjNmU1EaWkNoRUk4TVdEb2dZUXdJQ0M5N21pZ09YVEFSSXVBT2IyZTlJV3dSdGlZZnhpRC1tM2pvbUFOM2I5VTRtYVhYemU3Vmhlb1dHQlpnVEotWEJHbDBuLVJpdVlyUQ&is_vtc=1&ocp_id=HdRBZPGDCJTC1wbTwIf4AQ&eitems=ChEI8MWDogYQvubZl-bdyqDyARIdAD742C-ufg4KfzajXJLMsJYTL2hsjd4h4hXChjY&random=2156556188&ipr=y&prhg=0

Request Chain 35

https://rp.liadm.com/j?dtstmp=1682035741297&aid=a-01nn&se=eyJldmVudCI6ImNvbnZlcnNpb24iLCJuYW1lIjoiZGVsaXZlcnlfYWRkcmVzcyIsImVtYWlsIjoiIn0&duid=b5db4fe28af0--01gygj94kebv0tjzx7ktfb77am&tna=v2.7.1&pu=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlPldpbiAkNWsgUXVlc3Rpb25zPC90aXRsZT4 HTTP 302
https://rp4.liadm.com/j?dtstmp=1682035741297&aid=a-01nn&se=eyJldmVudCI6ImNvbnZlcnNpb24iLCJuYW1lIjoiZGVsaXZlcnlfYWRkcmVzcyIsImVtYWlsIjoiIn0&duid=b5db4fe28af0--01gygj94kebv0tjzx7ktfb77am&tna=v2.7.1&pu=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlPldpbiAkNWsgUXVlc3Rpb25zPC90aXRsZT4&i6=MmEwYzpmMDQwOjA6Mjc5MDo6MmU%3D&n3pc=true

Request Chain 36

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944441858/?random=1697076902&cv=11&fst=1682035740942&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue&label=IRcKCLinkuEBEIKUrMID&hn=www.googleadservices.com&frm=0&tiba=Win%20%245k%20Questions&value=0&auid=1685992995.1682035741&ec_mode=c&uamb=0&uaw=0&em=tv.1~pn.e0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=HdRBZJ2tCsqF1gbs1bL4Ag&sscte=1&crd=&eitems=ChEI8MWDogYQvubZl-bdyqDyARIdAD742C9-tQZlC-j5Y6zd7Prn0egAtuTVbNw-Bjc&pscrd=Ek5DaEFJOE1XRG9nWVF1TW1LcWNhVmlaMHNFaVlBLXZ0Q2RtX3FlaER1ZEpWOFdIVWs5Rm1sa0gxUlJkd05PTzA4WTdYcW9hM2JURjNmU1EaWkNoRUk4TVdEb2dZUXdJQ0M5N21pZ09YVEFSSXVBT2IyZTlMR1FyTGo2Sjh5VWx5cU1xUXdjNEp1b2V5Q3VjUHFTRlFaaU9pVjNSSmp4TlJGbk1qMkgyOTJ1QQ HTTP 302
https://www.google.com/pagead/1p-conversion/944441858/?random=1697076902&cv=11&fst=1682035740942&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue&label=IRcKCLinkuEBEIKUrMID&hn=www.googleadservices.com&frm=0&tiba=Win%20%245k%20Questions&value=0&auid=1685992995.1682035741&ec_mode=c&uamb=0&uaw=0&em=tv.1~pn.e0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE1XRG9nWVF1TW1LcWNhVmlaMHNFaVlBLXZ0Q2RtX3FlaER1ZEpWOFdIVWs5Rm1sa0gxUlJkd05PTzA4WTdYcW9hM2JURjNmU1EaWkNoRUk4TVdEb2dZUXdJQ0M5N21pZ09YVEFSSXVBT2IyZTlMR1FyTGo2Sjh5VWx5cU1xUXdjNEp1b2V5Q3VjUHFTRlFaaU9pVjNSSmp4TlJGbk1qMkgyOTJ1QQ&is_vtc=1&ocp_id=HdRBZJ2tCsqF1gbs1bL4Ag&eitems=ChEI8MWDogYQvubZl-bdyqDyARIdAD742C_0EMge2Jn-zYAR6_W_VsaB72FzJfWPJcA&random=730021631 HTTP 302
https://www.google.fi/pagead/1p-conversion/944441858/?random=1697076902&cv=11&fst=1682035740942&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue&label=IRcKCLinkuEBEIKUrMID&hn=www.googleadservices.com&frm=0&tiba=Win%20%245k%20Questions&value=0&auid=1685992995.1682035741&ec_mode=c&uamb=0&uaw=0&em=tv.1~pn.e0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE1XRG9nWVF1TW1LcWNhVmlaMHNFaVlBLXZ0Q2RtX3FlaER1ZEpWOFdIVWs5Rm1sa0gxUlJkd05PTzA4WTdYcW9hM2JURjNmU1EaWkNoRUk4TVdEb2dZUXdJQ0M5N21pZ09YVEFSSXVBT2IyZTlMR1FyTGo2Sjh5VWx5cU1xUXdjNEp1b2V5Q3VjUHFTRlFaaU9pVjNSSmp4TlJGbk1qMkgyOTJ1QQ&is_vtc=1&ocp_id=HdRBZJ2tCsqF1gbs1bL4Ag&eitems=ChEI8MWDogYQvubZl-bdyqDyARIdAD742C_0EMge2Jn-zYAR6_W_VsaB72FzJfWPJcA&random=730021631&ipr=y&prhg=0

Request Chain 51

https://gum.criteo.com/sid/json?origin=onetag&domain=sweepstakesalerts.com&sn=ChromeSyncframe&so=0&topUrl=play.sweepstakesalerts.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=A64OEXxRaUdoNW15REpSTXd4WEJoWTJtdHhQMnVZS1g4YzI0NkJua0tUajNTLzN4QXp2VjJuekNBZUtrM2VNRGVvVmQ5ZWtIOWJWTWplMEVGeTRoSStSY1MrME5yZE5NMVJPUGYzd0ZxTURmOGpZcmNOKzBXOThUMDRJMTIvaDJVdnpreEJ5T0Ura2pKdzR4RVRWQjdQU3FRb3lBMTRyc1c1Q2llVkZ6SmVvRzNJTk9PdndUTVhOdmNaYyt2Wm9uQlRQUHhBcEpBazJqdUg3ckdQRzBWaStocmlOcnlMaHcyYzRJSkZHQU9ubDdtRlJOYUNvRzZOMzBnY0YyMXZTbTRRWk9iSmtoMXR3Y3pGeFdaYzlucFFpOWxxQkxkWktNTzdDSjY3bWwvekYwYnB0Yz18&cppv=2

Request Chain 58

https://sslwidget.criteo.com/event?a=84770&v=5.15.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvc%26id%3D1682035740521%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&adce=1&bundle=fNMIKV8yRGN4NW43eEJ0N3ZkSnd6VUZiQjFkTGNzVWRPbDZKQTJTU1UzeTQxazJITFdpMWJLRVBvMzFOMDhMZzhMWVVtQjNPN2ZkWUt2djBicXFiYjJ3SVMxVndybHYlMkZOZmQ5bmdpV2duWlhsUmFETWVER3dnYzZEZXlDNnV2MTQlMkZuTVFUNlZ0SXAlMkJuY200VFMlMkZDN2FKYUxLcG83cEtIZ3RiTEwwOWJPZkNCcUF4MCUzRA&tld=sweepstakesalerts.com&dy=1&fu=https%253A%252F%252Fplay.sweepstakesalerts.com%252Fwin-5000%252Fwin-5k-questions%252F490%253Fpassed%253Dtrue&ceid=ec984cb0-c604-4606-9ec1-2b8edac91206&dtycbr=91154 HTTP 302
https://widget.us.criteo.com/event?a=84770&v=5.15.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvc%26id%3D1682035740521%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&adce=1&bundle=fNMIKV8yRGN4NW43eEJ0N3ZkSnd6VUZiQjFkTGNzVWRPbDZKQTJTU1UzeTQxazJITFdpMWJLRVBvMzFOMDhMZzhMWVVtQjNPN2ZkWUt2djBicXFiYjJ3SVMxVndybHYlMkZOZmQ5bmdpV2duWlhsUmFETWVER3dnYzZEZXlDNnV2MTQlMkZuTVFUNlZ0SXAlMkJuY200VFMlMkZDN2FKYUxLcG83cEtIZ3RiTEwwOWJPZkNCcUF4MCUzRA&tld=sweepstakesalerts.com&dy=1&fu=https%253A%252F%252Fplay.sweepstakesalerts.com%252Fwin-5000%252Fwin-5k-questions%252F490%253Fpassed%253Dtrue&ceid=ec984cb0-c604-4606-9ec1-2b8edac91206&dtycbr=91154

Request Chain 75

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-7x4N54UxA0-zuiqfUFMQKl7YTJW_lzDq8egCJg&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-7x4N54UxA0-zuiqfUFMQKl7YTJW_lzDq8egCJg&expires=30

Request Chain 76

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-72roy4UxA0-zuiqfUFMQKl7YTJWOQ3C5QqRdIg&google_cm&google_hm=ay03MnJveTRVeEEwLXp1aXFmVUZNUUtsN1lUSldPUTNDNVFxUmRJZw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-72roy4UxA0-zuiqfUFMQKl7YTJWOQ3C5QqRdIg&google_gid=CAESEArcX8aE3N-7mLpnuEfa22U&google_cver=1&google_ula=913071,0

Request Chain 77

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4853351913472758427

Request Chain 78

https://secure.adnxs.com/setuid?entity=52&code=k-2eqKMYUxA0-zuiqfUFMQKl7YTJWcCCIAC8XKQQ HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-2eqKMYUxA0-zuiqfUFMQKl7YTJWcCCIAC8XKQQ

Request Chain 86

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-V9qknIUxA0-zuiqfUFMQKl7YTJUOIQYo7cVr0Q HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-V9qknIUxA0-zuiqfUFMQKl7YTJUOIQYo7cVr0Q&verify=true

Request Chain 89

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-9E2JCYUxA0-zuiqfUFMQKl7YTJVDDzl9ferEPw HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-9E2JCYUxA0-zuiqfUFMQKl7YTJVDDzl9ferEPw&C=1

Request Chain 90

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=lG5yARmbgCoIWlNNWYJ1E13qNEwf06fl HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=lG5yARmbgCoIWlNNWYJ1E13qNEwf06fl

Request Chain 92

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-Qy8QVIUxA0-zuiqfUFMQKl7YTJX55uY0soHdEA HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Qy8QVIUxA0-zuiqfUFMQKl7YTJX55uY0soHdEA

Request Chain 102

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=jxGZvrsrDWceHV5z6EG466Rgdvg6QuL-

Request Chain 104

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=EvSI91wxhrPf7ng6DcyOoYp8AKbeWdPk

122 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 490 Show response
play.sweepstakesalerts.com/win-5000/win-5k-questions/ 69 KB
28 KB 485ms
204ms Document
text/html 54.82.225.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.82.225.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-225-97.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

3b04253f300447bb6dba2eccb97625123442d30d5f11933955accbfc1b9b46c9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 21 Apr 2023 00:09:00 GMT
server: nginx/1.10.3 (Ubuntu)
vary: Cookie
x-frame-options: SAMEORIGIN

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 269 KB
87 KB 219ms
85ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P7FW2V8

Requested by

Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1bafeecbda4804fb203b5a59c3486217afc6b6a1016df542af1bee4830b24807

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 00:09:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88764
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Apr 2023 00:09:00 GMT

GET
H2 200 34a85a69b16a.css
cdn.play.sweepstakesalerts.com/static/css/ 34 KB
8 KB 192ms
62ms Stylesheet
text/css 18.66.147.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.play.sweepstakesalerts.com/static/css/34a85a69b16a.css
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-89.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 408a50c1effc5011fd28990e818d1b0f7315306f51e4c73c845aae84a57c21c7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:13:55 GMT
content-encoding: gzip
via: 1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
last-modified: Wed, 22 May 2019 15:19:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 147306
etag: "977751e0bba21d85af41821971fcff8f"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 7673
x-amz-cf-id: wp9ECVN8lbnE6IduPxsgsc3sDKtX9ygog7z4QvqXoUrpamgrSCUt1w==

GET
H2 200 0c1ef8eb68bf.js Show response
cdn.play.sweepstakesalerts.com/static/js/ 99 KB
35 KB 190ms
63ms Script
application/javascript 18.66.147.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.play.sweepstakesalerts.com/static/js/0c1ef8eb68bf.js
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-89.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b44241ddfb23dd4442e04cbd0a0e2193015f22af9f8aaf70166cc7728426d685

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:02:06 GMT
content-encoding: gzip
via: 1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
last-modified: Mon, 03 Apr 2023 13:55:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 346014
etag: "0f60a24d65cb9143289f788221acedb4"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 34936
x-amz-cf-id: hkhg1eJY3SlIGVKy0fOqxqOEXJFjVxwhoyyqLAsIGoZXslJ5zn0GrA==

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 203ms
72ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Requested by

Host: cdn.play.sweepstakesalerts.com
URL: https://cdn.play.sweepstakesalerts.com/static/css/34a85a69b16a.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8cb00b3db2e68ae430cd96730d426b74a42cd138f3f2475564861aa1fdda0888

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://cdn.play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Apr 2023 00:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 23:57:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Apr 2023 00:09:00 GMT

GET
H2 200 bg-money-orange.jpg
cdn.play.sweepstakesalerts.com/static/img/ 164 KB
164 KB 62ms
62ms Image
image/jpeg 18.66.147.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.play.sweepstakesalerts.com/static/img/bg-money-orange.jpg
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-89.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df56f740d4cddadaaee90c2b03a8c20a31f57bc2ee5db684813eab504a227d41

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 23:11:00 GMT
via: 1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
last-modified: Tue, 01 Oct 2019 22:48:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 262681
etag: "33333f02c61d6968d3ce4d93a970df87"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 167752
x-amz-cf-id: CxdETf_yPX1KUr2wcDQmRKjVWQqm9XL_sR8YlHuMqhGFPiPVVc5p9A==

GET
H2 200 logo-sweepstakesalerts-white.svg
cdn.play.sweepstakesalerts.com/static/img/ 29 KB
12 KB 136ms
136ms Image
image/svg+xml 18.66.147.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.play.sweepstakesalerts.com/static/img/logo-sweepstakesalerts-white.svg
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-89.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 244f03e6430da5686033b5c0ececa20702e15047ef64458993908bbd78d4c24b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 03:00:59 GMT
content-encoding: gzip
via: 1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
last-modified: Tue, 01 Oct 2019 22:48:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 162482
etag: "e4a2eb296ca372f408d8900e1adafe1e"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes
content-length: 11443
x-amz-cf-id: PqCmraKjX_5MPKoXgMc4wbiliLMWjnB39liOzEXrvdlL_Ia8BccebQ==

GET
H2 200 alpha-intent.js Show response
plugin.ai.sweepstakesalerts.com/ 342 KB
96 KB 209ms
68ms Script
text/javascript 18.66.122.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plugin.ai.sweepstakesalerts.com/alpha-intent.js?20233210
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-104.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 02e74f08ea4b15f968aeb12150c49f32c252b18b9a52f58b3f41e6ccee23fc93

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 21:25:14 GMT
content-encoding: gzip
via: 1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
last-modified: Wed, 19 Apr 2023 16:38:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 26395
x-amz-server-side-encryption: AES256
etag: W/"804c45df59096f28594f5d5778379415"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: Ed5m7dNuX9nAvLrYB_aMmR3G5NzS5OexyAQCufLBE63-32wU-WBk8g==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 248 KB
83 KB 80ms
78ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q9WRQ78FTS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7FW2V8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e62dcd1e435949453d67f1ae4e48e5bc3e1f58c53923be1ea33a29a3734939e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 00:09:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85297
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Apr 2023 00:09:00 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 113 KB
44 KB 251ms
119ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-W6DW6GG

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7FW2V8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a830974a9e1b328960ed95bc03e3970e99f8d1902a8c86e18d6c5fefcd9e91cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 00:09:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45206
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Apr 2023 00:09:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 189ms
61ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7FW2V8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 20 Apr 2023 22:27:45 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6076
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 21 Apr 2023 00:27:45 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 237ms
88ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7FW2V8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

eec5c0b7f3736c064a5c93fb61f419fe7d3f7c1815c81004312fd349fd43be2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 21 Apr 2023 00:09:00 GMT
last-modified: Thu, 20 Apr 2023 19:01:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C50EB92E90BD48828C36CBA63484D048 Ref B: FRAEDGE1721 Ref C: 2023-04-21T00:09:01Z
etag: "808c558fba73d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12048

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 193ms
56ms Script
application/javascript 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7FW2V8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 00:09:01 GMT
content-encoding: gzip
etag: "DUHyBE1e2vdA+NAhXV6BXg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 28 Apr 2023 00:09:01 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/944441858/ 3 KB
2 KB 235ms
77ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/944441858/?random=1682035740935&cv=11&fst=1682035740935&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue&label=DP8vCP33hsUBEIKUrMID&hn=www.googleadservices.com&frm=0&tiba=Win%20%245k%20Questions&value=0&bttype=purchase&auid=1685992995.1682035741&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7FW2V8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

bbd519e47eee3028faac088704d2b5e2d5f7c66a90aedd53edc260869c07b892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 00:09:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1629
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/944467835/ 3 KB
2 KB 230ms
77ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/944467835/?random=1682035740945&cv=11&fst=1682035740945&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue&label=JROgCLuylIAYEPvercID&hn=www.googleadservices.com&frm=0&tiba=Win%20%245k%20Questions&value=0&bttype=purchase&auid=1685992995.1682035741&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7FW2V8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

8affedcc1c7a0cd6607c04d0d89a719d89eca6ed55795b78aa49f4fdc036f359

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 00:09:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1630
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1163270/ 58 KB
18 KB 370ms
250ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1163270/tfa.js
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 41c212effec4cc2acf8ced3b71642e4f55460bee887bb7d6601ca1510236a3d0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: SwDPg3kIRNiOYTz0kUBNM5.C9anhz76L
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Apr 2023 00:09:01 GMT
x-amz-request-id: MY4PC96ZCMDRGYVC
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 18201
x-amz-id-2: hafevGqNN5JZurYs/QAZQkOj6vK2aWNBkcFpacPwPmEPV7Ofy3762PStESX/oB5Dk8DcstsIU20=
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Sun, 16 Apr 2023 11:21:40 GMT
server: AmazonS3
x-timer: S1682035741.091094,VS0,VE195
etag: "b752df077ca0b5aed9b3dbe398d43e83"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 72
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 a-01nn.min.js Show response
b-code.liadm.com/ 42 KB
14 KB 237ms
69ms Script
application/javascript 2600:9000:223c:1000:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-01nn.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7FW2V8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:1000:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 41a715a09c8b0a330db8b978e6d399bf7a500090fbc853ce78cd70212118cb26

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:22:48 GMT
content-encoding: gzip
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 63973
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: T0k5ZuMd6RJTulC9isMdJzCUKojMeykt2AbzFtcGmSsqWFnPYPfnRg==

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 44 KB
15 KB 251ms
112ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=84770

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7FW2V8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c5b9d2bad54a08e3f39be1a4689731a77928c974c9295b8e270469ed93925cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 00:09:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 373ms
163ms Script
application/javascript 2.16.186.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBCSD5RC77U5BM7P156G&lib=ttq
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5a55b04b275039ff9f15108546c5a971ac008c9e69c45acede48f1d8b80fea48

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-akamai-request-id: cb49155.1a1f0f2c
date: Fri, 21 Apr 2023 00:09:01 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-220.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
x-parent-response-time: 104,2.16.186.220
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=9, inner; dur=4
content-length: 1525
pragma: no-cache
server: nginx
x-tt-logid: 20230421000901A3EE9AD8C261287B8024
x-cache-remote: TCP_MISS from a104-96-220-52.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4-47547456) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,104.96.220.52
x-tt-trace-host: 010bf1c7d313b4c19406b050dbe963a0a8477a7733a6de8c935f89f76fe6504e2e99e4a775d47f23cf231075e57f2b0da9c8b8cb02505ab23f3ec34dee387ca4e2e80e72431d9381427c950f784b90015c6a942deae43bd70d8197ecdeea354f7e869c9df6c40fbfe299be522c4b915f7b
expires: Fri, 21 Apr 2023 00:09:01 GMT

GET
H2 200 nbpixel.js Show response
static.newsbreak.com/business/tracking/ 8 KB
3 KB 216ms
61ms Script
application/javascript 13.32.99.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.newsbreak.com/business/tracking/nbpixel.js?t=1682121600000
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: jRibpKGpU8hDlj36OARsNwPFpjnyG6Ii
content-encoding: gzip
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
date: Thu, 20 Apr 2023 15:04:18 GMT
x-amz-cf-pop: FRA60-P3
age: 52312
x-cache: Hit from cloudfront
last-modified: Thu, 14 Oct 2021 07:49:18 GMT
server: AmazonS3
etag: W/"7d6af9a6683da50918d44e9d35360ff8"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: ykPOLwkXyIRPw5ENai40Jw1H_ToSQQnp72SbDIdlv0UhbqtKHdE0vw==

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/944441858/ 3 KB
2 KB 75ms
75ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/944441858/?random=1682035740942&cv=11&fst=1682035740942&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue&label=IRcKCLinkuEBEIKUrMID&hn=www.googleadservices.com&frm=0&tiba=Win%20%245k%20Questions&value=0&bttype=purchase&auid=1685992995.1682035741&ec_mode=c&uamb=0&uaw=0&em=tv.1~pn.e0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7FW2V8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

145c31af1cf0daccafd54a195fd19d5ad9a9a3d828045d602644fb8dc5aa6b51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 00:09:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1646
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 193ms
61ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://play.sweepstakesalerts.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:31:11 GMT
x-content-type-options: nosniff
age: 221870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:31:11 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
261 B 119ms
34ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Q9WRQ78FTS&gtm=45je34j0&_p=1066966329&_gaz=1&cid=192333882.1682035741&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682035741&sct=1&seg=0&dl=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue&dt=Win%20%245k%20Questions&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q9WRQ78FTS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 00:09:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://play.sweepstakesalerts.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
261 B 207ms
66ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Q9WRQ78FTS&cid=192333882.1682035741&gtm=45je34j0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q9WRQ78FTS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 00:09:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://play.sweepstakesalerts.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fi/ads/ 42 B
408 B 221ms
75ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q9WRQ78FTS&cid=192333882.1682035741&gtm=45je34j0&aip=1&z=258835575

Requested by

Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 00:09:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 retry-axios.alpha-intent.js Show response
plugin.ai.sweepstakesalerts.com/ 3 KB
1 KB 59ms
58ms Script
text/javascript 18.66.122.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plugin.ai.sweepstakesalerts.com/retry-axios.alpha-intent.js
Requested by: Host: plugin.ai.sweepstakesalerts.com
URL: https://plugin.ai.sweepstakesalerts.com/alpha-intent.js?20233210
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-104.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ce6ac8efcf2caa6e8fa7fcc25ec43f540581ef6193a333ad0a2dfd56f4e21294

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 23:02:19 GMT
content-encoding: gzip
via: 1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
last-modified: Wed, 19 Apr 2023 16:38:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 17195
x-amz-server-side-encryption: AES256
etag: W/"47627d9a3ad459455b87ceee596cbc90"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: AKH0EqeLhMltMhn5Im-rYxsDg8pR9a-luVJfIKxtEsG7le-rBLT1iA==

GET
H2 200 8.alpha-intent.js Show response
plugin.ai.sweepstakesalerts.com/ 67 KB
19 KB 67ms
66ms Script
text/javascript 18.66.122.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plugin.ai.sweepstakesalerts.com/8.alpha-intent.js
Requested by: Host: plugin.ai.sweepstakesalerts.com
URL: https://plugin.ai.sweepstakesalerts.com/alpha-intent.js?20233210
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-104.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bdeee3c026e414a8aa3a238e6e96879ddc5370074442c49d9076fea60c7f725c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 21:25:15 GMT
content-encoding: gzip
via: 1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
last-modified: Wed, 19 Apr 2023 16:38:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 26394
x-amz-server-side-encryption: AES256
etag: W/"c71fea30486d840c22e5b53b509f3a3c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: WnBgFctKLE6wOWftVfT0ygTLYPDDap6dCoXMxOvRCNVSo-fg31og6Q==

GET
H2 200 578.alpha-intent.js Show response
plugin.ai.sweepstakesalerts.com/ 13 KB
6 KB 67ms
65ms Script
text/javascript 18.66.122.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plugin.ai.sweepstakesalerts.com/578.alpha-intent.js
Requested by: Host: plugin.ai.sweepstakesalerts.com
URL: https://plugin.ai.sweepstakesalerts.com/alpha-intent.js?20233210
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-104.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a5c94a4cb252d381bb6f87eb00616fbb91b12059889436867031584a88364627

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 21:25:15 GMT
content-encoding: gzip
via: 1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
last-modified: Wed, 19 Apr 2023 16:38:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 26394
x-amz-server-side-encryption: AES256
etag: W/"cb4c7d6d258c649a6417435186b1c1ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 6NkX68ih_PKyF47WNWjWh6F1PTB89GFIfgxFg2Vm5_9FhECWWOuSWw==

GET
H2 200 multistep.alpha-intent.js Show response
plugin.ai.sweepstakesalerts.com/ 71 KB
17 KB 75ms
73ms Script
text/javascript 18.66.122.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plugin.ai.sweepstakesalerts.com/multistep.alpha-intent.js
Requested by: Host: plugin.ai.sweepstakesalerts.com
URL: https://plugin.ai.sweepstakesalerts.com/alpha-intent.js?20233210
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-104.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f60834e4c629ff948656934f04b8f97e61596e1c9016a22fc4eca02db7d1410c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 21:25:15 GMT
content-encoding: gzip
via: 1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
last-modified: Wed, 19 Apr 2023 16:38:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 26394
x-amz-server-side-encryption: AES256
etag: W/"1269657597d6530a454f3083abf9ef29"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: BVBWQ5aNbBihTSQYn3JzIC5EjbFBVoXLBhoOybMLKJFdvMzf2_uvvg==

GET
H2 200 786.alpha-intent.js Show response
plugin.ai.sweepstakesalerts.com/ 26 KB
9 KB 82ms
80ms Script
text/javascript 18.66.122.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plugin.ai.sweepstakesalerts.com/786.alpha-intent.js
Requested by: Host: plugin.ai.sweepstakesalerts.com
URL: https://plugin.ai.sweepstakesalerts.com/alpha-intent.js?20233210
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-104.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f194c666906f15617900275f0ca12c391a7190a17e339f2b67b1064d1f14664c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 21:25:15 GMT
content-encoding: gzip
via: 1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
last-modified: Wed, 19 Apr 2023 16:38:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 26394
x-amz-server-side-encryption: AES256
etag: W/"a4843e1db19c6b466a6683d953515df1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: jRNUo8NCYscUa3iZQmRbtb7CsSuiKD8CNzYzgpjZvjZRKSmsz38K_Q==

GET
H2 200 events.alpha-intent.js Show response
plugin.ai.sweepstakesalerts.com/ 240 KB
36 KB 81ms
80ms Script
text/javascript 18.66.122.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plugin.ai.sweepstakesalerts.com/events.alpha-intent.js
Requested by: Host: plugin.ai.sweepstakesalerts.com
URL: https://plugin.ai.sweepstakesalerts.com/alpha-intent.js?20233210
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-104.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6d890d34a1a089c113970a948a1fb81bf597dba45cf5280fe1fd1e0281f0202

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:49:08 GMT
content-encoding: br
via: 1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
last-modified: Wed, 19 Apr 2023 16:38:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 26394
x-amz-server-side-encryption: AES256
etag: W/"974982bca71e669f427bd05658f309ac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: TWCkHz6iRALCvT5UCgkjpoantN4sr3Ob6TEjfwt0f1nvjgQadOSVsw==

GET
H2 200 rules-p-KgfKnLKEydhQX.js Show response
rules.quantcount.com/ 663 B
1 KB 208ms
60ms Script
application/javascript 2600:9000:223c:200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-KgfKnLKEydhQX.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3908b1571a9e3ef509ba535215db88a944f6d301e5a3194e21f98b63e4bc7d4b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 23:10:30 GMT
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 3512
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 663
last-modified: Wed, 09 Oct 2019 21:46:18 GMT
server: AmazonS3
etag: "24bfe90597a01d37400814a2e514eed3"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 2JmaHdJ7QUV-UXcvBdSOe3SY7xF3Srf2TBISakokDa8LDTJ1miYdqg==

GET
H3

200

/
www.google.fi/pagead/1p-conversion/944441858/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944441858/?random=1518356268&cv=11&fst=1682035740935&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay...
https://www.google.com/pagead/1p-conversion/944441858/?random=1518356268&cv=11&fst=1682035740935&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay.sweepstakesalerts.co...
https://www.google.fi/pagead/1p-conversion/944441858/?random=1518356268&cv=11&fst=1682035740935&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay.sweepstakesalerts.com...

42 B
64 B

78ms
78ms

Image
image/gif

2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/pagead/1p-conversion/944441858/?random=1518356268&cv=11&fst=1682035740935&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue&label=DP8vCP33hsUBEIKUrMID&hn=www.googleadservices.com&frm=0&tiba=Win%20%245k%20Questions&value=0&auid=1685992995.1682035741&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE1XRG9nWVF1TW1LcWNhVmlaMHNFaVlBLXZ0Q2RtX3FlaER1ZEpWOFdIVWs5Rm1sa0gxUlJkd05PTzA4WTdYcW9hM2JURjNmU1EaWkNoRUk4TVdEb2dZUXdJQ0M5N21pZ09YVEFSSXVBT2IyZTlKR0dzdXNkajNIMXRWUl9iMy1oUGg2dlIwd1pJenJyc0ZuQ1FDQ0poNHpHOTVwWTBqREdNQ08tUQ&is_vtc=1&ocp_id=HdRBZLCDCM_IxwKwg7UQ&eitems=ChEI8MWDogYQvubZl-bdyqDyARIdAD742C-tREofNYTKDRd5xhLOxH3H6nelY0i-FMk&random=3917144991&ipr=y&prhg=0

Requested by

Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true

Protocol

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 00:09:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 00:09:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.fi/pagead/1p-conversion/944441858/?random=1518356268&cv=11&fst=1682035740935&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue&label=DP8vCP33hsUBEIKUrMID&hn=www.googleadservices.com&frm=0&tiba=Win%20%245k%20Questions&value=0&auid=1685992995.1682035741&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE1XRG9nWVF1TW1LcWNhVmlaMHNFaVlBLXZ0Q2RtX3FlaER1ZEpWOFdIVWs5Rm1sa0gxUlJkd05PTzA4WTdYcW9hM2JURjNmU1EaWkNoRUk4TVdEb2dZUXdJQ0M5N21pZ09YVEFSSXVBT2IyZTlKR0dzdXNkajNIMXRWUl9iMy1oUGg2dlIwd1pJenJyc0ZuQ1FDQ0poNHpHOTVwWTBqREdNQ08tUQ&is_vtc=1&ocp_id=HdRBZLCDCM_IxwKwg7UQ&eitems=ChEI8MWDogYQvubZl-bdyqDyARIdAD742C-tREofNYTKDRd5xhLOxH3H6nelY0i-FMk&random=3917144991&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.fi/pagead/1p-conversion/944467835/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944467835/?random=1464008033&cv=11&fst=1682035740945&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay...
https://www.google.com/pagead/1p-conversion/944467835/?random=1464008033&cv=11&fst=1682035740945&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay.sweepstakesalerts.co...
https://www.google.fi/pagead/1p-conversion/944467835/?random=1464008033&cv=11&fst=1682035740945&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay.sweepstakesalerts.com...

42 B
64 B

79ms
78ms

Image
image/gif

2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/pagead/1p-conversion/944467835/?random=1464008033&cv=11&fst=1682035740945&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue&label=JROgCLuylIAYEPvercID&hn=www.googleadservices.com&frm=0&tiba=Win%20%245k%20Questions&value=0&auid=1685992995.1682035741&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE1XRG9nWVF1TW1LcWNhVmlaMHNFaVlBLXZ0Q2RtX3FlaER1ZEpWOFdIVWs5Rm1sa0gxUlJkd05PTzA4WTdYcW9hM2JURjNmU1EaWkNoRUk4TVdEb2dZUXdJQ0M5N21pZ09YVEFSSXVBT2IyZTlJV3dSdGlZZnhpRC1tM2pvbUFOM2I5VTRtYVhYemU3Vmhlb1dHQlpnVEotWEJHbDBuLVJpdVlyUQ&is_vtc=1&ocp_id=HdRBZPGDCJTC1wbTwIf4AQ&eitems=ChEI8MWDogYQvubZl-bdyqDyARIdAD742C-ufg4KfzajXJLMsJYTL2hsjd4h4hXChjY&random=2156556188&ipr=y&prhg=0

Requested by

Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true

Protocol

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 00:09:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 00:09:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.fi/pagead/1p-conversion/944467835/?random=1464008033&cv=11&fst=1682035740945&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue&label=JROgCLuylIAYEPvercID&hn=www.googleadservices.com&frm=0&tiba=Win%20%245k%20Questions&value=0&auid=1685992995.1682035741&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE1XRG9nWVF1TW1LcWNhVmlaMHNFaVlBLXZ0Q2RtX3FlaER1ZEpWOFdIVWs5Rm1sa0gxUlJkd05PTzA4WTdYcW9hM2JURjNmU1EaWkNoRUk4TVdEb2dZUXdJQ0M5N21pZ09YVEFSSXVBT2IyZTlJV3dSdGlZZnhpRC1tM2pvbUFOM2I5VTRtYVhYemU3Vmhlb1dHQlpnVEotWEJHbDBuLVJpdVlyUQ&is_vtc=1&ocp_id=HdRBZPGDCJTC1wbTwIf4AQ&eitems=ChEI8MWDogYQvubZl-bdyqDyARIdAD742C-ufg4KfzajXJLMsJYTL2hsjd4h4hXChjY&random=2156556188&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
189 B 68ms
68ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1066966329&t=pageview&_s=1&dl=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue&ul=en-us&de=UTF-8&dt=Win%20%245k%20Questions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABQAAAACAAI~&jid=1148599375&gjid=92078858&cid=192333882.1682035741&tid=UA-46324972-3&_gid=1252704147.1682035741&_r=1&_slc=1&gtm=45He34j0n81P7FW2V8&cd3=490&cd4=&cd7=&cd8=&cd11=&cd12=&z=456883089

Requested by

Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://play.sweepstakesalerts.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 00:09:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://play.sweepstakesalerts.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
play.sweepstakesalerts.com/session/ 0
534 B 146ms
146ms XHR
text/html 54.82.225.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://play.sweepstakesalerts.com/session/?ga_client_id=192333882.1682035741

Requested by

Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.82.225.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-225-97.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
X-NewRelic-ID: UgQAU1JbGwQIVVFVDgAB
Referer: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true
X-Requested-With: XMLHttpRequest
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
sentry-trace: 96ee2c435bff49dbbb28017580844ce5-b864f06d66245c63-0

Response headers

date: Fri, 21 Apr 2023 00:09:01 GMT
x-newrelic-app-data: PxQBU1FRDAsTU1lTBwYOV1ITGhE1AwE2QgNWEVlbQFtcCxYnRA9QFg1ZWU4AFlZdVQgSTEFYUhEXC0VSFAM8EVURSwtXVhYeA0kJTwFRBFRXBQVRX1EKCwVVVFQFBBtLVR0UAgFXUgRWU1kHDFsGU1JSAEMdB1IOF1Nq
server: nginx/1.10.3 (Ubuntu)
vary: Cookie
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 0

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1682035741297&aid=a-01nn&se=eyJldmVudCI6ImNvbnZlcnNpb24iLCJuYW1lIjoiZGVsaXZlcnlfYWRkcmVzcyIsImVtYWlsIjoiIn0&duid=b5db4fe28af0--01gygj94kebv0tjzx7ktfb77am&tna=v2.7.1&pu...
https://rp4.liadm.com/j?dtstmp=1682035741297&aid=a-01nn&se=eyJldmVudCI6ImNvbnZlcnNpb24iLCJuYW1lIjoiZGVsaXZlcnlfYWRkcmVzcyIsImVtYWlsIjoiIn0&duid=b5db4fe28af0--01gygj94kebv0tjzx7ktfb77am&tna=v2.7.1&p...

13 B
552 B

479ms
137ms

XHR
application/json

44.194.121.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1682035741297&aid=a-01nn&se=eyJldmVudCI6ImNvbnZlcnNpb24iLCJuYW1lIjoiZGVsaXZlcnlfYWRkcmVzcyIsImVtYWlsIjoiIn0&duid=b5db4fe28af0--01gygj94kebv0tjzx7ktfb77am&tna=v2.7.1&pu=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlPldpbiAkNWsgUXVlc3Rpb25zPC90aXRsZT4&i6=MmEwYzpmMDQwOjA6Mjc5MDo6MmU%3D&n3pc=true

Requested by

Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true

Protocol

Server

44.194.121.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-121-192.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 00:09:02 GMT
x-pixel-event-id: f04e0417-5045-4922-8c99-6026e8f83c1d
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 0
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: 3dff1ba8ee3e4732
content-length: 13
x-xss-protection: 1; mode=block

Redirect headers

date: Fri, 21 Apr 2023 00:09:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1682035741297&aid=a-01nn&se=eyJldmVudCI6ImNvbnZlcnNpb24iLCJuYW1lIjoiZGVsaXZlcnlfYWRkcmVzcyIsImVtYWlsIjoiIn0&duid=b5db4fe28af0--01gygj94kebv0tjzx7ktfb77am&tna=v2.7.1&pu=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlPldpbiAkNWsgUXVlc3Rpb25zPC90aXRsZT4&i6=MmEwYzpmMDQwOjA6Mjc5MDo6MmU%3D&n3pc=true
access-control-allow-origin: https://play.sweepstakesalerts.com
request-time: 0
access-control-allow-credentials: true
trace-id: 09c152c39f20b95a
content-length: 0
x-xss-protection: 1; mode=block

GET
H3

200

/
www.google.fi/pagead/1p-conversion/944441858/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944441858/?random=1697076902&cv=11&fst=1682035740942&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay...
https://www.google.com/pagead/1p-conversion/944441858/?random=1697076902&cv=11&fst=1682035740942&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay.sweepstakesalerts.co...
https://www.google.fi/pagead/1p-conversion/944441858/?random=1697076902&cv=11&fst=1682035740942&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay.sweepstakesalerts.com...

42 B
64 B

76ms
76ms

Image
image/gif

2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/pagead/1p-conversion/944441858/?random=1697076902&cv=11&fst=1682035740942&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue&label=IRcKCLinkuEBEIKUrMID&hn=www.googleadservices.com&frm=0&tiba=Win%20%245k%20Questions&value=0&auid=1685992995.1682035741&ec_mode=c&uamb=0&uaw=0&em=tv.1~pn.e0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE1XRG9nWVF1TW1LcWNhVmlaMHNFaVlBLXZ0Q2RtX3FlaER1ZEpWOFdIVWs5Rm1sa0gxUlJkd05PTzA4WTdYcW9hM2JURjNmU1EaWkNoRUk4TVdEb2dZUXdJQ0M5N21pZ09YVEFSSXVBT2IyZTlMR1FyTGo2Sjh5VWx5cU1xUXdjNEp1b2V5Q3VjUHFTRlFaaU9pVjNSSmp4TlJGbk1qMkgyOTJ1QQ&is_vtc=1&ocp_id=HdRBZJ2tCsqF1gbs1bL4Ag&eitems=ChEI8MWDogYQvubZl-bdyqDyARIdAD742C_0EMge2Jn-zYAR6_W_VsaB72FzJfWPJcA&random=730021631&ipr=y&prhg=0

Requested by

Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true

Protocol

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 00:09:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 00:09:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.fi/pagead/1p-conversion/944441858/?random=1697076902&cv=11&fst=1682035740942&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue&label=IRcKCLinkuEBEIKUrMID&hn=www.googleadservices.com&frm=0&tiba=Win%20%245k%20Questions&value=0&auid=1685992995.1682035741&ec_mode=c&uamb=0&uaw=0&em=tv.1~pn.e0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE1XRG9nWVF1TW1LcWNhVmlaMHNFaVlBLXZ0Q2RtX3FlaER1ZEpWOFdIVWs5Rm1sa0gxUlJkd05PTzA4WTdYcW9hM2JURjNmU1EaWkNoRUk4TVdEb2dZUXdJQ0M5N21pZ09YVEFSSXVBT2IyZTlMR1FyTGo2Sjh5VWx5cU1xUXdjNEp1b2V5Q3VjUHFTRlFaaU9pVjNSSmp4TlJGbk1qMkgyOTJ1QQ&is_vtc=1&ocp_id=HdRBZJ2tCsqF1gbs1bL4Ag&eitems=ChEI8MWDogYQvubZl-bdyqDyARIdAD742C_0EMge2Jn-zYAR6_W_VsaB72FzJfWPJcA&random=730021631&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 26042910.js Show response
bat.bing.com/p/action/ 0
117 B 165ms
164ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/26042910.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 21 Apr 2023 00:09:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 434D1043C0D14660876AE8B57E9FE543 Ref B: FRAEDGE1721 Ref C: 2023-04-21T00:09:01Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
285 B 93ms
92ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26042910&tm=gtm002&Ver=2&mid=8c59d980-ec9f-45c2-9a11-cbbfabccc3ff&sid=b81ca320dfd811eda68dd714689b47d8&vid=b81ce7a0dfd811ed9d9e352dfac79613&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Win%20%245k%20Questions&p=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue&r=&lt=906&evt=pageLoad&sv=1&rn=874219

Requested by

Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 21 Apr 2023 00:09:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 798D5D8FCA7B4C638DAD5580DC6017F7 Ref B: FRAEDGE1721 Ref C: 2023-04-21T00:09:01Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8E08 15 KB
6 KB 180ms
57ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=play.sweepstakesalerts.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=84770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://play.sweepstakesalerts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 00:09:01 GMT
server: Kestrel
server-processing-duration-in-ticks: 341900
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 200 /
engine.ai.sweepstakesalerts.com/api/1.0/paths/1/54/18/ Frame 0
0 428ms
137ms Preflight
text/html 3.217.79.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.ai.sweepstakesalerts.com/api/1.0/paths/1/54/18/?init=eyJmaXJzdG5hbWUiOiIiLCJsYXN0bmFtZSI6IiIsImVtYWlsIjoiIiwibWQ1ZW1haWwiOiIiLCJhZGRyZXNzIjoiIiwiYWRkcmVzczIiOiIiLCJjaXR5IjoiIiwic3RhdGUiOiIiLCJ6aXBjb2RlIjoiIiwicGhvbmUiOiIiLCJnZW5kZXIiOiIiLCJkb2IiOiIiLCJ4MSI6IiIsIngyIjoiIiwieDMiOiIiLCJ4NCI6IiIsIng1IjoiIiwieDYiOiIiLCJ4NyI6IjEwMjUiLCJ4OCI6Ijg5IiwieDkiOiI0OTAiLCJ4MTAiOiIiLCJlbWFpbF9wbGF0Zm9ybSI6IiIsImVtYWlsX3NlbmRlciI6IiIsImVtYWlsX3NlbmRlcl9kb21haW4iOiIiLCJlbWFpbF9tZXNzYWdlX2lkIjoiIiwiZW1haWxfbWVzc2FnZV92ZXJzaW9uX2lkIjoiIiwiZW1haWxfc3Vic2NyaWJlcl9pZCI6IiIsImVtYWlsX2RvbWFpbiI6IiIsInB1c2hfcGxhdGZvcm0iOiIiLCJwdXNoX3NpdGUiOiIiLCJwdXNoX21lc3NhZ2VfaWQiOiIiLCJwdXNoX21lc3NhZ2VfdmVyc2lvbl9pZCI6IiIsInB1c2hfc3Vic2NyaWJlcl9pZCI6IiIsInNvdXJjZSI6IiIsImNhbXBhaWduIjoiIiwibWVkaXVtIjoiIiwidGVybSI6IiIsImNvbnRlbnQiOiIiLCJrZXl3b3JkIjoiIiwiYWRncm91cGlkIjoiIiwiY2FtcGFpZ25pZCI6IiIsImNsaWNraWQiOiIiLCJnY2xpZCI6IiIsImZiY2xpZCI6IiIsIm1zY2xraWQiOiIiLCJnYWNsaWVudGlkIjoiIiwiZmJwIjoiIiwicmVnaXN0cmF0aW9uX3RydXN0ZWRfZm9ybSI6IiIsInJlZ2lzdHJhdGlvbl9qb3JuYXlhIjoiIiwicGFnZV9zbHVnIjoiL3dpbi01MDAwL3dpbi01ay1xdWVzdGlvbnMvNDkwIiwicmVmZXJyZXJfdXJsIjoiIiwiZGF0YV9hdHRycyI6IiJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.79.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-79-33.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-request-id
Access-Control-Request-Method: GET
Origin: https://play.sweepstakesalerts.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, x-request-id, sentry-trace
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://play.sweepstakesalerts.com
access-control-expose-headers: X-Request-ID
access-control-max-age: 86400
content-length: 0
content-type: text/html; charset=utf-8
date: Fri, 21 Apr 2023 00:09:01 GMT
server: nginx/1.14.0 (Ubuntu)
vary: Origin
x-request-id: c5cf9ec02c3342638b2fe563952da151

GET
H2 200 tailwind.alpha-intent.js Show response
plugin.ai.sweepstakesalerts.com/ 2 MB
154 KB 63ms
63ms Script
text/javascript 18.66.122.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plugin.ai.sweepstakesalerts.com/tailwind.alpha-intent.js
Requested by: Host: plugin.ai.sweepstakesalerts.com
URL: https://plugin.ai.sweepstakesalerts.com/alpha-intent.js?20233210
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-104.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: db284d18b3f823c159cd9358d83bfc452d1accefe26e2392f224c0183123ee9d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 21:25:16 GMT
content-encoding: gzip
via: 1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
last-modified: Wed, 19 Apr 2023 16:38:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 26393
x-amz-server-side-encryption: AES256
etag: W/"739f3dd0002f813121a81817ca1f8f88"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: ElgAbLzYkaifrc4t1F6IF4asYc-ZNwMym3nzVjt3RLkDaaJ6Eb133A==

GET
H2 200 / Show response
engine.ai.sweepstakesalerts.com/api/1.0/paths/1/54/18/ 32 KB
33 KB 601ms
320ms XHR
application/json 3.217.79.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://engine.ai.sweepstakesalerts.com/api/1.0/paths/1/54/18/?init=eyJmaXJzdG5hbWUiOiIiLCJsYXN0bmFtZSI6IiIsImVtYWlsIjoiIiwibWQ1ZW1haWwiOiIiLCJhZGRyZXNzIjoiIiwiYWRkcmVzczIiOiIiLCJjaXR5IjoiIiwic3RhdGUiOiIiLCJ6aXBjb2RlIjoiIiwicGhvbmUiOiIiLCJnZW5kZXIiOiIiLCJkb2IiOiIiLCJ4MSI6IiIsIngyIjoiIiwieDMiOiIiLCJ4NCI6IiIsIng1IjoiIiwieDYiOiIiLCJ4NyI6IjEwMjUiLCJ4OCI6Ijg5IiwieDkiOiI0OTAiLCJ4MTAiOiIiLCJlbWFpbF9wbGF0Zm9ybSI6IiIsImVtYWlsX3NlbmRlciI6IiIsImVtYWlsX3NlbmRlcl9kb21haW4iOiIiLCJlbWFpbF9tZXNzYWdlX2lkIjoiIiwiZW1haWxfbWVzc2FnZV92ZXJzaW9uX2lkIjoiIiwiZW1haWxfc3Vic2NyaWJlcl9pZCI6IiIsImVtYWlsX2RvbWFpbiI6IiIsInB1c2hfcGxhdGZvcm0iOiIiLCJwdXNoX3NpdGUiOiIiLCJwdXNoX21lc3NhZ2VfaWQiOiIiLCJwdXNoX21lc3NhZ2VfdmVyc2lvbl9pZCI6IiIsInB1c2hfc3Vic2NyaWJlcl9pZCI6IiIsInNvdXJjZSI6IiIsImNhbXBhaWduIjoiIiwibWVkaXVtIjoiIiwidGVybSI6IiIsImNvbnRlbnQiOiIiLCJrZXl3b3JkIjoiIiwiYWRncm91cGlkIjoiIiwiY2FtcGFpZ25pZCI6IiIsImNsaWNraWQiOiIiLCJnY2xpZCI6IiIsImZiY2xpZCI6IiIsIm1zY2xraWQiOiIiLCJnYWNsaWVudGlkIjoiIiwiZmJwIjoiIiwicmVnaXN0cmF0aW9uX3RydXN0ZWRfZm9ybSI6IiIsInJlZ2lzdHJhdGlvbl9qb3JuYXlhIjoiIiwicGFnZV9zbHVnIjoiL3dpbi01MDAwL3dpbi01ay1xdWVzdGlvbnMvNDkwIiwicmVmZXJyZXJfdXJsIjoiIiwiZGF0YV9hdHRycyI6IiJ9

Requested by

Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.217.79.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-217-79-33.compute-1.amazonaws.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

80c99e4bce16cad454f7f0717da866e1454f2dd8b41d0d7129bb5704646d72ab

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://play.sweepstakesalerts.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
x-request-id: e38d0d5d2b3047e08d92609b1caec150

Response headers

date: Fri, 21 Apr 2023 00:09:02 GMT
server: nginx/1.14.0 (Ubuntu)
x-frame-options: SAMEORIGIN
vary: Origin, Cookie
content-type: application/json
access-control-allow-origin: https://play.sweepstakesalerts.com
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 32379
x-request-id: e38d0d5d2b3047e08d92609b1caec150

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 65ms
65ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-46324972-3&cid=192333882.1682035741&jid=1148599375&gjid=92078858&_gid=1252704147.1682035741&_u=aADAAEAAQAAAACAAI~&z=604389322

Requested by

Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://play.sweepstakesalerts.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 21 Apr 2023 00:09:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://play.sweepstakesalerts.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1163270/trc/3/ 3 KB
2 KB 136ms
130ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1163270/trc/3/json?tim=1682035741379&data=%7B%22id%22%3A490%2C%22ii%22%3A%22%2Fwin-5000%2Fwin-5k-questions%2F490%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1682035741367%2C%22cv%22%3A%2220230416-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fpassed%3Dtrue%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dbuzzery-sweepstakes-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1682035741377%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue%22%2C%22tos%22%3A4%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1163270/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 63ff421577be3b20599ab40709f0955c4be201a18304d3b1af4e7b816d2aaae4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms: 75
date: Fri, 21 Apr 2023 00:09:01 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-fra-eddf8230111-FRA
server: nginx
x-timer: S1682035741.411264,VS0,VE75
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 200 pixel.gif
business.newsbreak.com/tracking/ 0
0 573ms
188ms Ping
application/json 54.201.177.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://business.newsbreak.com/tracking/pixel.gif?id=ID-1561851096954953730&uid=1-1ypplqc3-lgpsngeo&ev=pageload&ed=&v=1&dl=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue&rl=&ts=1682035740950&de=UTF-8&sr=1600x1200&vp=1600x1200&cd=24&dt=Win%20%245k%20Questions&bn=Chrome%20112&md=false&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F112.0.5615.121%20Safari%2F537.36&tz=0&utm_source=&utm_medium=&utm_term=&utm_content=&utm_campaign=&nb_aid=&nb_fid=&nb_cid=&esourceid=&csource=&siteid=&ccreative=&cname=&placement_id=&placement_name=&icode=&promo=&uid_01=&uid_02=&uid_03=&uid_04=&uid_05=&uid_06=&uid_07=&uid_08=
Requested by: Host: static.newsbreak.com
URL: https://static.newsbreak.com/business/tracking/nbpixel.js?t=1682121600000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.201.177.101 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-201-177-101.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

POST
H2 200 pixel.gif
business.newsbreak.com/tracking/ 0
0 564ms
189ms Ping
application/json 54.201.177.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://business.newsbreak.com/tracking/pixel.gif?id=ID-1561851096954953730&uid=1-1ypplqc3-lgpsngeo&ev=conversion_event&ed=&v=1&dl=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue&rl=&ts=1682035741398&de=UTF-8&sr=1600x1200&vp=1600x1200&cd=24&dt=Win%20%245k%20Questions&bn=Chrome%20112&md=false&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F112.0.5615.121%20Safari%2F537.36&tz=0&utm_source=&utm_medium=&utm_term=&utm_content=&utm_campaign=&nb_aid=&nb_fid=&nb_cid=&esourceid=&csource=&siteid=&ccreative=&cname=&placement_id=&placement_name=&icode=&promo=&uid_01=&uid_02=&uid_03=&uid_04=&uid_05=&uid_06=&uid_07=&uid_08=
Requested by: Host: static.newsbreak.com
URL: https://static.newsbreak.com/business/tracking/nbpixel.js?t=1682121600000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.201.177.101 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-201-177-101.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 208ms
74ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-46324972-3&cid=192333882.1682035741&jid=1148599375&_u=aADAAEAAQAAAACAAI~&z=1405568997

Requested by

Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 00:09:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fi/ads/ 42 B
107 B 75ms
74ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-46324972-3&cid=192333882.1682035741&jid=1148599375&_u=aADAAEAAQAAAACAAI~&z=1405568997

Requested by

Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 00:09:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=413507710;source=gtm;rf=0;a=p-KgfKnLKEydhQX;url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue;uht=2;fpan=1;fpa=P0-1998019231-1682035741256;pbc...
pixel.quantserve.com/ 35 B
372 B 66ms
56ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=413507710;source=gtm;rf=0;a=p-KgfKnLKEydhQX;url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue;uht=2;fpan=1;fpa=P0-1998019231-1682035741256;pbc=;ns=0;ce=1;qjs=1;qv=93f4cf8b-20230329153214;cm=;gdpr=0;ref=;d=sweepstakesalerts.com;dst=0;et=1682035741469;tzo=0;ogl=;ses=900a30a6-41e3-4aed-90e2-aaf5fa4888ad

Requested by

Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 00:09:01 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 main.MTFlZGFkNDkwMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 256 KB
69 KB 59ms
59ms Script
application/javascript 2.16.186.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFlZGFkNDkwMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBCSD5RC77U5BM7P156G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 03904d282a158b60cca5f936ba76aa7777e1070b06de9b59a23732067a965dc2

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-akamai-request-id: 1a1f0f3d
date: Fri, 21 Apr 2023 00:09:01 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202304181345564D338736EABF9EA5E65F
vary: Accept-Encoding
x-cache: TCP_HIT from a2-16-186-220.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01f3b2aa023f691b51fd012907ff3edf0ab37ebcfcd3318a35ace05ea74d93bb336dd483ffd9b3e3530db327e1df69285b7f7f6c6ef0e239ff8706a645787eb352fb70153cdb7435c0ff641d7be20f69b17c5585eff901711d19ccdc771da3115b
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=3
content-length: 69550

GET
H2

200

sid Show response
mug.criteo.com/ Frame 8E08
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=sweepstakesalerts.com&sn=ChromeSyncframe&so=0&topUrl=play.sweepstakesalerts.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=A64OEXxRaUdoNW15REpSTXd4WEJoWTJtdHhQMnVZS1g4YzI0NkJua0tUajNTLzN4QXp2VjJuekNBZUtrM2VNRGVvVmQ5ZWtIOWJWTWplMEVGeTRoSStSY1MrME5yZE5NMVJPUGYzd0ZxTURmOGpZcmNOKzBXOThUMDRJMT...

447 B
669 B

201ms
59ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=A64OEXxRaUdoNW15REpSTXd4WEJoWTJtdHhQMnVZS1g4YzI0NkJua0tUajNTLzN4QXp2VjJuekNBZUtrM2VNRGVvVmQ5ZWtIOWJWTWplMEVGeTRoSStSY1MrME5yZE5NMVJPUGYzd0ZxTURmOGpZcmNOKzBXOThUMDRJMTIvaDJVdnpreEJ5T0Ura2pKdzR4RVRWQjdQU3FRb3lBMTRyc1c1Q2llVkZ6SmVvRzNJTk9PdndUTVhOdmNaYyt2Wm9uQlRQUHhBcEpBazJqdUg3ckdQRzBWaStocmlOcnlMaHcyYzRJSkZHQU9ubDdtRlJOYUNvRzZOMzBnY0YyMXZTbTRRWk9iSmtoMXR3Y3pGeFdaYzlucFFpOWxxQkxkWktNTzdDSjY3bWwvekYwYnB0Yz18&cppv=2

Requested by

Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

24a58b3cb468c4ac01a576cf98786e10bac58fa6ec12e67eca16bd0b23632280

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 00:09:01 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1477797
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 00:09:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=A64OEXxRaUdoNW15REpSTXd4WEJoWTJtdHhQMnVZS1g4YzI0NkJua0tUajNTLzN4QXp2VjJuekNBZUtrM2VNRGVvVmQ5ZWtIOWJWTWplMEVGeTRoSStSY1MrME5yZE5NMVJPUGYzd0ZxTURmOGpZcmNOKzBXOThUMDRJMTIvaDJVdnpreEJ5T0Ura2pKdzR4RVRWQjdQU3FRb3lBMTRyc1c1Q2llVkZ6SmVvRzNJTk9PdndUTVhOdmNaYyt2Wm9uQlRQUHhBcEpBazJqdUg3ckdQRzBWaStocmlOcnlMaHcyYzRJSkZHQU9ubDdtRlJOYUNvRzZOMzBnY0YyMXZTbTRRWk9iSmtoMXR3Y3pGeFdaYzlucFFpOWxxQkxkWktNTzdDSjY3bWwvekYwYnB0Yz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 428539
content-length: 0
expires: 0

GET
H2 200 identify_d1af3.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 61ms
61ms Script
application/javascript 2.16.186.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_d1af3.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFlZGFkNDkwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-akamai-request-id: 1a1f0f4e
date: Fri, 21 Apr 2023 00:09:01 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230418134557EC1AA2550F5EA91789AB
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-16-186-220.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01f3b2aa023f691b51fd012907ff3edf0ab37ebcfcd3318a35ace05ea74d93bb331f6c5280cffdf1e733fe6871018f1bb318f2737de06983bbc06f2939a90ebde37dc253634b8ab22987d4b07019baada1d3db7cce92618cf7b32a1a28544cba42
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 30728

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
693 B 181ms
180ms Ping
text/plain 2.16.186.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFlZGFkNDkwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://play.sweepstakesalerts.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: dab621b.1a1f0f5b
date: Fri, 21 Apr 2023 00:09:01 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-220.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
x-parent-response-time: 117,2.16.186.220
server-timing: cdn-cache; desc=MISS, edge; dur=93, origin; dur=29, inner; dur=27
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230421000901C4844BCBDA9B2A7083D2
x-cache-remote: TCP_MISS from a23-220-104-16.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 29,23.220.104.16
x-tt-trace-host: 010bf1c7d313b4c19406b050dbe963a0a811b154a7ed07968161d6f4ff4f540841214ba36660d26f4f9fdcddf7afa7ca167c4d926be907db11ab556d9387692f381db55e012216f88cf35055771a9587e590980ed2c6f8f7af9bc5551ec9556f8f7e66f75314869062a8644702b67467a5
expires: Fri, 21 Apr 2023 00:09:01 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
690 B 192ms
192ms Ping
text/plain 2.16.186.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFlZGFkNDkwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://play.sweepstakesalerts.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: dab61da.1a1f0f5c
date: Fri, 21 Apr 2023 00:09:01 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-220.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
x-parent-response-time: 124,2.16.186.220
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=37, inner; dur=33
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230421000901B1A461ADFDD472658209
x-cache-remote: TCP_MISS from a23-220-104-16.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 37,23.220.104.16
x-tt-trace-host: 010bf1c7d313b4c19406b050dbe963a0a811b154a7ed07968161d6f4ff4f540841214ba36660d26f4f9fdcddf7afa7ca16bb952370fd4290ca51a20fc9cdf8cfeb5adc41cdc523856c7aa60a854753f3598b8f7474c8fd1db8bcfe2419b5cc0732abeb07c9d303d13aa3033b3aa86513e7
expires: Fri, 21 Apr 2023 00:09:01 GMT

GET
H2 200 async-api.6c072bf7-1.230.0.min.js Show response
js-agent.newrelic.com/ 2 KB
1 KB 176ms
56ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/async-api.6c072bf7-1.230.0.min.js
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6a613ee9108f1d682a41dbf67bf48474111f09ae1b3f9610371f9e9ab310ba1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: rWoTEmf9ai1ouwS3ToIE043y.yHgDQor
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Apr 2023 00:09:01 GMT
x-amz-request-id: QSRFMRZ77Y2Z2DJQ
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1210
x-amz-id-2: Za0UZSz1OFrnOpVo4T7wP8XYC/Ek7k//OgLPg3bazS9qyUSNVRqEGDOsDZ0x+zDdJnaBkh26hV0=
x-served-by: cache-fra-eddf8230132-FRA
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682035742.959842,VS0,VE0
etag: "a21c5f6b7cdfc3dedc83c2262a56d7cd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 271

GET
H2 200 lazy-loader.ff971c03-1.230.0.min.js Show response
js-agent.newrelic.com/ 928 B
898 B 175ms
55ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/lazy-loader.ff971c03-1.230.0.min.js
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16a2fcf59eb7e6f04fe15ad2b13cff5fd8813a3267e7f4c57fdf16d35470f5d8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: moNPj5M8w_3ogm1Lwe_Y7qB7rdPjSB51
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Apr 2023 00:09:01 GMT
x-amz-request-id: QSR7PDPNT55ZZSA2
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 414
x-amz-id-2: P2RtaY9Xsp5Tjg4GGCXhJQaDWB03m3J0s+01c0DOSVCYtRqqK0LsmyZ9qzN3jAuvEXPR4+XW5LI=
x-served-by: cache-fra-eddf8230132-FRA
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682035742.959829,VS0,VE0
etag: "5c71e603fdc4b5e7eb31a10d4bf90768"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 275

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 34ms
33ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Q9WRQ78FTS&gtm=45je34j0&_p=1066966329&cid=192333882.1682035741&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1682035741&sct=1&seg=0&dl=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue&dt=Win%20%245k%20Questions&en=scroll&epn.percent_scrolled=90&_et=16
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q9WRQ78FTS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 00:09:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://play.sweepstakesalerts.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=84770&v=5.15.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvc%26id%3D1682035740521%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1...
https://widget.us.criteo.com/event?a=84770&v=5.15.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvc%26id%3D1682035740521%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1...

8 KB
4 KB

450ms
161ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=84770&v=5.15.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvc%26id%3D1682035740521%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&adce=1&bundle=fNMIKV8yRGN4NW43eEJ0N3ZkSnd6VUZiQjFkTGNzVWRPbDZKQTJTU1UzeTQxazJITFdpMWJLRVBvMzFOMDhMZzhMWVVtQjNPN2ZkWUt2djBicXFiYjJ3SVMxVndybHYlMkZOZmQ5bmdpV2duWlhsUmFETWVER3dnYzZEZXlDNnV2MTQlMkZuTVFUNlZ0SXAlMkJuY200VFMlMkZDN2FKYUxLcG83cEtIZ3RiTEwwOWJPZkNCcUF4MCUzRA&tld=sweepstakesalerts.com&dy=1&fu=https%253A%252F%252Fplay.sweepstakesalerts.com%252Fwin-5000%252Fwin-5k-questions%252F490%253Fpassed%253Dtrue&ceid=ec984cb0-c604-4606-9ec1-2b8edac91206&dtycbr=91154

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

06081ebbd41ded4f65a02425e37ac954f90279b1ca48de639c4c0db12cefdf27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 00:09:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 26836343
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 00:09:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://widget.us.criteo.com/event?a=84770&v=5.15.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvc%26id%3D1682035740521%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&adce=1&bundle=fNMIKV8yRGN4NW43eEJ0N3ZkSnd6VUZiQjFkTGNzVWRPbDZKQTJTU1UzeTQxazJITFdpMWJLRVBvMzFOMDhMZzhMWVVtQjNPN2ZkWUt2djBicXFiYjJ3SVMxVndybHYlMkZOZmQ5bmdpV2duWlhsUmFETWVER3dnYzZEZXlDNnV2MTQlMkZuTVFUNlZ0SXAlMkJuY200VFMlMkZDN2FKYUxLcG83cEtIZ3RiTEwwOWJPZkNCcUF4MCUzRA&tld=sweepstakesalerts.com&dy=1&fu=https%253A%252F%252Fplay.sweepstakesalerts.com%252Fwin-5000%252Fwin-5k-questions%252F490%253Fpassed%253Dtrue&ceid=ec984cb0-c604-4606-9ec1-2b8edac91206&dtycbr=91154
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 16367296
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 862.9f44b58b-1.230.0.min.js Show response
js-agent.newrelic.com/ 9 KB
4 KB 59ms
59ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/862.9f44b58b-1.230.0.min.js
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6859eb8f0f96a1493a47e0cab0144e6dba46b3c492042660dd5b02b6cec167b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: xRkMl8fpKmpkb8xSPDFwInKFtxpiLeiU
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Apr 2023 00:09:02 GMT
x-amz-request-id: QSR9CK8S37AYF0HW
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3583
x-amz-id-2: jAIzgzE4lrqiWmcA9TBwuq/8Ifw5jKLJvkH83VR9iuPW8pCc60oikyt1q59mk6+uVnPOkbf5mYY=
x-served-by: cache-fra-eddf8230132-FRA
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682035742.020495,VS0,VE0
etag: "c4e5d826698f6566f247167a7565c832"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 276

GET
H2 200 page_view_event-aggregate.75812140-1.230.0.min.js Show response
js-agent.newrelic.com/ 10 KB
4 KB 58ms
58ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_view_event-aggregate.75812140-1.230.0.min.js
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c124e8d5cc4a724c0cc1650bbb0c64f90f6cd00807ec75353423d6cb0880390

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: 7bfBjgjP9vhwGKyYNbxNdw69c7w6yepO
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Apr 2023 00:09:02 GMT
x-amz-request-id: QSR0YETDTHRC2GKC
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3954
x-amz-id-2: PRwaM0U3S7W5V3LKuvBlmpxhGLwrMgNLoNughsWsDVB7xnQ5mDbcgfMipw4wmw8NYqhSZAdFVDI=
x-served-by: cache-fra-eddf8230132-FRA
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682035742.020489,VS0,VE0
etag: "a4978f5fb64e86334a1dbb282220c851"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 274

GET
H2 200 page_view_timing-aggregate.9590bdab-1.230.0.min.js Show response
js-agent.newrelic.com/ 12 KB
5 KB 56ms
55ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_view_timing-aggregate.9590bdab-1.230.0.min.js
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ffa12a66b77bcb1fc0cc691ed439b877e084a91bd9f5537e651306fcf6246049

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: Fq.2FKw4tsY9sm_ft7J67YTmHBEmGUpk
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Apr 2023 00:09:02 GMT
x-amz-request-id: QSR2GWZ3P2Y9N40V
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4624
x-amz-id-2: s8Bm/8ahiQmsvCIUEoqMiVl1bqqUG6W5Zqr2dpQFtF+dUK2oYORzGldnA7196EaSaMIHaCvJRUs=
x-served-by: cache-fra-eddf8230132-FRA
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682035742.020472,VS0,VE0
etag: "2357140ba2b3c410d01d12937c6269d8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 275

GET
H2 200 metrics-aggregate.20a08804-1.230.0.min.js Show response
js-agent.newrelic.com/ 4 KB
2 KB 63ms
63ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/metrics-aggregate.20a08804-1.230.0.min.js
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b1fb531c79eb8ce9a6e9f833b9de4a43be31458e9a999dcced9147e0176d601

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: Ue3teI4xiVp879tlCKhGPbDuwtTRksP9
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Apr 2023 00:09:02 GMT
x-amz-request-id: QSR8FQM9QSDA2FWM
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1593
x-amz-id-2: a4tcESHJ9rISGmrB4A8jh2HZTQMkgRY3OLoH9dKaBSOQUsF2R0xNbQymLMvcS5xpE6HcFcUXXG4=
x-served-by: cache-fra-eddf8230132-FRA
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682035742.020631,VS0,VE0
etag: "2b4287467d6e1c411110556d75fe617a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 273

GET
H2 200 jserrors-aggregate.9136a849-1.230.0.min.js Show response
js-agent.newrelic.com/ 7 KB
3 KB 64ms
64ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/jserrors-aggregate.9136a849-1.230.0.min.js
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04183289430803326acd6b1535457d8196284cb67186adb767c506c8c69a0fb1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: v5HVEhCBGcej47AYKf5XScCvsKds85Ry
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Apr 2023 00:09:02 GMT
x-amz-request-id: QSREM6W422JSCPDN
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2699
x-amz-id-2: /upwYA9C9GUO6JyI7HLSAZmxBVXwUo8sHVHjAle6BlJ4awUR72iJyX+Wk7z2VgD9ZKTADpg0x9Q=
x-served-by: cache-fra-eddf8230132-FRA
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682035742.020859,VS0,VE0
etag: "105c0b07033e97d2ad5192f22cd2b7be"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 175

GET
H2 200 ajax-aggregate.bcd562bf-1.230.0.min.js Show response
js-agent.newrelic.com/ 5 KB
2 KB 66ms
65ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/ajax-aggregate.bcd562bf-1.230.0.min.js
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46989843cf6db9b279fe42b1ad1f76e09e30eabc768be16ea6c6bb2f94c67883

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: RGeelkGAT7YETe4MVmUoI6TYFjMgjsll
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Apr 2023 00:09:02 GMT
x-amz-request-id: QSR2ZDD9EKCHGQ0R
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2158
x-amz-id-2: zF1/NIFRjXu6zlVdIgjlobMC9E59swPeOrcvmCIpkkC9Wof9wvu0Q35b5bhNJaPkrkpCBSfqiVs=
x-served-by: cache-fra-eddf8230132-FRA
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682035742.021208,VS0,VE0
etag: "9a50be0680ff4e93b2870bc5fa243b5e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 177

GET
H2 200 session_trace-aggregate.6e2218bf-1.230.0.min.js Show response
js-agent.newrelic.com/ 8 KB
3 KB 67ms
67ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/session_trace-aggregate.6e2218bf-1.230.0.min.js
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bd0f25f74142536db572062ff1ca9e9e244a02c45bf8a1218198553e95bea0e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: wKHTxgUg_rL30Au_du4y9trU9sbfu0Pz
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Apr 2023 00:09:02 GMT
x-amz-request-id: QSR58JENY80JM5TF
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3156
x-amz-id-2: MtBuN3YJxmW/QciAeMhlxJjBZ+A3LcSQ4rFTN0OhpCuXGg1xu+IYQ2O6Cg1fDa/211Dv1EFHMSQ=
x-served-by: cache-fra-eddf8230132-FRA
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682035742.021520,VS0,VE0
etag: "309bc51447ad3ded6e5673698a4b93ed"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 174

GET
H2 200 page_action-aggregate.4d79b951-1.230.0.min.js Show response
js-agent.newrelic.com/ 2 KB
1 KB 72ms
72ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_action-aggregate.4d79b951-1.230.0.min.js
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 51e416712f2a66c0f2abf8fc2ea4d86df45109a57406156a6ebec14c8138d626

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: 8oQqhsOKIgpIXbVO2KdHKF_AsgqpQxSV
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Apr 2023 00:09:02 GMT
x-amz-request-id: QSR6TN62Q1T0V5PB
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 983
x-amz-id-2: 6tnduf3dTFWcL55N4EkhACNpAE+1ce/ZhiBKKzGbSP6oZFCoO9++sVr1la1bZdqbS2LM/SyShTI=
x-served-by: cache-fra-eddf8230132-FRA
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682035742.021834,VS0,VE0
etag: "127fe6773a93cca9c6fdbb5ff34d7655"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 178

GET
H/1.1 200
OK cf1f842459 Show response
bam.nr-data.net/1/ 49 B
397 B 734ms
610ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/cf1f842459?a=78107916&v=1.230.0&to=Y1ZQYkRTW0BRWkRQWFocdENYUUFaX1cfX0JaXVdaRRxDWlVOQwNTXUBCWldLakNRXlU%3D&rst=2198&ck=0&s=3e34d267a91aa00b&ref=https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490&ap=67&be=486&fe=1449&dc=421&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1682035739883,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:9,%22c%22:9,%22s%22:144,%22ce%22:281,%22rq%22:281,%22rp%22:486,%22rpe%22:622,%22dl%22:489,%22di%22:906,%22ds%22:906,%22de%22:906,%22dc%22:1933,%22l%22:1933,%22le%22:1935%7D,%22navigation%22:%7B%7D%7D&fp=658&fcp=658&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/async-api.6c072bf7-1.230.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 00:09:02 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 49
x-served-by: cache-fra-eddf8230136-FRA

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
630 B 72ms
71ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald:wght@700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

997c80e3e8d3672573896e4351117d78abc37741a58a6a760053af7678e1fef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Apr 2023 00:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 22:52:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Apr 2023 00:09:02 GMT

GET
H2 200 / Show response
play.sweepstakesalerts.com/session/ 0
439 B 145ms
145ms XHR
text/html 54.82.225.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://play.sweepstakesalerts.com/session/

Requested by

Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.82.225.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-225-97.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

X-NewRelic-ID: UgQAU1JbGwQIVVFVDgAB
Referer: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 00:09:02 GMT
x-newrelic-app-data: PxQBU1FRDAsTU1lTBwYOV1ITGhE1AwE2QgNWEVlbQFtcCxYnRA9QFg1ZWU4AFlZdVQgSTEFYUhEXC0VSFAM8EVURSwtXVhYeA0kJTwFRBlNQAg9SUlYJCwRXU1QGBhtLVR0UBlZWAVMEWwABDgEDC1FXWEMdB1IOF1Nq
server: nginx/1.10.3 (Ubuntu)
vary: Cookie
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 0

GET
H2 200 aca6987b-56d0-c81c-ef15-4611498f09a0.js Show response
create.lidstatic.com/campaign/ 123 KB
39 KB 798ms
718ms Script
text/javascript 2606:4700:10::6816:26b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/aca6987b-56d0-c81c-ef15-4611498f09a0.js?snippet_version=2
Requested by: Host: plugin.ai.sweepstakesalerts.com
URL: https://plugin.ai.sweepstakesalerts.com/events.alpha-intent.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:26b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee831794c08eb9047d6fc8158a95efa59c3e1d8b95fd83e926c5289861f0afba

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 00:09:03 GMT
x-amz-version-id: H6re7coWiLep1QkfyPWvUSjxWsuTgGCh
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 12 Nov 2021 01:02:45 GMT
server: cloudflare
x-amz-request-id: PGKQ9CHD2ENCKVKB
etag: W/"a7e2b0dff41a8e10ddda86e3cbab7660"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
x-amz-replication-status: COMPLETED
cf-ray: 7bb1655f7c5cd98d-HEL
x-amz-id-2: OHhd/8i/lPukaay08P7ul9JYebLbeXuU6xBc+DnYko61NaPlEyA4XPn6EzDSbm4vjCxx5WL4wlpiWKkxVe2/pXBvJhznQ60RRxLS6W+fXiY=

GET
H2 200 bootstrap.js Show response
cdn.trustedform.com/ 7 KB
3 KB 417ms
285ms Script
application/javascript 2600:9000:223d:e600:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=1682035742543.3718
Requested by: Host: plugin.ai.sweepstakesalerts.com
URL: https://plugin.ai.sweepstakesalerts.com/events.alpha-intent.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:e600:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 001fec1d89b5cda58d62fff00a17723313d92f195680b5fd1a4ad52e7a1fb37c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 00:09:03 GMT
x-amz-version-id: oadcnJCg2vYrfrS_vSmPkc6nBoYFDxSV
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 16:04:14 GMT
server: AmazonS3
via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
etag: W/"1b4d8abad5e0668a237e388577c6a93c"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: RoLubHmra-M4GpT2TBUP-qXUHyXaCfVWCDwx4Xv-zdfsc85UwxhnpA==

POST
H2 200 / Show response
engine.ai.sweepstakesalerts.com/api/1.0/paths/1/54/18/ 32 KB
33 KB 192ms
191ms XHR
application/json 3.217.79.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://engine.ai.sweepstakesalerts.com/api/1.0/paths/1/54/18/

Requested by

Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.217.79.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-217-79-33.compute-1.amazonaws.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

80c99e4bce16cad454f7f0717da866e1454f2dd8b41d0d7129bb5704646d72ab

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://play.sweepstakesalerts.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
x-request-id: 8e825580660c4d9882ee5564df882020
Content-Type: application/json

Response headers

date: Fri, 21 Apr 2023 00:09:02 GMT
server: nginx/1.14.0 (Ubuntu)
x-frame-options: SAMEORIGIN
vary: Origin, Cookie
content-type: application/json
access-control-allow-origin: https://play.sweepstakesalerts.com
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 32379
x-request-id: 8e825580660c4d9882ee5564df882020

OPTIONS
H2 200 /
engine.ai.sweepstakesalerts.com/api/1.0/paths/1/54/18/ Frame 0
0 137ms
137ms Preflight
text/html 3.217.79.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.ai.sweepstakesalerts.com/api/1.0/paths/1/54/18/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.79.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-79-33.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-request-id
Access-Control-Request-Method: POST
Origin: https://play.sweepstakesalerts.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, x-request-id, sentry-trace
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://play.sweepstakesalerts.com
access-control-expose-headers: X-Request-ID
access-control-max-age: 86400
content-length: 0
content-type: text/html; charset=utf-8
date: Fri, 21 Apr 2023 00:09:02 GMT
server: nginx/1.14.0 (Ubuntu)
vary: Origin
x-request-id: 1569efc60a3e4a1299aa1cd7f9bbd40f

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ 10 KB
10 KB 63ms
62ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald:wght@700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://play.sweepstakesalerts.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 07:16:40 GMT
x-content-type-options: nosniff
age: 60742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10172
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 07:16:40 GMT

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame BCF8
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-7x4N54UxA0-zuiqfUFMQKl7YTJW_lzDq8egCJg&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-7x4N54UxA0-zuiqfUFMQKl7YTJW_lzDq8egCJg&expires=30

43 B
344 B

58ms
57ms

Image
image/gif

18.196.237.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-7x4N54UxA0-zuiqfUFMQKl7YTJW_lzDq8egCJg&expires=30
Protocol: H2
Server: 18.196.237.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-237-241.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 00:09:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-7x4N54UxA0-zuiqfUFMQKl7YTJW_lzDq8egCJg&expires=30
date: Fri, 21 Apr 2023 00:09:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame BCF8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-72roy4UxA0-zuiqfUFMQKl7YTJWOQ3C5QqRdIg&google_cm&google_hm=ay03MnJveTRVeEEwLXp1aXFmVUZNUUtsN1lUSldPUTNDN...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-72roy4UxA0-zuiqfUFMQKl7YTJWOQ3C5QqRdIg&google_gid=CAESEArcX8aE3N-7mLpnuEfa22U&google_cver=1&google_ula=913071,0

43 B
369 B

59ms
58ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-72roy4UxA0-zuiqfUFMQKl7YTJWOQ3C5QqRdIg&google_gid=CAESEArcX8aE3N-7mLpnuEfa22U&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 00:09:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 920508
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 00:09:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-72roy4UxA0-zuiqfUFMQKl7YTJWOQ3C5QqRdIg&google_gid=CAESEArcX8aE3N-7mLpnuEfa22U&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame BCF8
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4853351913472758427

43 B
369 B

58ms
58ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4853351913472758427

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 00:09:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 904016
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Fri, 21 Apr 2023 00:09:02 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.204.1.182; 185.204.1.182; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: df912899-4a5f-48ab-a188-ca25f835255c
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4853351913472758427
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame BCF8
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-2eqKMYUxA0-zuiqfUFMQKl7YTJWcCCIAC8XKQQ
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-2eqKMYUxA0-zuiqfUFMQKl7YTJWcCCIAC8XKQQ

43 B
1 KB

55ms
55ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-2eqKMYUxA0-zuiqfUFMQKl7YTJWcCCIAC8XKQQ

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 00:09:02 GMT
AN-X-Request-Uuid: ff7b208f-e6b2-432f-9062-f586785a5e0e
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.204.1.182; 185.204.1.182; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 00:09:02 GMT
AN-X-Request-Uuid: fccdeecd-c308-47b4-827c-41ba4b1ec3a9
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-2eqKMYUxA0-zuiqfUFMQKl7YTJWcCCIAC8XKQQ
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.204.1.182; 185.204.1.182; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame BCF8 61 B
802 B 203ms
78ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-fZLPLoUxA0-zuiqfUFMQKl7YTJXVrZ0nwvysNQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 21 Apr 2023 00:09:02 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Fri, 21 Apr 2023 00:09:02 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame BCF8 0
239 B 270ms
60ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-oo9I1oUxA0-zuiqfUFMQKl7YTJWe001x-Wa7Uw&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame BCF8 0
357 B 186ms
57ms Image
text/plain 52.59.23.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-Y4FFEoUxA0-zuiqfUFMQKl7YTJVb0Awbly0dLg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.23.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-23-97.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 00:09:02 GMT

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame BCF8 43 B
114 B 226ms
65ms Image
image/gif 185.86.139.94
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-Xi4SqIUxA0-zuiqfUFMQKl7YTJWsD_ELSJfPuQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 00:09:02 GMT
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame BCF8 0
99 B 205ms
58ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-hFe7qYUxA0-zuiqfUFMQKl7YTJVspBbIc8vk-g
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 00:09:02 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 56077

GET
H2 200 um
criteo-sync.teads.tv/ Frame BCF8 23 B
172 B 284ms
93ms Image
image/gif 104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-TOLXgYUxA0-zuiqfUFMQKl7YTJWsRG4p0AVMVA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Fri, 21 Apr 2023 00:09:03 GMT
pragma: no-cache
date: Fri, 21 Apr 2023 00:09:03 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame BCF8 37 B
140 B 147ms
54ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-DpoI24UxA0-zuiqfUFMQKl7YTJWVd3GU6C3Qgg&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 00:09:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame BCF8
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-V9qknIUxA0-zuiqfUFMQKl7YTJUOIQYo7cVr0Q
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-V9qknIUxA0-zuiqfUFMQKl7YTJUOIQYo7cVr0Q&verify=true

0
121 B

59ms
59ms

Image
text/plain

3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-V9qknIUxA0-zuiqfUFMQKl7YTJUOIQYo7cVr0Q&verify=true

Protocol

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 00:09:03 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-V9qknIUxA0-zuiqfUFMQKl7YTJUOIQYo7cVr0Q&verify=true
date: Fri, 21 Apr 2023 00:09:03 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame BCF8 43 B
163 B 144ms
45ms Image
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-zB-gAoUxA0-zuiqfUFMQKl7YTJW3FSqVtpLyxw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 00:09:03 GMT
last-modified: Mon, 14 Nov 2022 09:52:50 GMT
server: nginx
accept-ranges: bytes
etag: "63720ff2-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame BCF8 49 B
235 B 202ms
65ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-447hlIUxA0-zuiqfUFMQKl7YTJUx_w6HKlMGVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 00:09:02 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 49
expires: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame BCF8
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-9E2JCYUxA0-zuiqfUFMQKl7YTJVDDzl9ferEPw
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-9E2JCYUxA0-zuiqfUFMQKl7YTJVDDzl9ferEPw&C=1

43 B
766 B

56ms
55ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-9E2JCYUxA0-zuiqfUFMQKl7YTJVDDzl9ferEPw&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 00:09:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 00:09:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-9E2JCYUxA0-zuiqfUFMQKl7YTJVDDzl9ferEPw&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame BCF8
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=lG5yARmbgCoIWlNNWYJ1E13qNEwf06fl
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=lG5yARmbgCoIWlNNWYJ1E13qNEwf06fl

42 B
942 B

76ms
76ms

Image
image/gif

46.51.167.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=lG5yARmbgCoIWlNNWYJ1E13qNEwf06fl

Protocol

HTTP/1.1

Server

46.51.167.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-46-51-167-113.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v047-0cfae71a5.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: iFgKcUjKS6k=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v047-07254b181.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: NbMcRKaFQ0A=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=lG5yARmbgCoIWlNNWYJ1E13qNEwf06fl
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame BCF8 43 B
1 KB 203ms
64ms Image
image/gif 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-w3fBFYUxA0-zuiqfUFMQKl7YTJU3te9A7xZ-Iw

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Fri, 21 Apr 2023 00:09:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame BCF8
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-Qy8QVIUxA0-zuiqfUFMQKl7YTJX55uY0soHdEA
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Qy8QVIUxA0-zuiqfUFMQKl7YTJX55uY0soHdEA

43 B
448 B

74ms
74ms

Image
image/gif

34.247.72.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Qy8QVIUxA0-zuiqfUFMQKl7YTJX55uY0soHdEA
Protocol: H2
Server: 34.247.72.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-72-187.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 21 Apr 2023 00:09:03 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Qy8QVIUxA0-zuiqfUFMQKl7YTJX55uY0soHdEA
access-control-allow-origin: *
date: Fri, 21 Apr 2023 00:09:03 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame BCF8 42 B
274 B 148ms
66ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-hXKpDYUxA0-zuiqfUFMQKl7YTJW4do-iri4qVg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 00:09:02 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame BCF8 0
885 B 176ms
56ms Image
text/html 18.159.93.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-U7txs4UxA0-zuiqfUFMQKl7YTJWE1BY46qSVWA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.93.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-93-177.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 00:09:03 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame BCF8 0
145 B 540ms
130ms Image
text/plain 64.202.112.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-TRXh4oUxA0-zuiqfUFMQKl7YTJU_ggsXxBKFLQ&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 00:09:03 GMT
Cache-Control: no-cache
X-TraceId: 91ffa4d1e058c93fe9eff8e2b440342f
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame BCF8 42 B
582 B 221ms
65ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-vqiT6IUxA0-zuiqfUFMQKl7YTJWbyBwbTvepqA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 21 Apr 2023 00:09:03 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame BCF8 43 B
400 B 450ms
146ms Image
image/gif 2600:1f18:612b:4216:cb74:941d:17a3:a3a6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k--p6PYYUxA0-zuiqfUFMQKl7YTJUc2LKpMRFxSg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:cb74:941d:17a3:a3a6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Fri, 21 Apr 2023 00:09:03 GMT
server: nginx
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame BCF8 0
235 B 196ms
72ms Image
text/plain 23.45.237.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-rsV30oUxA0-zuiqfUFMQKl7YTJUiWmS5bqRiIQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.45.237.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-237-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 00:09:03 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Thu, 20 Apr 2023 00:09:03 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame BCF8 0
38 B 271ms
75ms Image
text/plain 54.72.159.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-Jld5O4UxA0-zuiqfUFMQKl7YTJXJP02efr1z3w&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.159.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-159-51.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 00:09:03 GMT
content-length: 0

GET
H2 204 unip Show response
trc-events.taboola.com/1163270/log/3/ 0
253 B 95ms
57ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1163270/log/3/unip?en=pre_d_eng_tb&tos=1555&scd=0&ssd=1&est=1682035741372&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1682035742928&vi=1682035741367&ri=4aa42784dc4eb1b0bc1feef9e561140c&ref=null&cv=20230416-8-RELEASE&item-url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://play.sweepstakesalerts.com
pragma: no-cache
date: Fri, 21 Apr 2023 00:09:02 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 201 certs Show response
api.trustedform.com/ Frame B30A 475 B
686 B 416ms
137ms XHR
application/json 44.195.7.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=1682035742543.3718
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.195.7.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-7-210.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: ff176d3281a42c7715c116293175c5102c8582b605f3d471c419f7ac4b217343

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 21 Apr 2023 00:09:03 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame BCF8
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=jxGZvrsrDWceHV5z6EG466Rgdvg6QuL-

0
337 B

231ms
72ms

Image
text/plain

54.229.94.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=jxGZvrsrDWceHV5z6EG466Rgdvg6QuL-
Protocol: H2
Server: 54.229.94.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-94-229.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by: beacon-n005-dub-prod.krxd.net
date: Fri, 21 Apr 2023 00:09:03 GMT
cache-control: private, no-cache, no-store
x-request-time: D=46 t=1682035743
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=jxGZvrsrDWceHV5z6EG466Rgdvg6QuL-
date: Fri, 21 Apr 2023 00:09:02 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 691396
content-length: 0

POST
H2 200 GenerateToken Show response
create.leadid.com/2.11.9/ 36 B
660 B 479ms
202ms XHR
text/plain 35.153.6.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=0f3aa691-2d8c-4dfe-9063-f1a71b0c2d54&_=252030302

Requested by

Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.153.6.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-153-6-197.compute-1.amazonaws.com

Software

nginx /

Resource Hash

eb01bb0877f67bae7f14f2940b3a8580e383eaf21d9e3f96cf7f331b46ae8b2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://play.sweepstakesalerts.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 21 Apr 2023 00:09:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

cs
s.thebrighttag.com/ Frame BCF8
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=EvSI91wxhrPf7ng6DcyOoYp8AKbeWdPk

35 B
269 B

455ms
149ms

Image
image/gif

3.141.139.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=EvSI91wxhrPf7ng6DcyOoYp8AKbeWdPk
Protocol: H2
Server: 3.141.139.120 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-141-139-120.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 00:09:03 GMT
x-bt-requestid: b999ae60-dfd8-11ed-965d-0000ac170313
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=EvSI91wxhrPf7ng6DcyOoYp8AKbeWdPk
date: Fri, 21 Apr 2023 00:09:03 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 692754
content-length: 0

GET
H2 200 trustedform-1.8.38.js Show response
cdn.trustedform.com/ 102 KB
37 KB 77ms
76ms Script
application/javascript 2600:9000:223d:e600:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=1682035742543.3718
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:e600:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d22e5b3da98c742670542cd674a454a835e785e905f52225f1f713757521c54e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: ffJa67w_.T4JjuAeq9bT6P3fBUPuRaPp
content-encoding: gzip
via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
date: Fri, 21 Apr 2023 00:09:03 GMT
last-modified: Fri, 24 Feb 2023 16:04:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 3
etag: W/"a71c6d4fa015e7b61cc1fc54ff9b242e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: yBqMc_t6YX5iIM2nKD5rjoxhCZe-80Ssg7swqcOqSTC-XZRQTkLOYQ==

POST
H2 204 snapshot Show response
api.trustedform.com/certs/7e9f390982824563ea27b4f6e803f48169dfda4e/ Frame 03D4 0
159 B 678ms
273ms XHR
text/plain 44.195.7.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/7e9f390982824563ea27b4f6e803f48169dfda4e/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.195.7.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-7-210.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 21 Apr 2023 00:09:04 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 204 snapshot Show response
api.trustedform.com/certs/7e9f390982824563ea27b4f6e803f48169dfda4e/ Frame 03D4 0
159 B 544ms
274ms XHR
text/plain 44.195.7.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/7e9f390982824563ea27b4f6e803f48169dfda4e/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.195.7.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-7-210.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 21 Apr 2023 00:09:04 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H2 200 logo-sweepstakesalerts-white.svg
cdn.play.sweepstakesalerts.com/static/img/ 29 KB
12 KB 57ms
57ms Image
image/svg+xml 18.66.147.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.play.sweepstakesalerts.com/static/img/logo-sweepstakesalerts-white.svg
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-89.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 244f03e6430da5686033b5c0ececa20702e15047ef64458993908bbd78d4c24b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 03:00:59 GMT
content-encoding: gzip
via: 1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
last-modified: Tue, 01 Oct 2019 22:48:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 162485
etag: "e4a2eb296ca372f408d8900e1adafe1e"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes
content-length: 11443
x-amz-cf-id: c9wN9FAMr6E1csa8X8Ate5VRYs41i1nAS3v1_rFKIhWSlQXCuaNL7g==

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/7e9f390982824563ea27b4f6e803f48169dfda4e/ Frame 03D4 0
159 B 527ms
407ms XHR
text/plain 44.195.7.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/7e9f390982824563ea27b4f6e803f48169dfda4e/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.195.7.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-7-210.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 21 Apr 2023 00:09:04 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H2 204 0
bat.bing.com/action/ 0
119 B 87ms
87ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 21 Apr 2023 00:09:03 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 426A6439F3034054BCAD0076723D0DFF Ref B: FRAEDGE1721 Ref C: 2023-04-21T00:09:03Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 10 KB
10 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame F37C 3 KB
2 KB 192ms
56ms Document
text/html 13.32.23.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=EB25CC6C-01E2-9971-2157-BCA8B4C4EB52&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=ACA6987B-56D0-C81C-EF15-4611498F09A0&lac=D807E300-CF86-C252-F33B-644726D9F3F6

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/aca6987b-56d0-c81c-ef15-4611498f09a0.js?snippet_version=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.32.23.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-23-67.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://play.sweepstakesalerts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Age: 11788
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 20 Apr 2023 20:52:36 GMT
ETag: W/"643ec1f4-dbb"
Last-Modified: Tue, 18 Apr 2023 16:14:44 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 6NkNVu9CqvAHw6Lg6FQjfQDuSjzv6jjYjrSb5NJc-cgw3EIpXFcbzw==
X-Amz-Cf-Pop: FRA56-C2
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.11.9/ 0
623 B 135ms
135ms XHR
text/plain 35.153.6.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=0f3aa691-2d8c-4dfe-9063-f1a71b0c2d54&token=EB25CC6C-01E2-9971-2157-BCA8B4C4EB52&_=252030303

Requested by

Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.153.6.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-153-6-197.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://play.sweepstakesalerts.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 21 Apr 2023 00:09:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 61ms
61ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://play.sweepstakesalerts.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:32:14 GMT
x-content-type-options: nosniff
age: 221809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:32:14 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
622 B 137ms
137ms XHR
text/plain 35.153.6.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=3&pid=0f3aa691-2d8c-4dfe-9063-f1a71b0c2d54&token=EB25CC6C-01E2-9971-2157-BCA8B4C4EB52&_=252030304

Requested by

Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.153.6.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-153-6-197.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://play.sweepstakesalerts.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 21 Apr 2023 00:09:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame 486D 4 KB
2 KB 443ms
134ms Document
text/html 3.220.50.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=EB25CC6C-01E2-9971-2157-BCA8B4C4EB52&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=ACA6987B-56D0-C81C-EF15-4611498F09A0&lac=D807E300-CF86-C252-F33B-644726D9F3F6
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=EB25CC6C-01E2-9971-2157-BCA8B4C4EB52&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=ACA6987B-56D0-C81C-EF15-4611498F09A0&lac=D807E300-CF86-C252-F33B-644726D9F3F6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.220.50.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-50-246.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: max-age=86400 public
content-encoding: gzip
content-type: text/html
date: Fri, 21 Apr 2023 00:09:04 GMT
etag: W/"6425e809-1049"
expires: Sat, 22 Apr 2023 00:09:04 GMT
last-modified: Thu, 30 Mar 2023 19:50:33 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server: nginx

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
622 B 400ms
269ms XHR
text/plain 35.153.6.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=4&pid=0f3aa691-2d8c-4dfe-9063-f1a71b0c2d54&token=EB25CC6C-01E2-9971-2157-BCA8B4C4EB52&_=252030305

Requested by

Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.153.6.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-153-6-197.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://play.sweepstakesalerts.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 21 Apr 2023 00:09:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.11.9/ Frame 486D 0
627 B 409ms
140ms Script
text/javascript 35.153.6.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDeviceId.js?lac=D807E300-CF86-C252-F33B-644726D9F3F6&lck=ACA6987B-56D0-C81C-EF15-4611498F09A0&methods=48&token=EB25CC6C-01E2-9971-2157-BCA8B4C4EB52&uuid=a83b830595e24731b9385519baa67f15

Requested by

Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=EB25CC6C-01E2-9971-2157-BCA8B4C4EB52&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=ACA6987B-56D0-C81C-EF15-4611498F09A0&lac=D807E300-CF86-C252-F33B-644726D9F3F6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.153.6.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-153-6-197.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 00:09:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 events Show response
api.trustedform.com/certs/7e9f390982824563ea27b4f6e803f48169dfda4e/ Frame 03D4 0
159 B 137ms
137ms XHR
text/plain 44.195.7.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/7e9f390982824563ea27b4f6e803f48169dfda4e/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.195.7.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-7-210.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 21 Apr 2023 00:09:04 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H2 204 unip Show response
trc-events.taboola.com/1163270/log/3/ 0
253 B 58ms
57ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1163270/log/3/unip?en=pre_d_eng_tb&tos=4557&scd=0&ssd=1&est=1682035741372&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1682035745931&vi=1682035741367&ri=4aa42784dc4eb1b0bc1feef9e561140c&ref=null&cv=20230416-8-RELEASE&item-url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://play.sweepstakesalerts.com
pragma: no-cache
date: Fri, 21 Apr 2023 00:09:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 34ms
34ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Q9WRQ78FTS&gtm=45je34j0&_p=1066966329&cid=192333882.1682035741&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1682035741&sct=1&seg=0&dl=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwin-5000%2Fwin-5k-questions%2F490%3Fpassed%3Dtrue&dt=Win%20%245k%20Questions&en=GA4%20-%20Funnel%20Progress&ep.node_id=490&_et=743
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q9WRQ78FTS&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 00:09:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://play.sweepstakesalerts.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

66 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
play.sweepstakesalerts.com/	1970-01-20 11:34:05	Name: sessionid Value: 241l0l9ceiylftqnlv2foe2wdm358umi
.sweepstakesalerts.com/	1970-01-20 13:23:31	Name: _gcl_au Value: 1.1.1685992995.1682035741
.sweepstakesalerts.com/	1970-01-20 20:49:55	Name: _ga Value: GA1.2.192333882.1682035741
.sweepstakesalerts.com/	1970-01-20 11:15:22	Name: _gid Value: GA1.2.1252704147.1682035741
.sweepstakesalerts.com/	1970-01-20 11:13:55	Name: _gat_UA-46324972-3 Value: 1
.sweepstakesalerts.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .sweepstakesalerts.com
.sweepstakesalerts.com/	1970-01-20 20:49:55	Name: _lc2_fpi Value: b5db4fe28af0--01gygj94kebv0tjzx7ktfb77am
.sweepstakesalerts.com/	1970-01-20 11:15:22	Name: _uetsid Value: b81ca320dfd811eda68dd714689b47d8
.sweepstakesalerts.com/	1970-01-20 20:35:31	Name: _uetvid Value: b81ce7a0dfd811ed9d9e352dfac79613
.sweepstakesalerts.com/	1970-01-20 20:49:55	Name: __nbpix_uid Value: 1-1ypplqc3-lgpsngeo
.bing.com/	1970-01-20 20:35:31	Name: MUID Value: 29B43849883D60983C5A2AB3893D61B4
.tiktok.com/	1970-01-20 20:35:31	Name: _ttp Value: 2OiFxVhkECntqQt7vgymiPcZzYS
.criteo.com/	1970-01-20 20:35:31	Name: uid Value: bc19c947-f0ae-4609-852b-9bb81e72e96e
.quantserve.com/	1970-01-20 20:44:10	Name: mc Value: 6441d41d-7b4d7-8a3f9-60c7b
.sweepstakesalerts.com/	1970-01-20 20:38:24	Name: __qca Value: P0-1998019231-1682035741256
.sweepstakesalerts.com/	1970-01-20 20:35:31	Name: _tt_enable_cookie Value: 1
.sweepstakesalerts.com/	1970-01-20 20:35:31	Name: _ttp Value: z0hTtORS_xioOxq8g_lyfH4QNgg
.liadm.com/	1970-01-20 20:49:55	Name: lidid Value: f4b69b36-c5f7-402f-8e81-76ad3245389f
.sweepstakesalerts.com/	1970-01-20 20:49:55	Name: _ga_Q9WRQ78FTS Value: GS1.1.1682035741.1.0.1682035741.60.0.0
.sweepstakesalerts.com/	1970-01-20 20:43:19	Name: cto_bundle Value: fNMIKV8yRGN4NW43eEJ0N3ZkSnd6VUZiQjFkTGNzVWRPbDZKQTJTU1UzeTQxazJITFdpMWJLRVBvMzFOMDhMZzhMWVVtQjNPN2ZkWUt2djBicXFiYjJ3SVMxVndybHYlMkZOZmQ5bmdpV2duWlhsUmFETWVER3dnYzZEZXlDNnV2MTQlMkZuTVFUNlZ0SXAlMkJuY200VFMlMkZDN2FKYUxLcG83cEtIZ3RiTEwwOWJPZkNCcUF4MCUzRA
engine.ai.sweepstakesalerts.com/	1970-01-20 11:13:56	Name: alpha_id:54 Value: 45e258e2-c758-4b10-ab4f-0b845bb13d43
engine.ai.sweepstakesalerts.com/	1970-01-20 11:34:05	Name: sessionid Value: xzj4xbygzn5seecj3qaifnbdcekw1bkc
play.sweepstakesalerts.com/	1970-01-20 11:13:57	Name: alphaId Value: 45e258e2-c758-4b10-ab4f-0b845bb13d43
.adnxs.com/	1970-01-20 13:23:31	Name: uuid2 Value: 4853351913472758427
match.sharethrough.com/	1970-01-20 11:24:00	Name: AWSALBCORS Value: 1nvPWDgXVyQftmzCR0ASphucbGU7IbzTeT1xuOKE41FZdNNa3n3HLijrjPsx6RM8B2BpetAnWrFsVeIfOIiXTIccnWEwp2/b14y3HKi7VrBDAffl80+rSAxCL73e
.media.net/	1970-01-20 19:59:31	Name: visitor-id Value: 3250373425474252000V10
.media.net/	1970-01-20 11:57:07	Name: data-c-ts Value: 1682035742
.media.net/	1970-01-20 11:57:07	Name: data-c Value: k-fZLPLoUxA0-zuiqfUFMQKl7YTJXVrZ0nwvysNQ~~3
.bidswitch.net/	1970-01-20 19:59:31	Name: tuuid Value: 8d5477e7-eaf6-46d0-bb68-33c6918657ae
.bidswitch.net/	1970-01-20 19:59:31	Name: c Value: 1682035742
.bidswitch.net/	1970-01-20 19:59:31	Name: tuuid_lu Value: 1682035742
.doubleclick.net/	1970-01-20 20:49:55	Name: IDE Value: AHWqTUnCflvN5_IDkXcDIT_V5f6Xle51hzds_x_yZ_T3YKJbsbfiwwOydVHd-HLT4Zk
.adnxs.com/	1970-01-20 13:23:31	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2GVN9NnDw!@wnfH1YdP.dEXlSkeHeB6TBr+0_!7XRgIgAiXznow@RXDnhRM)v]i^r06dQ(eJeM0stV1vb`u+P(hw9P-HC_#tw:f+5aGt
engine.ai.sweepstakesalerts.com/	1970-01-20 11:24:00	Name: AWSALBTG Value: qKMrb0pf7m7bolYAu1UuYs74xeJybwtrqBLOPkU8dB67mR52eYaQuJy+eCrFy0FYoR/HP0rvRZDHaYTIx7oE48voE0vhHdRVCeMOK7w8kQ/UVSfQxRl9/nVwtYwlqG3yNwTr2UOr9dEld0kmvizNXtlc4YWiIQPC1U9mgOfCSriybHLn18o=
engine.ai.sweepstakesalerts.com/	1970-01-20 11:24:00	Name: AWSALBTGCORS Value: qKMrb0pf7m7bolYAu1UuYs74xeJybwtrqBLOPkU8dB67mR52eYaQuJy+eCrFy0FYoR/HP0rvRZDHaYTIx7oE48voE0vhHdRVCeMOK7w8kQ/UVSfQxRl9/nVwtYwlqG3yNwTr2UOr9dEld0kmvizNXtlc4YWiIQPC1U9mgOfCSriybHLn18o=
engine.ai.sweepstakesalerts.com/	1970-01-20 11:24:00	Name: AWSALB Value: A+CkaUHYnBYQR7B5UCtyZddr4fCuoK1UwMgqiwJbyDeNyKxCylwhP7dTIWQfms0jM/rUktsYuPm/3zAxltuW6XUYunx1Lao1ewblSWAqlzAQgFpsIYJJgZGSih0g
engine.ai.sweepstakesalerts.com/	1970-01-20 11:24:00	Name: AWSALBCORS Value: A+CkaUHYnBYQR7B5UCtyZddr4fCuoK1UwMgqiwJbyDeNyKxCylwhP7dTIWQfms0jM/rUktsYuPm/3zAxltuW6XUYunx1Lao1ewblSWAqlzAQgFpsIYJJgZGSih0g
.demdex.net/	1970-01-20 15:33:07	Name: demdex Value: 81340123292584689501033677077074588338
.dpm.demdex.net/	1970-01-20 15:33:07	Name: dpm Value: 81340123292584689501033677077074588338
.yahoo.com/	1970-01-20 19:59:53	Name: A3 Value: d=AQABBB_UQWQCEGhgQG6OGfDMPa8oCQkDgx4FEgEBAQElQ2RLZAAAAAAA_eMAAA&S=AQAAAi-DoN88nUlOhg2TQvmeSvw
.casalemedia.com/	1970-01-20 19:59:31	Name: CMID Value: ZEHUH2Ewm4lW-U9hpc7z-AAA
.casalemedia.com/	1970-01-20 13:23:31	Name: CMPS Value: 3207
.casalemedia.com/	1970-01-20 13:23:31	Name: CMPRO Value: 3207
.analytics.yahoo.com/	1970-01-20 19:59:31	Name: IDSYNC Value: 18zh~2b7c
.id5-sync.com/	1970-01-20 11:13:56	Name: cf Value:
.id5-sync.com/	1970-01-20 11:13:56	Name: cip Value:
.id5-sync.com/	1970-01-20 11:13:56	Name: cnac Value:
.id5-sync.com/	1970-01-20 11:13:56	Name: car Value:
.id5-sync.com/	1970-01-20 11:13:56	Name: gdpr Value:
.id5-sync.com/	1970-01-20 11:13:56	Name: callback Value:
exchange.mediavine.com/	1970-01-20 11:34:05	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22b9382d70-dfd8-11ed-bf43-27bb1fef560a%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:34:05	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22b9382d70-dfd8-11ed-bf43-27bb1fef560a%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:34:05	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22b9382d70-dfd8-11ed-bf43-27bb1fef560a%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:34:05	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22b9382d70-dfd8-11ed-bf43-27bb1fef560a%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:34:05	Name: criteo Value: %7B%22id%22%3A%22k-U7txs4UxA0-zuiqfUFMQKl7YTJWE1BY46qSVWA%22%2C%22version%22%3A%22criteo%22%7D
.360yield.com/	1970-01-20 13:23:31	Name: tuuid Value: 94769ab6-a1d0-41d2-86e9-d60c0e126477
.360yield.com/	1970-01-20 13:23:31	Name: tuuid_lu Value: 1682035743
.360yield.com/	1970-01-20 13:23:31	Name: um Value: !38,r2VZxRgGhsME7C5WcKGAedbb6KnHbQVaehIK4y6JLNXZajbqPaQin.Kdj1DBN4wycBLryISv,1689811743
.360yield.com/	1970-01-20 13:23:31	Name: umeh Value: !38,0,1744243743,-1
.pubmatic.com/	1970-01-20 11:57:07	Name: KRTBCOOKIE_97 Value: 3385-uid:k-vqiT6IUxA0-zuiqfUFMQKl7YTJWbyBwbTvepqA&KRTB&23144-uid:k-vqiT6IUxA0-zuiqfUFMQKl7YTJWbyBwbTvepqA&KRTB&23286-uid:k-vqiT6IUxA0-zuiqfUFMQKl7YTJWbyBwbTvepqA&KRTB&23287-uid:k-vqiT6IUxA0-zuiqfUFMQKl7YTJWbyBwbTvepqA
.pubmatic.com/	1970-01-20 11:57:07	Name: PugT Value: 1682035743
.krxd.net/	1970-01-20 15:33:07	Name: _kuid_ Value: Pgfh0hG8
.tremorhub.com/	1970-01-20 19:59:52	Name: tvid Value: 6fb930fdf9414341ac782699322b2ab7
.tremorhub.com/	1970-01-20 11:57:07	Name: tv_UICR Value: k--p6PYYUxA0-zuiqfUFMQKl7YTJUc2LKpMRFxSg
play.sweepstakesalerts.com/	1969-12-31 23:59:59	Name: leadid_token-D807E300-CF86-C252-F33B-644726D9F3F6-ACA6987B-56D0-C81C-EF15-4611498F09A0 Value: EB25CC6C-01E2-9971-2157-BCA8B4C4EB52
.deviceid.trueleadid.com/	1970-01-20 20:49:55	Name: uuid Value: a83b830595e24731b9385519baa67f15

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://play.sweepstakesalerts.com/win-5000/win-5k-questions/490?passed=true(Line 343) Message: <link rel=preload> must have a valid `as` value

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ad.yieldlab.net
analytics.tiktok.com
api.trustedform.com
b-code.liadm.com
bam.nr-data.net
bat.bing.com
beacon.krxd.net
business.newsbreak.com
cdn.play.sweepstakesalerts.com
cdn.taboola.com
cdn.trustedform.com
cm.adform.net
cm.g.doubleclick.net
contextual.media.net
create.leadid.com
create.lidstatic.com
criteo-partners.tremorhub.com
criteo-sync.teads.tv
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
eb2.3lift.com
engine.ai.sweepstakesalerts.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
js-agent.newrelic.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pixel.quantserve.com
pixel.rubiconproject.com
play.sweepstakesalerts.com
plugin.ai.sweepstakesalerts.com
r.casalemedia.com
region1.analytics.google.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
rules.quantcount.com
s.thebrighttag.com
secure.adnxs.com
secure.quantserve.com
simage2.pubmatic.com
sslwidget.criteo.com
static.newsbreak.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
trc-events.taboola.com
trc.taboola.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
widget.us.criteo.com
www.google-analytics.com
www.google.com
www.google.fi
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
104.111.217.42
13.248.245.213
13.32.23.67
13.32.99.21
141.226.228.48
142.250.185.226
142.250.186.130
151.101.1.44
151.101.66.137
162.19.138.82
162.247.243.29
178.250.1.11
178.250.1.9
18.159.93.177
18.196.237.241
18.66.122.104
18.66.147.89
185.255.84.153
185.64.190.80
185.80.39.216
185.86.139.94
2.16.186.224
2.18.235.93
2001:4860:4802:32::36
23.45.237.121
2600:1f18:612b:4216:cb74:941d:17a3:a3a6
2600:1f18:730:b110:3460:230f:215a:ce35
2600:9000:223c:1000:8:8845:1500:93a1
2600:9000:223c:200:6:44e3:f8c0:93a1
2600:9000:223d:e600:1c:7f1a:6680:93a1
2606:4700:10::6816:26b6
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:1ec:c11::200
2a00:1450:4001:803::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2003
2a00:1450:4001:813::2003
2a00:1450:4001:827::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9c
2a02:2638:3::c
2a02:2638:3::e
3.141.139.120
3.217.79.33
3.220.50.246
3.71.149.231
34.117.157.22
34.247.72.187
35.153.6.197
37.157.6.233
37.252.171.84
37.252.173.215
44.194.121.192
44.195.7.210
46.51.167.113
52.59.23.97
54.201.177.101
54.229.94.229
54.72.159.51
54.82.225.97
64.202.112.159
69.173.144.139
74.119.119.150
001fec1d89b5cda58d62fff00a17723313d92f195680b5fd1a4ad52e7a1fb37c
02e74f08ea4b15f968aeb12150c49f32c252b18b9a52f58b3f41e6ccee23fc93
03904d282a158b60cca5f936ba76aa7777e1070b06de9b59a23732067a965dc2
04183289430803326acd6b1535457d8196284cb67186adb767c506c8c69a0fb1
06081ebbd41ded4f65a02425e37ac954f90279b1ca48de639c4c0db12cefdf27
145c31af1cf0daccafd54a195fd19d5ad9a9a3d828045d602644fb8dc5aa6b51
16a2fcf59eb7e6f04fe15ad2b13cff5fd8813a3267e7f4c57fdf16d35470f5d8
1bafeecbda4804fb203b5a59c3486217afc6b6a1016df542af1bee4830b24807
244f03e6430da5686033b5c0ececa20702e15047ef64458993908bbd78d4c24b
24a58b3cb468c4ac01a576cf98786e10bac58fa6ec12e67eca16bd0b23632280
2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3908b1571a9e3ef509ba535215db88a944f6d301e5a3194e21f98b63e4bc7d4b
3b04253f300447bb6dba2eccb97625123442d30d5f11933955accbfc1b9b46c9
3c124e8d5cc4a724c0cc1650bbb0c64f90f6cd00807ec75353423d6cb0880390
408a50c1effc5011fd28990e818d1b0f7315306f51e4c73c845aae84a57c21c7
41a715a09c8b0a330db8b978e6d399bf7a500090fbc853ce78cd70212118cb26
41c212effec4cc2acf8ced3b71642e4f55460bee887bb7d6601ca1510236a3d0
46989843cf6db9b279fe42b1ad1f76e09e30eabc768be16ea6c6bb2f94c67883
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51e416712f2a66c0f2abf8fc2ea4d86df45109a57406156a6ebec14c8138d626
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a55b04b275039ff9f15108546c5a971ac008c9e69c45acede48f1d8b80fea48
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
63ff421577be3b20599ab40709f0955c4be201a18304d3b1af4e7b816d2aaae4
6bd0f25f74142536db572062ff1ca9e9e244a02c45bf8a1218198553e95bea0e
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
80c99e4bce16cad454f7f0717da866e1454f2dd8b41d0d7129bb5704646d72ab
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8affedcc1c7a0cd6607c04d0d89a719d89eca6ed55795b78aa49f4fdc036f359
8cb00b3db2e68ae430cd96730d426b74a42cd138f3f2475564861aa1fdda0888
997c80e3e8d3672573896e4351117d78abc37741a58a6a760053af7678e1fef1
9b1fb531c79eb8ce9a6e9f833b9de4a43be31458e9a999dcced9147e0176d601
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a5c94a4cb252d381bb6f87eb00616fbb91b12059889436867031584a88364627
a830974a9e1b328960ed95bc03e3970e99f8d1902a8c86e18d6c5fefcd9e91cd
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b44241ddfb23dd4442e04cbd0a0e2193015f22af9f8aaf70166cc7728426d685
b6a613ee9108f1d682a41dbf67bf48474111f09ae1b3f9610371f9e9ab310ba1
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbd519e47eee3028faac088704d2b5e2d5f7c66a90aedd53edc260869c07b892
bdeee3c026e414a8aa3a238e6e96879ddc5370074442c49d9076fea60c7f725c
c5b9d2bad54a08e3f39be1a4689731a77928c974c9295b8e270469ed93925cf9
c6d890d34a1a089c113970a948a1fb81bf597dba45cf5280fe1fd1e0281f0202
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
ce6ac8efcf2caa6e8fa7fcc25ec43f540581ef6193a333ad0a2dfd56f4e21294
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d22e5b3da98c742670542cd674a454a835e785e905f52225f1f713757521c54e
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db284d18b3f823c159cd9358d83bfc452d1accefe26e2392f224c0183123ee9d
df56f740d4cddadaaee90c2b03a8c20a31f57bc2ee5db684813eab504a227d41
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62dcd1e435949453d67f1ae4e48e5bc3e1f58c53923be1ea33a29a3734939e9
eb01bb0877f67bae7f14f2940b3a8580e383eaf21d9e3f96cf7f331b46ae8b2a
ee831794c08eb9047d6fc8158a95efa59c3e1d8b95fd83e926c5289861f0afba
eec5c0b7f3736c064a5c93fb61f419fe7d3f7c1815c81004312fd349fd43be2c
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f194c666906f15617900275f0ca12c391a7190a17e339f2b67b1064d1f14664c
f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e
f60834e4c629ff948656934f04b8f97e61596e1c9016a22fc4eca02db7d1410c
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6859eb8f0f96a1493a47e0cab0144e6dba46b3c492042660dd5b02b6cec167b
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
ff176d3281a42c7715c116293175c5102c8582b605f3d471c419f7ac4b217343
ffa12a66b77bcb1fc0cc691ed439b877e084a91bd9f5537e651306fcf6246049

play.sweepstakesalerts.com Open in urlscan Pro 54.82.225.97 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

122 Requests

87 %HTTPS

30 %IPv6

48 Domains

68 Subdomains

61 IPs

9 Countries

1273 kBTransfer

4635 kBSize

66 Cookies

0 Outgoing links

Redirected requests

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

play.sweepstakesalerts.com Open in urlscan Pro
54.82.225.97 Public Scan

Screenshot
Live screenshot

Full Image

122
Requests

87 %
HTTPS

30 %
IPv6

48
Domains

68
Subdomains

61
IPs

9
Countries

1273 kB
Transfer

4635 kB
Size

66
Cookies

122 HTTP transactions
1 data transactions