sweepstakes.workmoney.org Open in urlscan Pro
2606:4700:10::6816:15a3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sweepstakes.workmoney.org/
Submission: On September 14 via automatic, source certstream-suspicious (September 14th 2022, 11:36:45 am UTC) — Scanned from DE

Summary HTTP 74 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 36 IPs in 6 countries across 28 domains to perform 74 HTTP transactions. The main IP is 2606:4700:10::6816:15a3, located in United States and belongs to CLOUDFLARENET, US. The main domain is sweepstakes.workmoney.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 5th 2022. Valid for: a year.

This is the only time sweepstakes.workmoney.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2606:4700:10:... 2606:4700:10::6816:15a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
1	159.89.102.253 159.89.102.253	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	13.225.78.69 13.225.78.69	16509 (AMAZON-02) (AMAZON-02)
2	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	184.51.9.223 184.51.9.223	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.225.77.245 13.225.77.245	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	35.166.237.228 35.166.237.228	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	13.224.189.26 13.224.189.26	16509 (AMAZON-02) (AMAZON-02)
2	70.42.32.255 70.42.32.255	13789 (INTERNAP-...) (INTERNAP-BLK3)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
4	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	13.224.189.10 13.224.189.10	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	52.30.157.40 52.30.157.40	16509 (AMAZON-02) (AMAZON-02)
7	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.35.132.238 52.35.132.238	16509 (AMAZON-02) (AMAZON-02)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
74	36

14 2606:4700:10::6816:15a3 (United States)

ASN13335 (CLOUDFLARENET, US)

sweepstakes.workmoney.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

static.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

static-tracking.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.102.253 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

geolocation-db.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-69.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.51.9.223 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-223.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.77.245 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-77-245.fra2.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.166.237.228 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-237-228.us-west-2.compute.amazonaws.com

ads.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-26.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.255 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-10.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.157.40 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-157-40.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.35.132.238 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-132-238.us-west-2.compute.amazonaws.com

flask.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	workmoney.org sweepstakes.workmoney.org	98 KB
7	facebook.com www.facebook.com — Cisco Umbrella Rank: 111	2 KB
5	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 871 script.hotjar.com — Cisco Umbrella Rank: 1152 vars.hotjar.com — Cisco Umbrella Rank: 1247 in.hotjar.com — Cisco Umbrella Rank: 2418	71 KB
5	klaviyo.com static.klaviyo.com — Cisco Umbrella Rank: 3734 static-tracking.klaviyo.com — Cisco Umbrella Rank: 4595	39 KB
4	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 1011	1 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 894 www.linkedin.com — Cisco Umbrella Rank: 847 px4.ads.linkedin.com — Cisco Umbrella Rank: 6869	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94 region1.google-analytics.com — Cisco Umbrella Rank: 2119	20 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1042 trc.taboola.com — Cisco Umbrella Rank: 918 trc-events.taboola.com — Cisco Umbrella Rank: 1865	20 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 664	12 KB
3	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3293 tr.outbrain.com — Cisco Umbrella Rank: 2932	4 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 208	131 KB
3	gstatic.com fonts.gstatic.com	24 KB
2	nextdoor.com ads.nextdoor.com — Cisco Umbrella Rank: 8597 flask.nextdoor.com — Cisco Umbrella Rank: 8143	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	176 KB
1	google.de www.google.de — Cisco Umbrella Rank: 3469	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 19	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 188	449 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 870	354 B
1	t.co t.co — Cisco Umbrella Rank: 600	338 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 2098	157 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 996	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1614	3 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1994	8 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 994	8 KB
1	geolocation-db.com geolocation-db.com — Cisco Umbrella Rank: 28377	247 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 976	30 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 120	1010 B
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1811	41 KB
74	28

	Domain	Requested by
14	sweepstakes.workmoney.org	sweepstakes.workmoney.org
7	www.facebook.com	sweepstakes.workmoney.org
4	tr.snapchat.com	sc-static.net sweepstakes.workmoney.org
3	bat.bing.com	www.googletagmanager.com bat.bing.com sweepstakes.workmoney.org
3	connect.facebook.net	sweepstakes.workmoney.org connect.facebook.net
3	static.klaviyo.com	sweepstakes.workmoney.org static.klaviyo.com
3	fonts.gstatic.com	fonts.googleapis.com
2	trc-events.taboola.com	cdn.taboola.com
2	px.ads.linkedin.com	2 redirects
2	tr.outbrain.com	amplify.outbrain.com sweepstakes.workmoney.org
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	static.hotjar.com	sweepstakes.workmoney.org www.googletagmanager.com
2	static-tracking.klaviyo.com	static.klaviyo.com
2	www.googletagmanager.com	sweepstakes.workmoney.org www.googleoptimize.com
1	flask.nextdoor.com	sweepstakes.workmoney.org
1	in.hotjar.com	script.hotjar.com
1	www.google.de	sweepstakes.workmoney.org
1	www.google.com	sweepstakes.workmoney.org
1	stats.g.doubleclick.net	www.google-analytics.com
1	analytics.twitter.com	sweepstakes.workmoney.org
1	t.co	sweepstakes.workmoney.org
1	trc.taboola.com	cdn.taboola.com
1	vars.hotjar.com	static.hotjar.com
1	alb.reddit.com	sweepstakes.workmoney.org
1	px4.ads.linkedin.com	sweepstakes.workmoney.org
1	www.linkedin.com	1 redirects
1	script.hotjar.com	static.hotjar.com
1	ads.nextdoor.com	sweepstakes.workmoney.org
1	static.ads-twitter.com	sweepstakes.workmoney.org
1	snap.licdn.com	www.googletagmanager.com
1	www.redditstatic.com	www.googletagmanager.com
1	sc-static.net	www.googletagmanager.com
1	amplify.outbrain.com	www.googletagmanager.com
1	cdn.taboola.com	www.googletagmanager.com
1	geolocation-db.com	sweepstakes.workmoney.org
1	code.jquery.com	sweepstakes.workmoney.org
1	fonts.googleapis.com	sweepstakes.workmoney.org
1	www.googleoptimize.com	sweepstakes.workmoney.org
74	39

This site contains links to these domains. Also see Links.

Domain
workmoney.org
www.facebook.com
www.instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-05` - `2023-06-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
static.klaviyo.com R3	`2022-07-22` - `2022-10-20`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
static-tracking.klaviyo.com R3	`2022-07-30` - `2022-10-28`	3 months	crt.sh
geolocation-db.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-23` - `2022-09-21`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-03` - `2022-12-30`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
nextdoor.com Amazon	`2022-05-05` - `2023-06-02`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-03` - `2022-12-30`	6 months	crt.sh
*.snap.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-08-16`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://sweepstakes.workmoney.org/
Frame ID: F3C462C611F25C10E35029CB0DA8EEF2
Requests: 72 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: B60921C20E44CFC3D1D093316D7C35EF
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=c52aa0e9-af35-416c-b776-64389a178d7d&u_scsid=ae577967-fe48-43de-b04c-5a45c5a61906&u_sclid=b3f4b071-2870-44a1-9632-a64ec6a752bd
Frame ID: DBE751FAF1E40DE4ABA17EEB7600EAC3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome To WorkMoney

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Klaviyo (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

klaviyo\.com

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

74
Requests

99 %
HTTPS

46 %
IPv6

28
Domains

39
Subdomains

36
IPs

6
Countries

712 kB
Transfer

2191 kB
Size

37
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://workmoney.org/about-us
Title: About Us

Search URL Search Domain Scan URL

URL: https://workmoney.org/contact
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.facebook.com/WorkMoney.org

Search URL Search Domain Scan URL

URL: https://www.instagram.com/workmoneyorg/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4083108&time=1663155400448&url=https%3A%2F%2Fsweepstakes.workmoney.org%2F&tm=gtmv2 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4083108%26time%3D1663155400448%26url%3Dhttps%253A%252F%252Fsweepstakes.workmoney.org%252F%26tm%3Dgtmv2%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4083108&time=1663155400448&url=https%3A%2F%2Fsweepstakes.workmoney.org%2F&tm=gtmv2&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4083108&time=1663155400448&url=https%3A%2F%2Fsweepstakes.workmoney.org%2F&tm=gtmv2&liSync=true&e_ipv6=AQJWaYYGeEfoDwAAAYM7yXE9f5RdZJu3D7QCIwgaleUUdoHz5fCrVxijutCrM-jnYhlEkoNnTg

74 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
sweepstakes.workmoney.org/ 3 KB
1 KB 405ms
336ms Document
text/html 2606:4700:10::6816:15a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sweepstakes.workmoney.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:15a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74c18b00eebc1306b39fe0c4237a181b4a25b2c299b91998d0a0242a54c08244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 74a8d37ddb32cc5a-ZRH
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 14 Sep 2022 11:36:39 GMT
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GCXWJTTBH3M5KWNSCVDQE9KH

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 104 KB
41 KB 85ms
30ms Script
application/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-K7D6LJW

Requested by

Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

66f063840f8a464b0bc16660275343b71f2d7d2ab71f4a4a63221a39dced71a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 11:36:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41491
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Sep 2022 11:36:39 GMT

GET
H2 200 24ff5bc498d9fe9b.css
sweepstakes.workmoney.org/_next/static/css/ 10 KB
3 KB 164ms
164ms Stylesheet
text/css 2606:4700:10::6816:15a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sweepstakes.workmoney.org/_next/static/css/24ff5bc498d9fe9b.css
Requested by: Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:15a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa7895de43481966bf35f0c0c815e258708af1ab8a783f2620bf8182d55a360a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCXWJV09BMV36T0DNFP00ZTV
date: Wed, 14 Sep 2022 11:36:39 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
etag: "4f5c0ba5f73c5af96db9d7c955160d94-ssl"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 74a8d37ffddfcc5a-ZRH
content-length: 2772

GET
H2 200 webpack-5752944655d749a0.js Show response
sweepstakes.workmoney.org/_next/static/chunks/ 2 KB
956 B 211ms
209ms Script
application/javascript 2606:4700:10::6816:15a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sweepstakes.workmoney.org/_next/static/chunks/webpack-5752944655d749a0.js
Requested by: Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:15a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f084f40ddabbf16c59e0d2e8c13f2b2c927121892f452bdd87395df212e93635

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCXWJV1NJMK4SAC66JZCESRE
date: Wed, 14 Sep 2022 11:36:39 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
etag: "c8a18606880ade0d26472d94c364726d-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 74a8d3801e02cc5a-ZRH
content-length: 840

GET
H2 200 framework-5f4595e5518b5600.js Show response
sweepstakes.workmoney.org/_next/static/chunks/ 127 KB
41 KB 197ms
195ms Script
application/javascript 2606:4700:10::6816:15a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sweepstakes.workmoney.org/_next/static/chunks/framework-5f4595e5518b5600.js
Requested by: Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:15a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCXWJV1HKYFHFSXWKX4PW5FN
date: Wed, 14 Sep 2022 11:36:39 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
etag: "af3f2059afa1698882c96400fe2e154e-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cf-ray: 74a8d3801e04cc5a-ZRH

GET
H2 200 main-202733b50b7a281d.js Show response
sweepstakes.workmoney.org/_next/static/chunks/ 104 KB
30 KB 185ms
183ms Script
application/javascript 2606:4700:10::6816:15a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sweepstakes.workmoney.org/_next/static/chunks/main-202733b50b7a281d.js
Requested by: Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:15a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73bcb7508c99bac0a77bb54596cde75c37dfd8f8981ae9d8171453bfce706429

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCXWJV1HRDWGQZ2F95A4JV76
date: Wed, 14 Sep 2022 11:36:39 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
etag: "abe75db43dd8d6cfaaf28d07e3c673b1-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 74a8d3801e05cc5a-ZRH
content-length: 31050

GET
H2 200 _app-2d4f2706911df42a.js Show response
sweepstakes.workmoney.org/_next/static/chunks/pages/ 6 KB
3 KB 347ms
346ms Script
application/javascript 2606:4700:10::6816:15a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sweepstakes.workmoney.org/_next/static/chunks/pages/_app-2d4f2706911df42a.js
Requested by: Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:15a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3e61695a5a74345d5e7f4ce0e7628dff1c1171727ddc2df94d80405d6b4c025

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCXWJV5X4Q8TDZH6QNW3FHS1
date: Wed, 14 Sep 2022 11:36:40 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
etag: "37ad959de8568c95d57f9b3f63884d6a-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cf-ray: 74a8d3801e08cc5a-ZRH

GET
H2 200 988-0fa2255148903607.js Show response
sweepstakes.workmoney.org/_next/static/chunks/ 10 KB
4 KB 183ms
182ms Script
application/javascript 2606:4700:10::6816:15a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sweepstakes.workmoney.org/_next/static/chunks/988-0fa2255148903607.js
Requested by: Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:15a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00e43065012ad92dc8246a374fa6154615ca4262697a3992f973b3be3fed771f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCXWJV1WKSFPZ0NVEAP1ZD5G
date: Wed, 14 Sep 2022 11:36:39 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
etag: "d07af9195e2dac6d51a498df2b6861f9-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cf-ray: 74a8d3801e0acc5a-ZRH

GET
H2 200 index-145aa40df574db7f.js Show response
sweepstakes.workmoney.org/_next/static/chunks/pages/ 2 KB
792 B 177ms
176ms Script
application/javascript 2606:4700:10::6816:15a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sweepstakes.workmoney.org/_next/static/chunks/pages/index-145aa40df574db7f.js
Requested by: Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:15a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0587171ca0780870553dde88e8ec04fc7e7b25bb2c9c27163912f3e36a1f99aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCXWJV1Q4GJMV1DAAWF7T83X
date: Wed, 14 Sep 2022 11:36:39 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
etag: "09dec14bc8b754090436b0e5d02299ef-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 74a8d3801e11cc5a-ZRH
content-length: 650

GET
H2 200 _buildManifest.js Show response
sweepstakes.workmoney.org/_next/static/OCUod2JJW-DmcPth12_4g/ 491 B
416 B 189ms
188ms Script
application/javascript 2606:4700:10::6816:15a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sweepstakes.workmoney.org/_next/static/OCUod2JJW-DmcPth12_4g/_buildManifest.js
Requested by: Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:15a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 177e4f43ed55f720bcf20161480ce6f75e0fdde10c501d15e47d8a9969bb2efd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCXWJV258AZNKY8HYFW3C9S8
date: Wed, 14 Sep 2022 11:36:39 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
etag: W/"bb09d73c0a8fd72617074611ff3fc85f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cf-ray: 74a8d3801e13cc5a-ZRH

GET
H2 200 _ssgManifest.js Show response
sweepstakes.workmoney.org/_next/static/OCUod2JJW-DmcPth12_4g/ 94 B
188 B 256ms
255ms Script
application/javascript 2606:4700:10::6816:15a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sweepstakes.workmoney.org/_next/static/OCUod2JJW-DmcPth12_4g/_ssgManifest.js
Requested by: Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:15a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b09cd39250d527da92fa394249f2774644f9ebf0152a35068ddc4aedef446f3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCXWJV3FEBARKP1FY5YG6P94
date: Wed, 14 Sep 2022 11:36:39 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
etag: W/"39ad108a7be1067c84bfa013d2f62a69-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cf-ray: 74a8d3801e14cc5a-ZRH

GET
H2 200 logo.svg
sweepstakes.workmoney.org/images/ 8 KB
4 KB 194ms
193ms Image
image/svg+xml 2606:4700:10::6816:15a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sweepstakes.workmoney.org/images/logo.svg

Requested by

Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:15a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fabdf294f66cf630f62e0dcc1dd65d270cc6918ce505ec966e1fe860fe03c87b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCXWJV200JXRD0GTGGFCTYNJ
date: Wed, 14 Sep 2022 11:36:39 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
etag: "18bceb802a7eb671f71b490e5cf60d42-ssl"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
cf-ray: 74a8d3801e15cc5a-ZRH
content-length: 3722

GET
H2 200 facebook.svg
sweepstakes.workmoney.org/images/ 653 B
478 B 212ms
211ms Image
image/svg+xml 2606:4700:10::6816:15a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sweepstakes.workmoney.org/images/facebook.svg

Requested by

Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:15a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50596ac4342f310c8c5534bb2c4a6702888fb1378290db697ce11a4919dff2df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCXWJV262BR45F0ATHMM1XYA
date: Wed, 14 Sep 2022 11:36:39 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
etag: W/"82cf62ded1a04adb228312be81d7c763-ssl"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400, must-revalidate
strict-transport-security: max-age=31536000
cf-ray: 74a8d3801e26cc5a-ZRH

GET
H2 200 instagram.svg
sweepstakes.workmoney.org/images/ 3 KB
1 KB 210ms
210ms Image
image/svg+xml 2606:4700:10::6816:15a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sweepstakes.workmoney.org/images/instagram.svg

Requested by

Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:15a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3020511cecb8978cb5334d68c09bf215d85ccdefac1409397b0c3ef863bfcbab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCXWJV1YBB2MANJEK1Z3DQC2
date: Wed, 14 Sep 2022 11:36:39 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
etag: "cb9544e0554385ad63e91c8f8c7a3464-ssl"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
cf-ray: 74a8d3801e2acc5a-ZRH
content-length: 1166

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1010 B 66ms
26ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap

Requested by

Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/_next/static/css/24ff5bc498d9fe9b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ce358141326f8a2cc7d363f6cc66ea5e81a6cd31aad8214885843c1c91faba54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 10:42:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 14 Sep 2022 11:36:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Sep 2022 11:36:39 GMT

GET
H2 200 linePurple.7982b602.svg
sweepstakes.workmoney.org/_next/static/media/ 27 KB
8 KB 195ms
194ms Image
image/svg+xml 2606:4700:10::6816:15a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sweepstakes.workmoney.org/_next/static/media/linePurple.7982b602.svg
Requested by: Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/_next/static/css/24ff5bc498d9fe9b.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:15a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8325eebb427179d43bd4a1d2dec0500c7872e8f546c8f2534851b3f916467a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/_next/static/css/24ff5bc498d9fe9b.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCXWJV8TNR4W8SZSTYF19HGV
date: Wed, 14 Sep 2022 11:36:40 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
etag: "f393e09c44556ab1be66357de35cd8d7-ssl"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 74a8d3817ff8cc5a-ZRH
content-length: 7833

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 75ms
18ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sweepstakes.workmoney.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:24:52 GMT
x-content-type-options: nosniff
age: 576707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 19:24:52 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 76ms
19ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sweepstakes.workmoney.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:25:00 GMT
x-content-type-options: nosniff
age: 576699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 19:25:00 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 78ms
21ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sweepstakes.workmoney.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:25:01 GMT
x-content-type-options: nosniff
age: 576698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 19:25:01 GMT

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 2 KB
1 KB 96ms
18ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Vcq7JM
Requested by: Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/_next/static/chunks/main-202733b50b7a281d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3ad14ee8b4fb788fb4fa7a2e389c2154f0bbf9baeb6fb62bfb1fd44a32fd4da0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 11:36:40 GMT
content-encoding: gzip
age: 40934
x-cache: HIT, HIT
access-control-max-age: 86400
content-length: 920
x-served-by: cache-lga21926-LGA, cache-hhn4074-HHN
access-control-allow-origin: *
allow: GET, OPTIONS
server: nginx
x-timer: S1663155400.135691,VS0,VE1
etag: W/"b4282541ff1389782c4177fedb0e5787"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 1, 1

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 1705ms
1121ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/_next/static/chunks/main-202733b50b7a281d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 11:36:40 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1663155400.dop055.fr8.t,1663155400.cds123.fr8.hn,1663155400.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 374 KB
103 KB 97ms
52ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PKDNJ65&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

074a824571b5bfab064304129a7e5fa11d0c1fb758315334e0542973b8b62212

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 11:36:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104472
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Sep 2022 11:36:40 GMT

GET
H2 200 fender_analytics.9bd929e66a2449a7cdc1.js Show response
static-tracking.klaviyo.com/onsite/js/ 27 KB
11 KB 113ms
28ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.9bd929e66a2449a7cdc1.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Vcq7JM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13711036352cc6ee2aaf239ed66306d2e7b04e28158b89ad45d7db2e32fb5dcc

Request headers

Referer: https://sweepstakes.workmoney.org/
Origin: https://sweepstakes.workmoney.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: DxlKU8PAW5Z2L0V.1wRK5LqPR2sBWhOg
content-encoding: gzip
age: 41546
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 10605
x-amz-id-2: 36f/ps//h2tsvtsRUgp6Mk8LzgnmM0HKjWkeHSxHbhGWZ7W/4R77UIFLmwMJGAxxLaUgzekp6vo=
x-served-by: cache-lga13628-LGA, cache-hhn4080-HHN
last-modified: Fri, 26 Aug 2022 20:33:40 GMT
server: AmazonS3
etag: "d48fad1b3f959b474b934ed39d9ba542"
vary: Accept-Encoding
x-amz-request-id: V3VGV2WY5XZ8QSWT
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Wed, 14 Sep 2022 11:36:40 GMT
x-cache-hits: 2, 34586

GET
H2 200 static.444020cd426b0bea12c1.js Show response
static-tracking.klaviyo.com/onsite/js/ 12 KB
5 KB 113ms
28ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/static.444020cd426b0bea12c1.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Vcq7JM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 94eb37f3ca8ec6a7d028370dfadf216aaa9a5b6f794a7462707f422aa7098f18

Request headers

Referer: https://sweepstakes.workmoney.org/
Origin: https://sweepstakes.workmoney.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: ep5t_kHI_qKbZWWytxIKzh5j3YAjdqHx
content-encoding: gzip
age: 41546
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 5219
x-amz-id-2: NVmB6Kd0YFo9iCmGx+yu+eOqiC5jqbz25AtCBJn8Vs1Hbf0QGGXROARgd05prVYM5kfCwyQJ2xk=
x-served-by: cache-lga21928-LGA, cache-hhn4080-HHN
last-modified: Thu, 18 Aug 2022 15:05:14 GMT
server: AmazonS3
etag: "1774dcfd43ae7a477e554d4266bbaa8e"
vary: Accept-Encoding
x-amz-request-id: EYA39404SA8WM76Q
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Wed, 14 Sep 2022 11:36:40 GMT
x-cache-hits: 5912, 34420

GET
H2 200 runtime.3a3a6c552560d51d82e0.js Show response
static.klaviyo.com/onsite/js/ 19 KB
8 KB 54ms
15ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/runtime.3a3a6c552560d51d82e0.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Vcq7JM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2b3db8a82b8545589fcf05fa9f5364f1d81214b53fdf024eedb5a3e22fa6f07

Request headers

Referer: https://sweepstakes.workmoney.org/
Origin: https://sweepstakes.workmoney.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: CMT1i_h1q7_XBWC72VgUuhamJ_OD.LKP
content-encoding: gzip
age: 41546
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 8073
x-amz-id-2: lQhzxYSW6fdp0PrAvQ8Nf7vLfMUztUTTYSqt+TVDXAG98ywIIMlLbUWyMc1ZQDBdXymqzkaEse0=
x-served-by: cache-lga21983-LGA, cache-hhn4031-HHN
last-modified: Fri, 09 Sep 2022 18:52:52 GMT
server: AmazonS3
etag: "74a2ebb04f70d4084cca459412b8cb44"
vary: Accept-Encoding
x-amz-request-id: 4SRHVJJ9M2R6DETA
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Wed, 14 Sep 2022 11:36:40 GMT
x-cache-hits: 2, 37378

GET
H2 200 sharedUtils.dbe6f6fba25c3d5eb9b9.js Show response
static.klaviyo.com/onsite/js/ 33 KB
13 KB 55ms
16ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sharedUtils.dbe6f6fba25c3d5eb9b9.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Vcq7JM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e75ca5fcc7c97afccec24e2e35cac72fbb32aaa86e06aad46dbb01fe17f2c85

Request headers

Referer: https://sweepstakes.workmoney.org/
Origin: https://sweepstakes.workmoney.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: J6DhPDfg3V4z4HCiiBOatFqUcC3teiEp
content-encoding: gzip
age: 41546
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 13227
x-amz-id-2: g47h3KQS4bp3IvTdylupdvCLzxAn/+Vam0i6O7FIY0/uwapwvSHVS9p0DmgzdEUqGhipQoElflk=
x-served-by: cache-lga21937-LGA, cache-hhn4031-HHN
last-modified: Tue, 06 Sep 2022 17:44:25 GMT
server: AmazonS3
etag: "3920e36a09a180da98b37bcad5e5e2c2"
vary: Accept-Encoding
x-amz-request-id: 0RY44SXR5J2D6HRA
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Wed, 14 Sep 2022 11:36:40 GMT
x-cache-hits: 2, 35413

GET
H2 200 / Show response
geolocation-db.com/json/ 136 B
247 B 75ms
21ms XHR
text/html 159.89.102.253
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://geolocation-db.com/json/
Requested by: Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.89.102.253 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 25b8c1578cb90040f0680b057b345d7526ab9ffa5a97c78a38060feb12ff13ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Sep 2022 11:36:40 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 107ms
30ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a1a86cfa0a3424cb341030e736bd10936e02a5eef335f68ed157879905aa08d7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26756
x-xss-protection: 0
pragma: public
x-fb-debug: GSBSAem6AvRHocKw0MdecQneeWz83fCuqDB4mCHNp1i75uAvrKs3qvSGssMdl9L1G3JiJeTDSiuJrXr7Etk5oQ==
x-fb-trip-id: 720026100
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 14 Sep 2022 11:36:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-1764592.js Show response
static.hotjar.com/c/ 4 KB
3 KB 84ms
47ms Script
application/javascript 13.225.78.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1764592.js?sv=6

Requested by

Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-69.fra2.r.cloudfront.net

Software

Resource Hash

fafd3be6f87c55ec940bf94fc996aa0aef699cfb18ebbcaf4e367044ceb6ef86

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=604800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
x-cache-hit: 1
date: Wed, 14 Sep 2022 11:36:40 GMT
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-amz-cf-id: 2vIvNb09rllnF_dWQT8jWyhqi_EWfZHce7Ban1VyTVdHVv376j3D7g==
etag: W/04798a3d009df3906b8cb69eda8b094b

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
73 KB 34ms
33ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NSRYKVYF8Z&l=dataLayer&cx=c

Requested by

Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-K7D6LJW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f33d5d88bffdfb5de355ad1adde0ca127cebe6968527092f1a0d15df637d6a8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 11:36:40 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75038
x-xss-protection: 0
expires: Wed, 14 Sep 2022 11:36:40 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1301021/ 57 KB
18 KB 174ms
123ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1301021/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKDNJ65&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b942a95e595cb8d1feae6c720ca989214034c29d6bd29263b8c2e93868ca7b70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: LjCoGxvTi8dE4AoR9n_tjAcjH8vrRmXA
content-encoding: gzip
etag: "7d842157f0acd64e8942d53e627643ae"
age: 0
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 17962
x-amz-id-2: /SOAAsrH9mofZDpqsBpLiM6q2ea8rPGLUuVUZJV7OVHbujGIzB3Uez09IL2Vvdpjqm7sxy2Xrro=
x-served-by: cache-hhn4054-HHN
last-modified: Sun, 11 Sep 2022 11:07:53 GMT
server: AmazonS3
x-timer: S1663155400.306683,VS0,VE107
date: Wed, 14 Sep 2022 11:36:40 GMT
vary: Accept-Encoding
x-amz-request-id: CBXZXCR3EN8H5PDQ
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 60
x-cache-hits: 1

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
4 KB 98ms
28ms Script
application/x-javascript 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKDNJ65&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 11:36:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jun 2022 14:06:31 GMT
Server: AkamaiNetStorage
ETag: "51de2e10510f823326f9b30ea6068a2a:1655820557.452892"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3249
Expires: Wed, 14 Sep 2022 11:56:40 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 22 KB
8 KB 81ms
31ms Script
application/javascript 13.225.77.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKDNJ65&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.77.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-77-245.fra2.r.cloudfront.net
Software: CloudFront /
Resource Hash: 811f2e3d49494c1b9efce2da51082d3c79da94db5d80b8dc55504ff332aa3e46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 11:36:40 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: FRA2-C2
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 7961
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-cf-id: eMfSCn7ZSW5aWw-YfPZeHxS-4KXPdZQJm0lxmOHoj1NlGwx9jwws9Q==

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 114ms
43ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKDNJ65&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F2EC2F00428949C0ACC2C2C86DFB7C8D Ref B: FRAEDGE1112 Ref C: 2022-09-14T11:36:40Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Wed, 14 Sep 2022 11:36:39 GMT
accept-ranges: bytes
content-length: 11367

GET
H2 200 hotjar-3074990.js Show response
static.hotjar.com/c/ 4 KB
2 KB 57ms
46ms Script
application/javascript 13.225.78.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3074990.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKDNJ65&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-69.fra2.r.cloudfront.net

Software

Resource Hash

5c72507741e5f829ea8d026d26ab73c62a1d853e5ee4b5db1658104ec9205615

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=604800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
x-cache-hit: 1
date: Wed, 14 Sep 2022 11:36:40 GMT
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-amz-cf-id: Zq3y33qo6nLGSyVr6HMYA5jyqgQaoII1mNXvEeXEPgcBNvPA1LAqug==
etag: W/676a87aaba3e3f4cb5e768e0dd70a3ce

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 25 KB
8 KB 140ms
32ms Script
application/javascript 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKDNJ65&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: bef476ec3cca40a08e1dff35c707c24d5774e788c57febdb54874e90402a6af2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 11:36:40 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Tue, 19 Jul 2022 22:48:09 GMT
server: snooserv
etag: "95212d33cfff78ad59f5af5b20c48c53"
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
accept-ranges: bytes
content-encoding: gzip
content-length: 7722

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 87ms
16ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKDNJ65&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 11:36:40 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=10885
accept-ranges: bytes
content-length: 3063

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 112ms
16ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 11:36:40 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 15:04:19 GMT
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 15317
x-served-by: cache-iad-kiad7000153-IAD, cache-hhn11583-HHN

GET
H2 200 ndp.js Show response
ads.nextdoor.com/public/pixel/ 6 KB
3 KB 586ms
176ms Script
application/javascript 35.166.237.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.nextdoor.com/public/pixel/ndp.js

Requested by

Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.166.237.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-166-237-228.us-west-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

09f4901e0b0dc161eee6f30ecb384c5e777f5768754b4583f7ccff038d7fc810

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lightning.force.com nextdoor.com .nextdoor.com nextdoor-test.com *.nextdoor-test.com;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 11:36:40 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2022 00:56:51 GMT
server: istio-envoy
etag: W/"632126d3-19c7"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 3
content-security-policy: frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 66ms
24ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKDNJ65&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2080
date: Wed, 14 Sep 2022 11:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 14 Sep 2022 13:02:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
345 B 81ms
23ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NSRYKVYF8Z&gtm=2oe9c0&_p=1020827640&cid=1988722128.1663155400&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1663155400&sct=1&seg=0&dl=https%3A%2F%2Fsweepstakes.workmoney.org%2F&dt=Welcome%20To%20WorkMoney&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NSRYKVYF8Z&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 11:36:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sweepstakes.workmoney.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.448392d04fd1e15c100a.js Show response
script.hotjar.com/ 251 KB
65 KB 60ms
18ms Script
application/javascript 13.224.189.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.448392d04fd1e15c100a.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3074990.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-26.fra2.r.cloudfront.net

Software

Resource Hash

f71d619eeb07bc673c2492806d833f46a861d4ca81e84acb4553898fd4e3f0d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 10:58:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 607113
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
content-length: 65486
access-control-allow-origin: *
last-modified: Wed, 07 Sep 2022 10:57:54 GMT
etag: "dda0289b22368ab84a40f8dab68ddb9e"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: IQgVIsCmSCbAAxxJHPJEMF6IJ64Sjq9Zc8hxj4cGZs_7ajQ04_ffBQ==

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 578ms
96ms Script
application/javascript 70.42.32.255
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00261b5aeed51dfaa49f13810f2c2f822f
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 11:36:40 GMT
content-encoding: gzip
X-TraceId: c9f12d3df883fdabec44da89a5d86d74
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 579ms
96ms Image
image/gif 70.42.32.255
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00261b5aeed51dfaa49f13810f2c2f822f&obApiVersion=2.0-gtm&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Fsweepstakes.workmoney.org%2F&optOut=false&bust=022047770747532303&referrer=
Requested by: Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 11:36:40 GMT
Cache-Control: no-cache
X-TraceId: 2707f452602a5b11ccb082ce6e5dd397
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4083108&time=1663155400448&url=https%3A%2F%2Fsweepstakes.workmoney.org%2F&tm=gtmv2
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4083108%26time%3D1663155400448%26url%3Dhttps%253A%252F%252Fsweepstakes.workmoney....
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4083108&time=1663155400448&url=https%3A%2F%2Fsweepstakes.workmoney.org%2F&tm=gtmv2&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4083108&time=1663155400448&url=https%3A%2F%2Fsweepstakes.workmoney.org%2F&tm=gtmv2&liSync=true&e_ipv6=AQJWaYYGeEfoDwAAAYM7yXE9f5RdZJu3D7QCIwgaleU...

0
264 B

274ms
194ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4083108&time=1663155400448&url=https%3A%2F%2Fsweepstakes.workmoney.org%2F&tm=gtmv2&liSync=true&e_ipv6=AQJWaYYGeEfoDwAAAYM7yXE9f5RdZJu3D7QCIwgaleUUdoHz5fCrVxijutCrM-jnYhlEkoNnTg
Requested by: Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 11:36:41 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 68A30D5BD1474DF4B2CBB1F745FA1EF1 Ref B: FRAEDGE1213 Ref C: 2022-09-14T11:36:41Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXooYrmbKjN2whnj04MrQ==
x-li-fabric: prod-lor1

Redirect headers

date: Wed, 14 Sep 2022 11:36:41 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: F31D1767CADF45398198E2920882BEF6 Ref B: FRAEDGE1118 Ref C: 2022-09-14T11:36:40Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4083108&time=1663155400448&url=https%3A%2F%2Fsweepstakes.workmoney.org%2F&tm=gtmv2&liSync=true&e_ipv6=AQJWaYYGeEfoDwAAAYM7yXE9f5RdZJu3D7QCIwgaleUUdoHz5fCrVxijutCrM-jnYhlEkoNnTg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXooYriHMUu4ijZ51QH5w==

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 58ms
28ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.79

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20715
x-xss-protection: 0
pragma: public
x-fb-debug: aNbrPKmzv2dAGb1cWi5eQJkq3VgCCBrw6pzVOLeQG47oylmnmi6ZUJ1/da9AE6XH3QqO0z7w0zu89d17/s4DAg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 14 Sep 2022 11:36:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 996986220718083 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 169ms
140ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/996986220718083?v=2.9.79&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5ccff385dca2376d95b1018acbf42e82084498c270283f7c03e2e8e94698a074

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: IDwA6SkqC2rv36nbY9/Kw4wrOgzfpwxyvvO4sOzVoIFqAaOSRtPV+VS4e4p1jrRgzRS++whF8o8aZ02bgyevCw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 14 Sep 2022 11:36:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 57ms
24ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1020827640&t=pageview&_s=1&dl=https%3A%2F%2Fsweepstakes.workmoney.org%2F&ul=en-us&de=UTF-8&dt=Welcome%20To%20WorkMoney&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=1677078231&gjid=80650998&cid=1988722128.1663155400&tid=UA-163404048-1&_gid=395455825.1663155400&_r=1&gtm=2wg9c0PKDNJ65&cd5=2022-09-14T11%3A36%3A40.274%2B00%3A00&cd2=1988722128.1663155400&cd3=20220914%7C02339438&cd4=11%3A36%3A40&z=1166930985

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sweepstakes.workmoney.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 11:36:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sweepstakes.workmoney.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 182ms
113ms Image
image/gif 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1663155400489&id=t2_p9hxq0oa&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=8d491f29-d5ef-492f-ae3e-b61bbe01cf7a&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_02c59ad6
Requested by: Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 11:36:40 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 init Show response
tr.snapchat.com/ 126 B
196 B 144ms
46ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/init?pids=c52aa0e9-af35-416c-b776-64389a178d7d

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

d0da32b353b2d389d154e092dace05c43efc8216902175914202b2104f0a551f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 11:36:40 GMT
content-encoding: gzip
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://sweepstakes.workmoney.org
x-envoy-upstream-service-time: 21
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 79 B
459 B 141ms
44ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=c52aa0e9-af35-416c-b776-64389a178d7d&tld=org

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

eb6e36c5e49004b46759a6d1629b37ba7cdbbbc6165a0a8a72ef340c1d86020a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 11:36:40 GMT
content-encoding: gzip
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://sweepstakes.workmoney.org
x-envoy-upstream-service-time: 19
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

GET
H2 204 148004749.js Show response
bat.bing.com/p/action/ 0
117 B 187ms
187ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/148004749.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 20D20E82DC624AF18780CB519B7A0A12 Ref B: FRAEDGE1112 Ref C: 2022-09-14T11:36:40Z
date: Wed, 14 Sep 2022 11:36:40 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
175 B 43ms
43ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=148004749&tm=gtm002&Ver=2&mid=49b50ac1-1ab3-4296-9e6e-9c65ce181c4f&sid=800c2ef0342111edb22ea9c75eff293b&vid=800c4910342111ed8b730317d568446c&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Welcome%20To%20WorkMoney&p=https%3A%2F%2Fsweepstakes.workmoney.org%2F&r=&lt=793&evt=pageLoad&sv=1&rn=84488

Requested by

Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8D10244BC3684E57BA7E10B0E967E9E0 Ref B: FRAEDGE1112 Ref C: 2022-09-14T11:36:40Z
date: Wed, 14 Sep 2022 11:36:40 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-69edcc3187336f9b0a3fbb4c73be9fe6.html Show response
vars.hotjar.com/ Frame B609 2 KB
1 KB 53ms
16ms Document
text/html 13.224.189.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3074990.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-10.fra2.r.cloudfront.net

Software

Resource Hash

867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://sweepstakes.workmoney.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 613173
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 09:17:07 GMT
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Wed, 07 Sep 2022 09:16:57 GMT
strict-transport-security: max-age=604800; includeSubDomains
vary: Accept-Encoding
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
x-amz-cf-id: GOUyPQ8P79NzRo94J9webNo9PDPBjO1sLE1EeDrfrOX81SXH3krPPA==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 json Show response
trc.taboola.com/1301021/trc/3/ 2 KB
2 KB 55ms
40ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1301021/trc/3/json?tim=1663155400532&data=%7B%22id%22%3A285%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1663155400523%2C%22cv%22%3A%2220220911-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsweepstakes.workmoney.org%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dzeevgoichman-workmoney-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1663155400531%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fsweepstakes.workmoney.org%2F%22%2C%22tos%22%3A4%2C%22ssd%22%3A1%2C%22scd%22%3A94%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1301021/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1004df2e8d840163647b8dc9791f3594d471e39d5fde83aee0a0e771b4d4e388

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 25
date: Wed, 14 Sep 2022 11:36:40 GMT
content-encoding: gzip
server: nginx
x-timer: S1663155401.561338,VS0,VE25
x-served-by: cache-hhn4054-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 adsct
t.co/i/ 43 B
338 B 353ms
128ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=142f63a9-bdfa-47c5-82cf-079f00edc96b&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=81c36c86-56e8-4544-b89c-fb4078e9bbee&tw_document_href=https%3A%2F%2Fsweepstakes.workmoney.org%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o9ov9&type=javascript&version=2.3.27

Requested by

Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-response-time: 112
date: Wed, 14 Sep 2022 11:36:40 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 6aea37bb2b39c96c819865fdd6d899e4eb31c447daa5a946c408392e08acb367
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
354 B 205ms
118ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=142f63a9-bdfa-47c5-82cf-079f00edc96b&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=81c36c86-56e8-4544-b89c-fb4078e9bbee&tw_document_href=https%3A%2F%2Fsweepstakes.workmoney.org%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o9ov9&type=javascript&version=2.3.27

Requested by

Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-response-time: 103
date: Wed, 14 Sep 2022 11:36:40 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 5d8b0d06f4e6e0a0bd7299754b053bd5f097cdc4c47deb1e906e5e8ca7a1a735
content-length: 43

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame DBE7 0
294 B 73ms
34ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=c52aa0e9-af35-416c-b776-64389a178d7d&u_scsid=ae577967-fe48-43de-b04c-5a45c5a61906&u_sclid=b3f4b071-2870-44a1-9632-a64ec6a752bd

Requested by

Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://sweepstakes.workmoney.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 14 Sep 2022 11:36:40 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 p
tr.snapchat.com/ 68 B
305 B 69ms
34ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?trackId=66e87c77-5ae2-4d44-8041-35eb29eea033&pid=c52aa0e9-af35-416c-b776-64389a178d7d&ev=PAGE_VIEW&pl=https%3A%2F%2Fsweepstakes.workmoney.org%2F&ts=1663155400554&rf=&v=1.6.0&if=false&bt=1d53c387&intg=gtm&m_sl=1188&m_rd=1305&m_pi=429.9000015258789&m_dcl=792.6000022888184&m_fcps=689.6000022888184&m_pl=0&m_ic=0&m_pv=v2&u_c1=2f8bb99b-d7d4-46e4-9a99-6c1dc65d1223&u_scsid=ae577967-fe48-43de-b04c-5a45c5a61906&u_sclid=b3f4b071-2870-44a1-9632-a64ec6a752bd&s_r_ids=0

Requested by

Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 11:36:40 GMT
via: 1.1 google
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
449 B 99ms
27ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-163404048-1&cid=1988722128.1663155400&jid=1677078231&gjid=80650998&_gid=395455825.1663155400&_u=YADAAEAAAAAAAC~&z=1737016577

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sweepstakes.workmoney.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 14 Sep 2022 11:36:40 GMT
content-type: text/plain
access-control-allow-origin: https://sweepstakes.workmoney.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 99ms
56ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-163404048-1&cid=1988722128.1663155400&jid=1677078231&_u=YADAAEAAAAAAAC~&z=103107275

Requested by

Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 11:36:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 98ms
55ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-163404048-1&cid=1988722128.1663155400&jid=1677078231&_u=YADAAEAAAAAAAC~&z=103107275

Requested by

Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 11:36:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/3074990/ 148 B
322 B 121ms
42ms XHR
application/json 52.30.157.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/3074990/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.448392d04fd1e15c100a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.157.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-157-40.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a7a706ea35bec3b8e407aa0d6c26219d8be48a646e4a2e6098193b83e2cbd347

Request headers

Referer: https://sweepstakes.workmoney.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 14 Sep 2022 11:36:40 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 69ms
26ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=996986220718083&ev=PageView&dl=https%3A%2F%2Fsweepstakes.workmoney.org%2F&rl=&if=false&ts=1663155400744&sw=1600&sh=1200&ud[uid]=_l81js7x7rmbd4fsiw&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.1.1663155400743.816762034&it=1663155400457&coo=false&rqm=GET

Requested by

Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 11:36:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 14 Sep 2022 11:36:40 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 72ms
29ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=996986220718083&ev=UserProperties&dl=https%3A%2F%2Fsweepstakes.workmoney.org%2F&rl=&if=false&ts=1663155400746&cd[visitorIp]=193.27.14.24&sw=1600&sh=1200&ud[uid]=_l81js7x7rmbd4fsiw&v=2.9.79&r=stable&ec=1&o=30&fbp=fb.1.1663155400743.816762034&it=1663155400457&coo=false&es=user_properties&tm=3&rqm=GET

Requested by

Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 11:36:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 14 Sep 2022 11:36:40 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 59ms
34ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=996986220718083&ev=UserProperties&dl=https%3A%2F%2Fsweepstakes.workmoney.org%2F&rl=&if=false&ts=1663155400747&cd[%24country]=RO&sw=1600&sh=1200&ud[uid]=_l81js7x7rmbd4fsiw&v=2.9.79&r=stable&ec=2&o=30&fbp=fb.1.1663155400743.816762034&it=1663155400457&coo=false&es=user_properties&tm=3&rqm=GET

Requested by

Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 11:36:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 14 Sep 2022 11:36:40 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 57ms
34ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=996986220718083&ev=UserProperties&dl=https%3A%2F%2Fsweepstakes.workmoney.org%2F&rl=&if=false&ts=1663155400749&sw=1600&sh=1200&ud[uid]=_l81js7x7rmbd4fsiw&v=2.9.79&r=stable&ec=3&o=30&fbp=fb.1.1663155400743.816762034&it=1663155400457&coo=false&es=user_properties&tm=3&rqm=GET

Requested by

Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 11:36:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 14 Sep 2022 11:36:40 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
213 B 29ms
29ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=996986220718083&ev=UserProperties&dl=https%3A%2F%2Fsweepstakes.workmoney.org%2F&rl=&if=false&ts=1663155400750&sw=1600&sh=1200&ud[uid]=_l81js7x7rmbd4fsiw&v=2.9.79&r=stable&ec=4&o=30&fbp=fb.1.1663155400743.816762034&it=1663155400457&coo=false&es=user_properties&tm=3&rqm=GET

Requested by

Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 11:36:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 14 Sep 2022 11:36:40 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 30ms
30ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=996986220718083&ev=UserProperties&dl=https%3A%2F%2Fsweepstakes.workmoney.org%2F&rl=&if=false&ts=1663155400750&cd[IPflag]=no&sw=1600&sh=1200&ud[uid]=_l81js7x7rmbd4fsiw&v=2.9.79&r=stable&ec=5&o=30&fbp=fb.1.1663155400743.816762034&it=1663155400457&coo=false&es=user_properties&tm=3&rqm=GET

Requested by

Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 11:36:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 14 Sep 2022 11:36:40 GMT

GET
H2 204 pixel
flask.nextdoor.com/ 0
112 B 573ms
176ms Image
text/plain 52.35.132.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flask.nextdoor.com/pixel?pid=133f6dc2-3b51-4106-bf8e-2708953815cc&ev=PAGE_VIEW&pl=https%3A%2F%2Fsweepstakes.workmoney.org%2F&ndclid=&rf=&sem=&tm=0
Requested by: Host: sweepstakes.workmoney.org
URL: https://sweepstakes.workmoney.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.132.238 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-132-238.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 11:36:41 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
context-id: 939b122a-95ef-4ff4-8f3b-76e2387cea19

GET
H2 204 unip Show response
trc-events.taboola.com/1301021/log/3/ 0
254 B 84ms
22ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1301021/log/3/unip?en=pre_d_eng_tb&tos=1640&scd=94&ssd=1&est=1663155400526&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1663155402167&vi=1663155400523&ri=4dd36f2a6894cba409b465636f3d6330&ref=null&cv=20220911-7-RELEASE&item-url=https%3A%2F%2Fsweepstakes.workmoney.org%2F
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1301021/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: https://sweepstakes.workmoney.org
pragma: no-cache
date: Wed, 14 Sep 2022 11:36:42 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 36ms
16ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=996986220718083&ev=Microdata&dl=https%3A%2F%2Fsweepstakes.workmoney.org%2F&rl=&if=false&ts=1663155402248&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Welcome%20To%20WorkMoney%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[uid]=_l81js7x7rmbd4fsiw&v=2.9.79&r=stable&ec=6&o=30&fbp=fb.1.1663155400743.816762034&it=1663155400457&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 11:36:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 14 Sep 2022 11:36:42 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1301021/log/3/ 0
253 B 22ms
22ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1301021/log/3/unip?en=pre_d_eng_tb&tos=4642&scd=94&ssd=1&est=1663155400526&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1663155405168&vi=1663155400523&ri=4dd36f2a6894cba409b465636f3d6330&ref=null&cv=20220911-7-RELEASE&item-url=https%3A%2F%2Fsweepstakes.workmoney.org%2F
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1301021/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: https://sweepstakes.workmoney.org
pragma: no-cache
date: Wed, 14 Sep 2022 11:36:45 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 56ms
23ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NSRYKVYF8Z&gtm=2oe9c0&_p=1020827640&cid=1988722128.1663155400&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1663155400&sct=1&seg=0&dl=https%3A%2F%2Fsweepstakes.workmoney.org%2F&dt=Welcome%20To%20WorkMoney&en=scroll&epn.percent_scrolled=90&_et=74
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NSRYKVYF8Z&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sweepstakes.workmoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 11:36:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sweepstakes.workmoney.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 06:00:41	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.workmoney.org/	1970-01-20 08:08:51	Name: _gcl_au Value: 1.1.85713708.1663155400
sweepstakes.workmoney.org/	1970-01-20 15:35:15	Name: clientId Value: false
sweepstakes.workmoney.org/	1970-01-20 15:35:15	Name: __kla_id Value: eyIkcmVmZXJyZXIiOnsidHMiOjE2NjMxNTU0MDAsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vc3dlZXBzdGFrZXMud29ya21vbmV5Lm9yZy8ifSwiJGxhc3RfcmVmZXJyZXIiOnsidHMiOjE2NjMxNTU0MDAsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vc3dlZXBzdGFrZXMud29ya21vbmV5Lm9yZy8ifX0=
.workmoney.org/	1970-01-20 15:35:15	Name: _ga_NSRYKVYF8Z Value: GS1.1.1663155400.1.0.1663155400.0.0.0
.bing.com/	1970-01-20 15:20:51	Name: MUID Value: 20A3A5DC48DC6E5333B1B7C349AD6FA1
.workmoney.org/	1970-01-20 15:35:15	Name: _ga Value: GA1.2.1988722128.1663155400
.workmoney.org/	1970-01-20 06:00:41	Name: _gid Value: GA1.2.395455825.1663155400
.sweepstakes.workmoney.org/	1970-01-20 05:59:17	Name: _gaclientid Value: 1988722128.1663155400
.sweepstakes.workmoney.org/	1970-01-20 05:59:17	Name: _gasessionid Value: 20220914\|02339438
.sweepstakes.workmoney.org/	1970-01-20 05:59:17	Name: _gahitid Value: 11:36:40
sweepstakes.workmoney.org/	1970-01-20 08:08:51	Name: EX.WOMO.context Value: {%22uid%22:%22_l81js7x7rmbd4fsiw%22%2C%22userAgent%22:%22desktop%22%2C%22userBrowser%22:%22chrome%22%2C%22cookieEnabled%22:true%2C%22platform%22:%22Win32%22%2C%22browserLanguage%22:%22en-US%22%2C%22IP%22:%22193.27.14.24%22%2C%22country%22:%22Romania%22%2C%22countryCode%22:%22RO%22%2C%22region%22:null%2C%22city%22:null%2C%22latitude%22:46%2C%22longitude%22:25%2C%22IP_flag%22:%22no%22%2C%22variant%22:%22staging%22%2C%22dimension1%22:%22staging%22%2C%22geo_context_injected%22:true%2C%22clientId%22:%221988722128.1663155400%22%2C%22dimension2%22:%221988722128.1663155400%22%2C%22sessionId%22:%2220220914\|02339438%22%2C%22dimension3%22:%2220220914\|02339438%22%2C%22hitId%22:%2211:36:40%22%2C%22dimension4%22:%2211:36:40%22}
.workmoney.org/	1970-01-20 05:59:15	Name: _gat_UA-163404048-1 Value: 1
.workmoney.org/	1970-01-20 08:08:51	Name: _rdt_uuid Value: 1663155400487.8d491f29-d5ef-492f-ae3e-b61bbe01cf7a
.workmoney.org/	1970-01-20 06:00:41	Name: _uetsid Value: 800c2ef0342111edb22ea9c75eff293b
.workmoney.org/	1970-01-20 15:20:51	Name: _uetvid Value: 800c4910342111ed8b730317d568446c
.workmoney.org/	1970-01-20 15:29:02	Name: _scid Value: 2f8bb99b-d7d4-46e4-9a99-6c1dc65d1223
.snapchat.com/	1970-01-20 15:20:51	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ0AIAgDsItIZnCg5zjxC463JVWqeJYOt7mX24bLbqq4Usx7ukeED3ICjQ+abt1NMgAAAA==
.workmoney.org/	1970-01-20 14:44:51	Name: _hjSessionUser_3074990 Value: eyJpZCI6IjUwZWQ0ZGFmLTVmMWQtNWViNS1hODA0LWRkZjc3NDA1ZGExNiIsImNyZWF0ZWQiOjE2NjMxNTU0MDA1ODksImV4aXN0aW5nIjpmYWxzZX0=
.workmoney.org/	1970-01-20 05:59:17	Name: _hjFirstSeen Value: 1
sweepstakes.workmoney.org/	1970-01-20 05:59:15	Name: _hjIncludedInSessionSample Value: 0
.workmoney.org/	1970-01-20 05:59:17	Name: _hjSession_3074990 Value: eyJpZCI6IjkxNjg1MjExLTI2NjctNDA5ZC1hNzlhLTI1ZDQ0N2QxMTVhZSIsImNyZWF0ZWQiOjE2NjMxNTU0MDA2NzYsImluU2FtcGxlIjpmYWxzZX0=
sweepstakes.workmoney.org/	1970-01-20 05:59:15	Name: _hjIncludedInPageviewSample Value: 1
.workmoney.org/	1970-01-20 05:59:17	Name: _hjAbsoluteSessionInProgress Value: 0
.linkedin.com/	1970-01-20 06:42:27	Name: UserMatchHistory Value: AQIBa202QSbwhQAAAYM7yW-lcMyYmJkmDraSK4sIa9b4Gl3vTwKGCQqz4QNjKvo-KriYkIv3UQtufA
.linkedin.com/	1970-01-20 06:42:27	Name: AnalyticsSyncHistory Value: AQJ_ImvnNm2d0AAAAYM7yW-lRMP-4aXtiduNbTPwGPGfwVk_FbbVgB3PWmqYbFt3oIx9JydtPlcP5A1TUmyCSg
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:44:51	Name: bcookie Value: "v=2&6a49b607-f3eb-4683-8ef0-4ebac164447c"
.linkedin.com/	1970-01-20 06:00:41	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2713:u=1:x=1:i=1663155400:t=1663241800:v=2:sig=AQF9WG6pE54dmpLjk9YAI0qQdtZp11B4"
.workmoney.org/	1970-01-20 08:08:51	Name: _fbp Value: fb.1.1663155400743.816762034
.twitter.com/	1970-01-20 15:35:15	Name: personalization_id Value: "v1_XlcvdJnDXxmYto1Y0rJXzQ=="
.facebook.com/	1970-01-20 08:08:51	Name: fr Value: 0VvHmmdQkpYMvcDeq..BjIbzI...1.0.BjIbzI.
.t.co/	1970-01-20 15:35:15	Name: muc_ads Value: b2b5d9a3-7f55-476c-8f82-3c4ff761b29d
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 14:44:51	Name: bscookie Value: "v=1&202209141136403a3dece3-179f-4288-8ab5-3fb98dc18770AQHpNWp4ogP93JiVciHnRthL9DT_5-lv"
.linkedin.com/	1970-01-20 10:18:27	Name: li_gc Value: MTswOzE2NjMxNTU0MDA7MjswMjEvcFiWWAeX3hsCuvrZQ9XPIu6xjAFbA2sFTfHe5n3kpQ==
sweepstakes.workmoney.org/	1970-01-20 05:59:15	Name: outbrain_cid_fetch Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.nextdoor.com
alb.reddit.com
amplify.outbrain.com
analytics.twitter.com
bat.bing.com
cdn.taboola.com
code.jquery.com
connect.facebook.net
flask.nextdoor.com
fonts.googleapis.com
fonts.gstatic.com
geolocation-db.com
in.hotjar.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
sc-static.net
script.hotjar.com
snap.licdn.com
static-tracking.klaviyo.com
static.ads-twitter.com
static.hotjar.com
static.klaviyo.com
stats.g.doubleclick.net
sweepstakes.workmoney.org
t.co
tr.outbrain.com
tr.snapchat.com
trc-events.taboola.com
trc.taboola.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
104.244.42.131
104.244.42.5
13.107.42.14
13.224.189.10
13.224.189.26
13.225.77.245
13.225.78.69
141.226.228.48
151.101.1.140
151.101.130.133
151.101.193.44
151.101.66.133
159.89.102.253
184.51.9.223
199.232.136.157
2001:4860:4802:32::36
2001:4de0:ac18::1:a:2b
2606:4700:10::6816:15a3
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:806::2008
2a00:1450:4001:809::200e
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:812::200a
2a00:1450:4001:827::2003
2a00:1450:4001:82f::2004
2a00:1450:400c:c0c::9b
2a02:26f0:3500:16::215:149b
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:200::396
35.166.237.228
35.190.43.134
52.30.157.40
52.35.132.238
70.42.32.255
00e43065012ad92dc8246a374fa6154615ca4262697a3992f973b3be3fed771f
0587171ca0780870553dde88e8ec04fc7e7b25bb2c9c27163912f3e36a1f99aa
074a824571b5bfab064304129a7e5fa11d0c1fb758315334e0542973b8b62212
09f4901e0b0dc161eee6f30ecb384c5e777f5768754b4583f7ccff038d7fc810
1004df2e8d840163647b8dc9791f3594d471e39d5fde83aee0a0e771b4d4e388
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13711036352cc6ee2aaf239ed66306d2e7b04e28158b89ad45d7db2e32fb5dcc
177e4f43ed55f720bcf20161480ce6f75e0fdde10c501d15e47d8a9969bb2efd
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
25b8c1578cb90040f0680b057b345d7526ab9ffa5a97c78a38060feb12ff13ef
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
3020511cecb8978cb5334d68c09bf215d85ccdefac1409397b0c3ef863bfcbab
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
3ad14ee8b4fb788fb4fa7a2e389c2154f0bbf9baeb6fb62bfb1fd44a32fd4da0
3e75ca5fcc7c97afccec24e2e35cac72fbb32aaa86e06aad46dbb01fe17f2c85
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
50596ac4342f310c8c5534bb2c4a6702888fb1378290db697ce11a4919dff2df
5c72507741e5f829ea8d026d26ab73c62a1d853e5ee4b5db1658104ec9205615
5ccff385dca2376d95b1018acbf42e82084498c270283f7c03e2e8e94698a074
66f063840f8a464b0bc16660275343b71f2d7d2ab71f4a4a63221a39dced71a0
73bcb7508c99bac0a77bb54596cde75c37dfd8f8981ae9d8171453bfce706429
74c18b00eebc1306b39fe0c4237a181b4a25b2c299b91998d0a0242a54c08244
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
811f2e3d49494c1b9efce2da51082d3c79da94db5d80b8dc55504ff332aa3e46
83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94eb37f3ca8ec6a7d028370dfadf216aaa9a5b6f794a7462707f422aa7098f18
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1a86cfa0a3424cb341030e736bd10936e02a5eef335f68ed157879905aa08d7
a2b3db8a82b8545589fcf05fa9f5364f1d81214b53fdf024eedb5a3e22fa6f07
a7a706ea35bec3b8e407aa0d6c26219d8be48a646e4a2e6098193b83e2cbd347
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b09cd39250d527da92fa394249f2774644f9ebf0152a35068ddc4aedef446f3c
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b942a95e595cb8d1feae6c720ca989214034c29d6bd29263b8c2e93868ca7b70
bef476ec3cca40a08e1dff35c707c24d5774e788c57febdb54874e90402a6af2
ce358141326f8a2cc7d363f6cc66ea5e81a6cd31aad8214885843c1c91faba54
d0da32b353b2d389d154e092dace05c43efc8216902175914202b2104f0a551f
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
d8325eebb427179d43bd4a1d2dec0500c7872e8f546c8f2534851b3f916467a8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb6e36c5e49004b46759a6d1629b37ba7cdbbbc6165a0a8a72ef340c1d86020a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f084f40ddabbf16c59e0d2e8c13f2b2c927121892f452bdd87395df212e93635
f33d5d88bffdfb5de355ad1adde0ca127cebe6968527092f1a0d15df637d6a8f
f3e61695a5a74345d5e7f4ce0e7628dff1c1171727ddc2df94d80405d6b4c025
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f71d619eeb07bc673c2492806d833f46a861d4ca81e84acb4553898fd4e3f0d2
fa7895de43481966bf35f0c0c815e258708af1ab8a783f2620bf8182d55a360a
fabdf294f66cf630f62e0dcc1dd65d270cc6918ce505ec966e1fe860fe03c87b
fafd3be6f87c55ec940bf94fc996aa0aef699cfb18ebbcaf4e367044ceb6ef86
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

sweepstakes.workmoney.org Open in urlscan Pro 2606:4700:10::6816:15a3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

74 Requests

99 %HTTPS

46 %IPv6

28 Domains

39 Subdomains

36 IPs

6 Countries

712 kBTransfer

2191 kBSize

37 Cookies

4 Outgoing links

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sweepstakes.workmoney.org Open in urlscan Pro
2606:4700:10::6816:15a3 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

99 %
HTTPS

46 %
IPv6

28
Domains

39
Subdomains

36
IPs

6
Countries

712 kB
Transfer

2191 kB
Size

37
Cookies

74 HTTP transactions
0 data transactions