play.sweepstakesalerts.com Open in urlscan Pro
34.233.65.53 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://clicks.swpstrack.com/c/cR5/us_7/Es22odfX5IgF5auTT-XMdy/W/ctEXc/F/2e28ea19
Effective URL:
https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=namirid461%40tagbert.com&firstname=&lastname=&e=dd9e718...
Submission: On June 21 via manual (June 21st 2022, 12:58:42 am UTC) from US — Scanned from DE

Summary HTTP 66 Redirects Behaviour Indicators

Summary

This website contacted 31 IPs in 7 countries across 22 domains to perform 66 HTTP transactions. The main IP is 34.233.65.53, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is play.sweepstakesalerts.com. The Cisco Umbrella rank of the primary domain is 324186.
TLS certificate: Issued by Amazon on February 14th 2022. Valid for: a year.

This is the only time play.sweepstakesalerts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	91.199.51.233 91.199.51.233	47544 (IQPL-AS) (IQPL-AS)
3	34.233.65.53 34.233.65.53	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
5	143.204.89.115 143.204.89.115	16509 (AMAZON-02) (AMAZON-02)
3	18.66.112.102 18.66.112.102	16509 (AMAZON-02) (AMAZON-02)
2	138.199.37.229 138.199.37.229	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2600:9000:215... 2600:9000:2156:1800:5:c56e:3a00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
2	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	2600:9000:224... 2600:9000:224a:a000:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	178.250.2.140 178.250.2.140	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3	2600:1f18:136... 2600:1f18:136:3d02:1f47:bad9:4e37:4fe3	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:215... 2600:9000:2156:3800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	2600:1f18:730... 2600:1f18:730:b130:4c96:5596:18cd:cf5	14618 (AMAZON-AES) (AMAZON-AES)
1	52.4.135.4 52.4.135.4	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:27::... 2620:1ec:27::cafe:1734	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
3	20.62.48.180 20.62.48.180	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
66	31

1 91.199.51.233 (Poland) 1 redirects

ASN47544 (IQPL-AS, PL)
PTR: 91-199-51-233.rev.iq.pl

clicks.swpstrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.233.65.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-65-53.compute-1.amazonaws.com

play.sweepstakesalerts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.204.89.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-115.fra50.r.cloudfront.net

cdn.play.sweepstakesalerts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.112.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-102.fra56.r.cloudfront.net

cdn.sweepstakesalerts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.199.37.229 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-37-229.datapacket.com

sw.pushy.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbsw.pushy.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:1800:5:c56e:3a00:93a1 (United States)

ASN16509 (AMAZON-02, US)

potatojs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:a000:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.140 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:136:3d02:1f47:bad9:4e37:4fe3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

api.pushy.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:3800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b130:4c96:5596:18cd:cf5 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.4.135.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-135-4.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1734 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	sweepstakesalerts.com play.sweepstakesalerts.com — Cisco Umbrella Rank: 324186 cdn.play.sweepstakesalerts.com — Cisco Umbrella Rank: 514337 cdn.sweepstakesalerts.com — Cisco Umbrella Rank: 435749	588 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	409 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 595 c.clarity.ms — Cisco Umbrella Rank: 1161 e.clarity.ms — Cisco Umbrella Rank: 5765	26 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	64 KB
5	pushy.ai sw.pushy.ai — Cisco Umbrella Rank: 134083 api.pushy.ai — Cisco Umbrella Rank: 22711 pbsw.pushy.ai — Cisco Umbrella Rank: 79198	9 KB
4	criteo.com 1 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4438 gum.criteo.com — Cisco Umbrella Rank: 394 mug.criteo.com — Cisco Umbrella Rank: 2507	8 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1039 trc.taboola.com — Cisco Umbrella Rank: 698 trc-events.taboola.com — Cisco Umbrella Rank: 1618	19 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 389 c.bing.com — Cisco Umbrella Rank: 229	13 KB
4	google.com www.google.com — Cisco Umbrella Rank: 9	23 KB
3	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 3935 rp.liadm.com — Cisco Umbrella Rank: 2735 rp4.liadm.com — Cisco Umbrella Rank: 10422	12 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1100 pixel.quantserve.com — Cisco Umbrella Rank: 461	10 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 291	725 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 438	14 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5111	501 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 605	14 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 125	449 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1065	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 246	5 KB
1	potatojs.com potatojs.com — Cisco Umbrella Rank: 751929	86 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 96	74 KB
1	swpstrack.com 1 redirects clicks.swpstrack.com — Cisco Umbrella Rank: 512072	520 B
66	22

	Domain	Requested by
6	fonts.gstatic.com	fonts.googleapis.com www.google.com
6	www.google-analytics.com	www.googletagmanager.com play.sweepstakesalerts.com
5	cdn.play.sweepstakesalerts.com	play.sweepstakesalerts.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	play.sweepstakesalerts.com www.gstatic.com www.google.com
3	e.clarity.ms	play.sweepstakesalerts.com
3	api.pushy.ai	play.sweepstakesalerts.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com play.sweepstakesalerts.com
3	cdn.sweepstakesalerts.com	play.sweepstakesalerts.com
3	play.sweepstakesalerts.com	play.sweepstakesalerts.com
2	trc-events.taboola.com	play.sweepstakesalerts.com
2	c.clarity.ms	1 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	www.clarity.ms	bat.bing.com www.clarity.ms
1	bam.nr-data.net	js-agent.newrelic.com
1	c.bing.com	1 redirects
1	js-agent.newrelic.com	play.sweepstakesalerts.com
1	mug.criteo.com	play.sweepstakesalerts.com
1	pixel.quantserve.com	play.sweepstakesalerts.com
1	pbsw.pushy.ai	sw.pushy.ai
1	trc.taboola.com	cdn.taboola.com
1	www.google.de	play.sweepstakesalerts.com
1	rp4.liadm.com	play.sweepstakesalerts.com
1	rp.liadm.com	1 redirects
1	static.criteo.net	dynamic.criteo.com
1	stats.g.doubleclick.net	play.sweepstakesalerts.com
1	rules.quantcount.com	secure.quantserve.com
1	dynamic.criteo.com	www.googletagmanager.com
1	b-code.liadm.com	www.googletagmanager.com
1	cdn.taboola.com	play.sweepstakesalerts.com
1	secure.quantserve.com	www.googletagmanager.com
1	fonts.googleapis.com	cdn.play.sweepstakesalerts.com
1	cdnjs.cloudflare.com	play.sweepstakesalerts.com
1	potatojs.com	play.sweepstakesalerts.com
1	sw.pushy.ai	play.sweepstakesalerts.com
1	www.googletagmanager.com	play.sweepstakesalerts.com
1	clicks.swpstrack.com	1 redirects
66	37

This site contains no links.

Subject Issuer	Validity	Valid
sweepstakesalerts.com Amazon	`2022-02-14` - `2023-03-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
cdn.play.sweepstakesalerts.com Amazon	`2021-09-27` - `2022-10-26`	a year	crt.sh
sw.pushy.ai R3	`2022-05-30` - `2022-08-28`	3 months	crt.sh
potatojs.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.liadm.com Amazon	`2022-01-31` - `2023-03-01`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
pushy.ai Amazon	`2021-11-30` - `2022-12-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
pbsw.pushy.ai R3	`2022-06-16` - `2022-09-14`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=namirid461%40tagbert.com&firstname=&lastname=&e=dd9e71878f3068537d55941bc7e78f54&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE&utm_campaign=newsletter&affid=1659&campaignid=10199&message_id=66822&message_version_id=107491&aff_sub=1685&aff_sub2=66822&aff_sub3=&aff_sub4=675&aff_sub5=107491&aff_unique3=10199&aff_unique5=dd9e71878f3068537d55941bc7e78f54&source=Other&adgroup_id=1685&gender=&age=
Frame ID: B70116FE5D502928368419B1ABF4F6B9
Requests: 56 HTTP requests in this frame

Frame: https://pbsw.pushy.ai/wps/cross_storage
Frame ID: 58755422F5875E5C5205BA59D9150C95
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=play.sweepstakesalerts.com&origin=onetag
Frame ID: 14A98B5E6E8124629408313A0DEFEE03
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc3M8gUAAAAAHflC51We3LuNcNOsZREHtJ0ry10&co=aHR0cHM6Ly9wbGF5LnN3ZWVwc3Rha2VzYWxlcnRzLmNvbTo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=pl6iutv7lnmq
Frame ID: 91E8D1C74D450934278AE93EC7FB6A0F
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Win 50000 Today

Page URL History Show full URLs

https://clicks.swpstrack.com/c/cR5/us_7/Es22odfX5IgF5auTT-XMdy/W/ctEXc/F/2e28ea19 HTTP 302
https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=namirid461%40tagbert.com&firstname=... Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

Axios (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

66
Requests

95 %
HTTPS

58 %
IPv6

22
Domains

37
Subdomains

31
IPs

7
Countries

1375 kB
Transfer

2728 kB
Size

26
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://clicks.swpstrack.com/c/cR5/us_7/Es22odfX5IgF5auTT-XMdy/W/ctEXc/F/2e28ea19 HTTP 302
https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=namirid461%40tagbert.com&firstname=&lastname=&e=dd9e71878f3068537d55941bc7e78f54&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE&utm_campaign=newsletter&affid=1659&campaignid=10199&message_id=66822&message_version_id=107491&aff_sub=1685&aff_sub2=66822&aff_sub3=&aff_sub4=675&aff_sub5=107491&aff_unique3=10199&aff_unique5=dd9e71878f3068537d55941bc7e78f54&source=Other&adgroup_id=1685&gender=&age= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://rp.liadm.com/j?dtstmp=1655773117368&aid=a-01nn&se=e30&duid=b5db4fe28af0--01g61w9et39qzbny08fz9w4nj9&tna=v2.3.1&pu=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3D002059%26email%3Dnamirid461%2540tagbert.com%26firstname%3D%26lastname%3D%26e%3Ddd9e71878f3068537d55941bc7e78f54%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE%26utm_campaign%3Dnewsletter%26affid%3D1659%26campaignid%3D10199%26message_id%3D66822%26message_version_id%3D107491%26aff_sub%3D1685%26aff_sub2%3D66822%26aff_sub3%3D%26aff_sub4%3D675%26aff_sub5%3D107491%26aff_unique3%3D10199%26aff_unique5%3Ddd9e71878f3068537d55941bc7e78f54%26source%3DOther%26adgroup_id%3D1685%26gender%3D%26age%3D&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlPldpbiA1MDAwMCBUb2RheTwvdGl0bGU-PGgxIGlkPSJjb21wbGV0ZS15b3VyLWVudHJ5IiBjbGFzcz0idGV4dC1jZW50ZXIgbWFpbi1oZWFkaW5nIj5HZXQgUGlja2VkIDxzcGFuPkluc3RhbnRseTwvc3Bhbj48L2gxPg HTTP 302
https://rp4.liadm.com/j?dtstmp=1655773117368&aid=a-01nn&se=e30&duid=b5db4fe28af0--01g61w9et39qzbny08fz9w4nj9&tna=v2.3.1&pu=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3D002059%26email%3Dnamirid461%2540tagbert.com%26firstname%3D%26lastname%3D%26e%3Ddd9e71878f3068537d55941bc7e78f54%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE%26utm_campaign%3Dnewsletter%26affid%3D1659%26campaignid%3D10199%26message_id%3D66822%26message_version_id%3D107491%26aff_sub%3D1685%26aff_sub2%3D66822%26aff_sub3%3D%26aff_sub4%3D675%26aff_sub5%3D107491%26aff_unique3%3D10199%26aff_unique5%3Ddd9e71878f3068537d55941bc7e78f54%26source%3DOther%26adgroup_id%3D1685%26gender%3D%26age%3D&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlPldpbiA1MDAwMCBUb2RheTwvdGl0bGU-PGgxIGlkPSJjb21wbGV0ZS15b3VyLWVudHJ5IiBjbGFzcz0idGV4dC1jZW50ZXIgbWFpbi1oZWFkaW5nIj5HZXQgUGlja2VkIDxzcGFuPkluc3RhbnRseTwvc3Bhbj48L2gxPg&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6Ojc%3D&n3pc=true

Request Chain 51

https://gum.criteo.com/sid/json?origin=onetag&domain=sweepstakesalerts.com&sn=ChromeSyncframe&so=0&topUrl=play.sweepstakesalerts.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=3lhn7nxCU3NnREE5bG80MmhXTkJLUWh4RmRIZ3hmZnpHa1N2bVFwSGFMUGVnZnNFQ0VuYThGSkRqbGNzdlJjWW5TcGtDM2x1MHNLZU5Gb2pLYW9LdVVVZnRaUzR2T1R6dmNvQXN3Yk83dHZyOU9kV2VIbk1OaXRZdW56bndoZlpFNnp1NTh3eXpSMjFBdkRoQnE2eGlNOEdiYk1IeHN6UDdIbnlYdW9DaVhjNWE3VTU0bE8rUVJaUEZzU2xmM3oxcFU0bVBnWTF5eHNSTDE1bFNPUHVieWNKMlZQVHU3aVpad0Zjd3RpM005bmZuSnlUdC9yL3A4OWtWdHlmZ0FmbXB2QnVGY2dPeldhWk0vQXhSMFZ1cGtNU2JFdXVhZ3NpR0pzWjd3ZEwrbzl5WEV3bz18&cppv=2

Request Chain 58

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=8A6C4FD6565C4D5BB5C9ED36F134A3FE&RedC=c.clarity.ms&MXFR=2BE3AAFEDFB36B143BADBB34DBB36506 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=8A6C4FD6565C4D5BB5C9ED36F134A3FE&MUID=1AD58C6CE34F62101DB49DA6E29D63B2

66 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request spin-to-win-50k Show response
play.sweepstakesalerts.com/
Redirect Chain

https://clicks.swpstrack.com/c/cR5/us_7/Es22odfX5IgF5auTT-XMdy/W/ctEXc/F/2e28ea19
https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=namirid461%40tagbert.com&firstname=&lastname=&e=dd9e71878f3068537d55941bc7e78f54&utm_source=sweepstakesalerts&utm_medium=...

66 KB
25 KB

426ms
187ms

Document
text/html

34.233.65.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=namirid461%40tagbert.com&firstname=&lastname=&e=dd9e71878f3068537d55941bc7e78f54&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE&utm_campaign=newsletter&affid=1659&campaignid=10199&message_id=66822&message_version_id=107491&aff_sub=1685&aff_sub2=66822&aff_sub3=&aff_sub4=675&aff_sub5=107491&aff_unique3=10199&aff_unique5=dd9e71878f3068537d55941bc7e78f54&source=Other&adgroup_id=1685&gender=&age=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.233.65.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-65-53.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

c9c083f26202296edc3b4268bb67ab12399952f5ee404c7e476e741732cea0f6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 21 Jun 2022 00:58:36 GMT
server: nginx/1.10.3 (Ubuntu)
vary: Cookie
x-frame-options: SAMEORIGIN

Redirect headers

cache-control: private
content-length: 697
content-type: text/html; charset=utf-8
date: Tue, 21 Jun 2022 00:58:36 GMT
location: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=namirid461%40tagbert.com&firstname=&lastname=&e=dd9e71878f3068537d55941bc7e78f54&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE&utm_campaign=newsletter&affid=1659&campaignid=10199&message_id=66822&message_version_id=107491&aff_sub=1685&aff_sub2=66822&aff_sub3=&aff_sub4=675&aff_sub5=107491&aff_unique3=10199&aff_unique5=dd9e71878f3068537d55941bc7e78f54&source=Other&adgroup_id=1685&gender=&age=

GET
H2 200 / Show response
play.sweepstakesalerts.com/members/ 0
439 B 113ms
112ms XHR
text/html 34.233.65.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://play.sweepstakesalerts.com/members/?md5=dd9e71878f3068537d55941bc7e78f54

Requested by

Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=namirid461%40tagbert.com&firstname=&lastname=&e=dd9e71878f3068537d55941bc7e78f54&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE&utm_campaign=newsletter&affid=1659&campaignid=10199&message_id=66822&message_version_id=107491&aff_sub=1685&aff_sub2=66822&aff_sub3=&aff_sub4=675&aff_sub5=107491&aff_unique3=10199&aff_unique5=dd9e71878f3068537d55941bc7e78f54&source=Other&adgroup_id=1685&gender=&age=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.233.65.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-65-53.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

X-NewRelic-ID: UgQAU1JbGwQIVVFVDgAB
Referer: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=namirid461%40tagbert.com&firstname=&lastname=&e=dd9e71878f3068537d55941bc7e78f54&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE&utm_campaign=newsletter&affid=1659&campaignid=10199&message_id=66822&message_version_id=107491&aff_sub=1685&aff_sub2=66822&aff_sub3=&aff_sub4=675&aff_sub5=107491&aff_unique3=10199&aff_unique5=dd9e71878f3068537d55941bc7e78f54&source=Other&adgroup_id=1685&gender=&age=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 21 Jun 2022 00:58:37 GMT
vary: Cookie
x-newrelic-app-data: PxQBU1FRDAsTU1lTBwYOV1ITGhE1AwE2QgNWEVlbQFtcCxYnRA9QFg1ZWU4LBlVRVRYSTEFYUhEXC0VSFAM8D1UPWgdKGhgCH1UXUQFVBFNUAABVVFsNCwhcV1UFHRpXSBNTUgNRVgQDUFxbCQAGBFZVG01XAF8RAWs=
server: nginx/1.10.3 (Ubuntu)
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: text/html; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 224 KB
74 KB 93ms
45ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P7FW2V8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a0b7911e0c5d0eb5e2e61bda2048316ec32de2ea5f4b1f654a1a58732dc44226

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 00:58:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74763
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Jun 2022 00:58:37 GMT

GET
H2 200 34a85a69b16a.css
cdn.play.sweepstakesalerts.com/static/css/ 34 KB
8 KB 82ms
22ms Stylesheet
text/css 143.204.89.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.play.sweepstakesalerts.com/static/css/34a85a69b16a.css
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=namirid461%40tagbert.com&firstname=&lastname=&e=dd9e71878f3068537d55941bc7e78f54&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE&utm_campaign=newsletter&affid=1659&campaignid=10199&message_id=66822&message_version_id=107491&aff_sub=1685&aff_sub2=66822&aff_sub3=&aff_sub4=675&aff_sub5=107491&aff_unique3=10199&aff_unique5=dd9e71878f3068537d55941bc7e78f54&source=Other&adgroup_id=1685&gender=&age=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 408a50c1effc5011fd28990e818d1b0f7315306f51e4c73c845aae84a57c21c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 02:46:15 GMT
content-encoding: gzip
last-modified: Wed, 22 May 2019 15:19:27 GMT
server: AmazonS3
age: 339143
etag: "977751e0bba21d85af41821971fcff8f"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 7673
x-amz-cf-id: dexUWdtfxsGy4uJTCSpAqfa_piqXewc3chZe5NqiHmaUABfnL4X-Ow==

GET
H2 200 dark-bg.jpg
cdn.sweepstakesalerts.com/images/2021/06/21/ 171 KB
172 KB 89ms
25ms Image
image/jpeg 18.66.112.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.sweepstakesalerts.com/images/2021/06/21/dark-bg.jpg
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=namirid461%40tagbert.com&firstname=&lastname=&e=dd9e71878f3068537d55941bc7e78f54&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE&utm_campaign=newsletter&affid=1659&campaignid=10199&message_id=66822&message_version_id=107491&aff_sub=1685&aff_sub2=66822&aff_sub3=&aff_sub4=675&aff_sub5=107491&aff_unique3=10199&aff_unique5=dd9e71878f3068537d55941bc7e78f54&source=Other&adgroup_id=1685&gender=&age=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-102.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 274f76ec4a8353e03709b939357570efb824f07212c81c56fa5272a8ea27da83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 18:20:20 GMT
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
last-modified: Mon, 21 Jun 2021 15:53:55 GMT
server: AmazonS3
age: 110298
etag: "6302b713d1f51efa00f898c529ec092f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 175523
x-amz-cf-id: dgp9izfrPx6yyKn0mP7QEubVO2KmIYfHzLn8b4ZLCmh-osdv6Wjxpg==

GET
H2 200 wpsmain.js Show response
sw.pushy.ai/wps/da29b3f4-209d-4830-810a-502c7fecc5f9/main/ 31 KB
7 KB 129ms
22ms Script
application/javascript 138.199.37.229
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://sw.pushy.ai/wps/da29b3f4-209d-4830-810a-502c7fecc5f9/main/wpsmain.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-138-199-37-229.datapacket.com

Software

BunnyCDN-DE1-865 /

Resource Hash

f8fbc949098a7fe3568da9f4b7d1239175370dfec7e876761b2011b5d11a0b53

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 00:58:37 GMT
content-encoding: br
cdn-edgestorageid: 863
cdn-cachedat: 06/05/2022 20:00:36
cdn-pullzone: 644701
server: BunnyCDN-DE1-865
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 13ae11fe-691f-4fee-a846-e4c09c2ae14f
cache-control: public, max-age=2592000
cdn-requestid: ff7f59530735b1bc5289dffab5934778
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 0c1ef8eb68bf.js Show response
cdn.play.sweepstakesalerts.com/static/js/ 99 KB
35 KB 445ms
407ms Script
application/javascript 143.204.89.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.play.sweepstakesalerts.com/static/js/0c1ef8eb68bf.js
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=namirid461%40tagbert.com&firstname=&lastname=&e=dd9e71878f3068537d55941bc7e78f54&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE&utm_campaign=newsletter&affid=1659&campaignid=10199&message_id=66822&message_version_id=107491&aff_sub=1685&aff_sub2=66822&aff_sub3=&aff_sub4=675&aff_sub5=107491&aff_unique3=10199&aff_unique5=dd9e71878f3068537d55941bc7e78f54&source=Other&adgroup_id=1685&gender=&age=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b44241ddfb23dd4442e04cbd0a0e2193015f22af9f8aaf70166cc7728426d685

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 00:58:38 GMT
content-encoding: gzip
last-modified: Wed, 18 May 2022 16:05:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "0f60a24d65cb9143289f788221acedb4"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
cache-control: max-age=604800
accept-ranges: bytes
content-length: 34936
x-amz-cf-id: RP9zAxAYZo993s_WwoonwAWzgmcoRqlMfmB3oOK1ZpQunXmjxDiHwA==

GET
H2 200 vue.min.js Show response
cdn.play.sweepstakesalerts.com/static/js/js-toolset/ 91 KB
34 KB 64ms
26ms Script
application/javascript 143.204.89.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.play.sweepstakesalerts.com/static/js/js-toolset/vue.min.js
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=namirid461%40tagbert.com&firstname=&lastname=&e=dd9e71878f3068537d55941bc7e78f54&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE&utm_campaign=newsletter&affid=1659&campaignid=10199&message_id=66822&message_version_id=107491&aff_sub=1685&aff_sub2=66822&aff_sub3=&aff_sub4=675&aff_sub5=107491&aff_unique3=10199&aff_unique5=dd9e71878f3068537d55941bc7e78f54&source=Other&adgroup_id=1685&gender=&age=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 18:24:46 GMT
content-encoding: gzip
last-modified: Thu, 03 Oct 2019 20:49:48 GMT
server: AmazonS3
age: 369232
etag: "4bd32d91f96446a41b803d8184d890fa"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 34096
x-amz-cf-id: CYaZ5FYkhpDVmRdRxozCBstEMvlCK4n2E3cB-uQgqBUHIgUFQfAa-g==

GET
H2 200 js-toolset.min.js Show response
potatojs.com/js/1.2/ 259 KB
86 KB 115ms
24ms Script
application/javascript 2600:9000:2156:1800:5:c56e:3a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://potatojs.com/js/1.2/js-toolset.min.js
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=namirid461%40tagbert.com&firstname=&lastname=&e=dd9e71878f3068537d55941bc7e78f54&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE&utm_campaign=newsletter&affid=1659&campaignid=10199&message_id=66822&message_version_id=107491&aff_sub=1685&aff_sub2=66822&aff_sub3=&aff_sub4=675&aff_sub5=107491&aff_unique3=10199&aff_unique5=dd9e71878f3068537d55941bc7e78f54&source=Other&adgroup_id=1685&gender=&age=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1800:5:c56e:3a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4f961769b9b742af0d30b55f904d6ee625162f06fa2073270f3a0c0261dc872

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: .eOq1_9bAM61ub7Ddl8T367Eb_b2jk9p
content-encoding: gzip
last-modified: Fri, 21 Aug 2020 18:21:14 GMT
server: AmazonS3
age: 47716
etag: W/"b7eceb6cc9ab645b8251c818fae615e8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
date: Mon, 20 Jun 2022 11:43:22 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: kXrO_w1iWCrFzl0dvcOcxsjmqPSzBO7z1iMTK6WMNLAgG2PqfqDhcQ==

GET
H2 200 v-mask.js Show response
cdn.play.sweepstakesalerts.com/static/js/js-toolset/ 13 KB
4 KB 80ms
43ms Script
application/javascript 143.204.89.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.play.sweepstakesalerts.com/static/js/js-toolset/v-mask.js
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=namirid461%40tagbert.com&firstname=&lastname=&e=dd9e71878f3068537d55941bc7e78f54&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE&utm_campaign=newsletter&affid=1659&campaignid=10199&message_id=66822&message_version_id=107491&aff_sub=1685&aff_sub2=66822&aff_sub3=&aff_sub4=675&aff_sub5=107491&aff_unique3=10199&aff_unique5=dd9e71878f3068537d55941bc7e78f54&source=Other&adgroup_id=1685&gender=&age=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 148eac2ff26a5101d654d67a90d060691aac836a35e54c8343289d0091d6e1f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 02:54:43 GMT
content-encoding: gzip
last-modified: Thu, 09 Jan 2020 13:46:29 GMT
server: AmazonS3
age: 338635
etag: "7f036776f185f3043768b8736626652d"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3656
x-amz-cf-id: bjnMIZwpndt1K4KEjN9pL8JmJ5X7WQKyuKM0zCQWsXLRsItf5TFvsA==

GET
H2 200 axios.min.js Show response
cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/ 13 KB
5 KB 71ms
28ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/axios.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 00:58:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2352788
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4224
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d6a-3580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jogfOjsnueV88eloYFGMHeo4%2FaGAFJQmcs%2Flj3mBxkhiGOf%2BkBdQ%2F7a%2BvznWz1QETiJ7OkNpK94y0xIv64rn1e7IxJ3q7vB3pTMVeNPCPVU%2FlDJNPX5ASGgVqRyB52%2B2hDhZPlqwPB%2BIMIqw1odHFwbf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 71e8cbfdbb94912b-FRA
expires: Sun, 11 Jun 2023 00:58:37 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
995 B 82ms
33ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lc3M8gUAAAAAHflC51We3LuNcNOsZREHtJ0ry10

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

159e8b1529b80f9684f7ebbf65e8f894043f2ade2df31e257a498220ef585582

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 00:58:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 582
x-xss-protection: 1; mode=block
expires: Tue, 21 Jun 2022 00:58:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 81ms
29ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Requested by

Host: cdn.play.sweepstakesalerts.com
URL: https://cdn.play.sweepstakesalerts.com/static/css/34a85a69b16a.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 00:32:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 21 Jun 2022 00:58:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Jun 2022 00:58:37 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 124 KB
44 KB 87ms
38ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-W6DW6GG

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7FW2V8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

af5bd4fb7e1da72767d8a204d61ed6029f93036174daec0d492d83da2dd4ee61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 00:58:37 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44642
x-xss-protection: 0
expires: Tue, 21 Jun 2022 00:58:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 67ms
20ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7FW2V8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 570
date: Tue, 21 Jun 2022 00:49:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 21 Jun 2022 02:49:07 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 99ms
44ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7FW2V8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 18:22:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3DD2FB6BDAD847318EF8CD5940A405EE Ref B: FRAEDGE1213 Ref C: 2022-06-21T00:58:37Z
etag: "0c8eafcad81d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Tue, 21 Jun 2022 00:58:36 GMT
accept-ranges: bytes
content-length: 11374

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 102ms
21ms Script
application/javascript 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7FW2V8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 00:58:37 GMT
content-encoding: gzip
etag: "u2JtyZzqnTXwzBUswy2r+w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 28 Jun 2022 00:58:37 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1163270/ 55 KB
17 KB 290ms
243ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1163270/tfa.js
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=namirid461%40tagbert.com&firstname=&lastname=&e=dd9e71878f3068537d55941bc7e78f54&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE&utm_campaign=newsletter&affid=1659&campaignid=10199&message_id=66822&message_version_id=107491&aff_sub=1685&aff_sub2=66822&aff_sub3=&aff_sub4=675&aff_sub5=107491&aff_unique3=10199&aff_unique5=dd9e71878f3068537d55941bc7e78f54&source=Other&adgroup_id=1685&gender=&age=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 05723f4d608b0e50fdaabb2e3cb2cbf35941316a8a0cf1d2403389c786f0922a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: I.EZVGJqf0XLlihbrQWz5UBpS9Xu5P2b
content-encoding: gzip
etag: "f8f24f9da00d74c12b05196afe55e4e4"
age: 0
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 17391
x-amz-id-2: 8fo9ELs1W/o/ymYXU3AJKp6v6zhoP8z4k5p6SfW+QODVn1YdsctVFwpQhsALvJsgigBlXtXs5+w=
x-served-by: cache-hhn4059-HHN
last-modified: Sun, 19 Jun 2022 11:06:40 GMT
server: AmazonS3
x-timer: S1655773117.227895,VS0,VE201
date: Tue, 21 Jun 2022 00:58:37 GMT
vary: Accept-Encoding
x-amz-request-id: 82BZAT7Z3ZSP7ZEN
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 14
x-cache-hits: 1

GET
H2 200 a-01nn.min.js Show response
b-code.liadm.com/ 27 KB
10 KB 84ms
25ms Script
application/javascript 2600:9000:224a:a000:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-01nn.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7FW2V8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:a000:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9f35bbbae3b065c10a0f6d1b82e02ca1762990ba7f8a3deaed83e38d9eacc45d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:21:53 GMT
via: 1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
age: 63404
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-P1
content-encoding: gzip
x-amz-cf-id: 7UF3TTDQNSTLiUJJNfK61hV-nLkUx-a0CVslaita8gPP25QRAzDigw==

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 523 B
644 B 191ms
28ms Script
application/javascript 178.250.2.140
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=84770

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7FW2V8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.140 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f9df8228ed8f7780a3c9d2969d769304f3644a2f05361ad62969133f0e8905a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 00:58:37 GMT
content-encoding: br
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 70ms
20ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://play.sweepstakesalerts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 21042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 19:07:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 75ms
25ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://play.sweepstakesalerts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 12:56:05 GMT
x-content-type-options: nosniff
age: 43352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 12:56:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 91ms
42ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://play.sweepstakesalerts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 08:45:42 GMT
x-content-type-options: nosniff
age: 576775
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Jun 2023 08:45:42 GMT

GET
H2 200 26042910.js Show response
bat.bing.com/p/action/ 219 B
493 B 267ms
266ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/26042910.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

25bccf6cce776230888ad96366ff1ad028b1a9390f82d00f279a791fe743cda0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DF3876F7789C41D59DC6CB8F30763490 Ref B: FRAEDGE1213 Ref C: 2022-06-21T00:58:37Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
date: Tue, 21 Jun 2022 00:58:37 GMT
content-length: 300

POST
H2 200 rl Show response
api.pushy.ai/wps/da29b3f4-209d-4830-810a-502c7fecc5f9/swev/ 2 B
129 B 343ms
109ms Fetch
application/json 2600:1f18:136:3d02:1f47:bad9:4e37:4fe3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushy.ai/wps/da29b3f4-209d-4830-810a-502c7fecc5f9/swev/rl

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:136:3d02:1f47:bad9:4e37:4fe3 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://play.sweepstakesalerts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 21 Jun 2022 00:58:37 GMT
server: nginx
content-length: 2
x-frame-options: SAMEORIGIN
content-type: application/json

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
187 B 28ms
28ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1872008003&t=pageview&_s=1&dl=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3D002059%26email%3Dnamirid461%2540tagbert.com%26firstname%3D%26lastname%3D%26e%3Ddd9e71878f3068537d55941bc7e78f54%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE%26utm_campaign%3Dnewsletter%26affid%3D1659%26campaignid%3D10199%26message_id%3D66822%26message_version_id%3D107491%26aff_sub%3D1685%26aff_sub2%3D66822%26aff_sub3%3D%26aff_sub4%3D675%26aff_sub5%3D107491%26aff_unique3%3D10199%26aff_unique5%3Ddd9e71878f3068537d55941bc7e78f54%26source%3DOther%26adgroup_id%3D1685%26gender%3D%26age%3D&ul=en-us&de=UTF-8&dt=Win%2050000%20Today&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABQAAAAC~&jid=182479413&gjid=1744621060&cid=1072776200.1655773117&tid=UA-46324972-3&_gid=1905826748.1655773117&_r=1&gtm=2wg6f0P7FW2V8&cd3=871&cd4=&cd7=tagbert.com&cd8=dd9e71878f3068537d55941bc7e78f54&cd11=66822&cd12=107491&z=1002112122

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://play.sweepstakesalerts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Jun 2022 00:58:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://play.sweepstakesalerts.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-KgfKnLKEydhQX.js Show response
rules.quantcount.com/ 663 B
1 KB 515ms
458ms Script
application/javascript 2600:9000:2156:3800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-KgfKnLKEydhQX.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3908b1571a9e3ef509ba535215db88a944f6d301e5a3194e21f98b63e4bc7d4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 00:58:38 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 663
last-modified: Wed, 09 Oct 2019 21:46:18 GMT
server: AmazonS3
etag: "24bfe90597a01d37400814a2e514eed3"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: a0RaME4ziOrCat3zjrXySe08JGcXKirsKiYH5iXiQCMmWffONwb6PQ==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
449 B 86ms
29ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-46324972-3&cid=1072776200.1655773117&jid=182479413&gjid=1744621060&_gid=1905826748.1655773117&_u=aEBAAEAAQAAAAC~&z=595244957

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://play.sweepstakesalerts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 21 Jun 2022 00:58:37 GMT
content-type: text/plain
access-control-allow-origin: https://play.sweepstakesalerts.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
19ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1872008003&t=event&ni=0&_s=1&dl=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3D002059%26email%3Dnamirid461%2540tagbert.com%26firstname%3D%26lastname%3D%26e%3Ddd9e71878f3068537d55941bc7e78f54%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE%26utm_campaign%3Dnewsletter%26affid%3D1659%26campaignid%3D10199%26message_id%3D66822%26message_version_id%3D107491%26aff_sub%3D1685%26aff_sub2%3D66822%26aff_sub3%3D%26aff_sub4%3D675%26aff_sub5%3D107491%26aff_unique3%3D10199%26aff_unique5%3Ddd9e71878f3068537d55941bc7e78f54%26source%3DOther%26adgroup_id%3D1685%26gender%3D%26age%3D&ul=en-us&de=UTF-8&dt=Win%2050000%20Today&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=User%20Acquisition&ea=See%20Push%20Optin&_u=aEDAAEABQAAAAC~&jid=&gjid=&cid=1072776200.1655773117&tid=UA-46324972-3&_gid=1905826748.1655773117&gtm=2wg6f0P7FW2V8&cd3=871&cd4=&cd7=tagbert.com&cd8=dd9e71878f3068537d55941bc7e78f54&cd11=66822&cd12=107491&z=1859244505

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 12:27:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45060
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 42 KB
14 KB 197ms
92ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=84770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

dfc6678e3b812f3097334f84e4f7ed816c8339cd0f1a5e5b90281e8c3374d463

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 00:58:37 GMT
content-encoding: gzip
last-modified: Tue, 31 May 2022 05:07:22 GMT
server: nginx
etag: W/"6295a28a-a708"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 22 Jun 2022 00:58:37 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1655773117368&aid=a-01nn&se=e30&duid=b5db4fe28af0--01g61w9et39qzbny08fz9w4nj9&tna=v2.3.1&pu=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3D...
https://rp4.liadm.com/j?dtstmp=1655773117368&aid=a-01nn&se=e30&duid=b5db4fe28af0--01g61w9et39qzbny08fz9w4nj9&tna=v2.3.1&pu=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3...

13 B
554 B

425ms
107ms

XHR
application/json

52.4.135.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1655773117368&aid=a-01nn&se=e30&duid=b5db4fe28af0--01g61w9et39qzbny08fz9w4nj9&tna=v2.3.1&pu=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3D002059%26email%3Dnamirid461%2540tagbert.com%26firstname%3D%26lastname%3D%26e%3Ddd9e71878f3068537d55941bc7e78f54%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE%26utm_campaign%3Dnewsletter%26affid%3D1659%26campaignid%3D10199%26message_id%3D66822%26message_version_id%3D107491%26aff_sub%3D1685%26aff_sub2%3D66822%26aff_sub3%3D%26aff_sub4%3D675%26aff_sub5%3D107491%26aff_unique3%3D10199%26aff_unique5%3Ddd9e71878f3068537d55941bc7e78f54%26source%3DOther%26adgroup_id%3D1685%26gender%3D%26age%3D&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlPldpbiA1MDAwMCBUb2RheTwvdGl0bGU-PGgxIGlkPSJjb21wbGV0ZS15b3VyLWVudHJ5IiBjbGFzcz0idGV4dC1jZW50ZXIgbWFpbi1oZWFkaW5nIj5HZXQgUGlja2VkIDxzcGFuPkluc3RhbnRseTwvc3Bhbj48L2gxPg&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6Ojc%3D&n3pc=true

Requested by

Protocol

Server

52.4.135.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-135-4.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 00:58:38 GMT
x-pixel-event-id: 6ddb126b-623d-4f4b-b774-e30d18dc649f
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: null
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: f585be391b9be109
request-time: 0
content-length: 13
x-content-type-options: nosniff

Redirect headers

date: Tue, 21 Jun 2022 00:58:37 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
location: https://rp4.liadm.com/j?dtstmp=1655773117368&aid=a-01nn&se=e30&duid=b5db4fe28af0--01g61w9et39qzbny08fz9w4nj9&tna=v2.3.1&pu=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3D002059%26email%3Dnamirid461%2540tagbert.com%26firstname%3D%26lastname%3D%26e%3Ddd9e71878f3068537d55941bc7e78f54%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE%26utm_campaign%3Dnewsletter%26affid%3D1659%26campaignid%3D10199%26message_id%3D66822%26message_version_id%3D107491%26aff_sub%3D1685%26aff_sub2%3D66822%26aff_sub3%3D%26aff_sub4%3D675%26aff_sub5%3D107491%26aff_unique3%3D10199%26aff_unique5%3Ddd9e71878f3068537d55941bc7e78f54%26source%3DOther%26adgroup_id%3D1685%26gender%3D%26age%3D&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlPldpbiA1MDAwMCBUb2RheTwvdGl0bGU-PGgxIGlkPSJjb21wbGV0ZS15b3VyLWVudHJ5IiBjbGFzcz0idGV4dC1jZW50ZXIgbWFpbi1oZWFkaW5nIj5HZXQgUGlja2VkIDxzcGFuPkluc3RhbnRseTwvc3Bhbj48L2gxPg&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6Ojc%3D&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://play.sweepstakesalerts.com
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 740532020f8d7f33
request-time: 0
content-length: 0
x-content-type-options: nosniff

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 83ms
31ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-46324972-3&cid=1072776200.1655773117&jid=182479413&_u=aEBAAEAAQAAAAC~&z=1771256153

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Jun 2022 00:58:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 91ms
33ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-46324972-3&cid=1072776200.1655773117&jid=182479413&_u=aEBAAEAAQAAAAC~&z=1771256153

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Jun 2022 00:58:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p Show response
api.pushy.ai/wps/da29b3f4-209d-4830-810a-502c7fecc5f9/swev/ 2 B
128 B 179ms
110ms Fetch
application/json 2600:1f18:136:3d02:1f47:bad9:4e37:4fe3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushy.ai/wps/da29b3f4-209d-4830-810a-502c7fecc5f9/swev/p

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:136:3d02:1f47:bad9:4e37:4fe3 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://play.sweepstakesalerts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 21 Jun 2022 00:58:37 GMT
server: nginx
content-length: 2
x-frame-options: SAMEORIGIN
content-type: application/json

POST
H2 200 pc Show response
api.pushy.ai/wps/da29b3f4-209d-4830-810a-502c7fecc5f9/swev/ 2 B
128 B 175ms
109ms Fetch
application/json 2600:1f18:136:3d02:1f47:bad9:4e37:4fe3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushy.ai/wps/da29b3f4-209d-4830-810a-502c7fecc5f9/swev/pc

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:136:3d02:1f47:bad9:4e37:4fe3 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://play.sweepstakesalerts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 21 Jun 2022 00:58:37 GMT
server: nginx
content-length: 2
x-frame-options: SAMEORIGIN
content-type: application/json

GET
H2 200 json Show response
trc.taboola.com/1163270/trc/3/ 2 KB
1 KB 49ms
42ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1163270/trc/3/json?tim=1655773117485&data=%7B%22id%22%3A694%2C%22ii%22%3A%22%2Fspin-to-win-50k%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1655773117463%2C%22cv%22%3A%2220220619-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3D002059%26email%3Dnamirid461%2540tagbert.com%26firstname%3D%26lastname%3D%26e%3Ddd9e71878f3068537d55941bc7e78f54%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE%26utm_campaign%3Dnewsletter%26affid%3D1659%26campaignid%3D10199%26message_id%3D66822%26message_version_id%3D107491%26aff_sub%3D1685%26aff_sub2%3D66822%26aff_sub3%3D%26aff_sub4%3D675%26aff_sub5%3D107491%26aff_unique3%3D10199%26aff_unique5%3Ddd9e71878f3068537d55941bc7e78f54%26source%3DOther%26adgroup_id%3D1685%26gender%3D%26age%3D%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_content%3D002059%26email%3Dnamirid461%2540tagbert.com%26firstname%3D%26lastname%3D%26e%3Ddd9e71878f3068537d55941bc7e78f54%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE%26utm_campaign%3Dnewsletter%26affid%3D1659%26campaignid%3D10199%26message_id%3D66822%26message_version_id%3D107491%26aff_sub%3D1685%26aff_sub2%3D66822%26aff_sub3%3D%26aff_sub4%3D675%26aff_sub5%3D107491%26aff_unique3%3D10199%26aff_unique5%3Ddd9e71878f3068537d55941bc7e78f54%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dbuzzery-sweepstakes-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1655773117483%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3D002059%26email%3Dnamirid461%2540tagbert.com%26firstname%3D%26lastname%3D%26e%3Ddd9e71878f3068537d55941bc7e78f54%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE%26utm_campaign%3Dnewsletter%26affid%3D1659%26campaignid%3D10199%26message_id%3D66822%26message_version_id%3D107491%26aff_sub%3D1685%26aff_sub2%3D66822%26aff_sub3%3D%26aff_sub4%3D675%26aff_sub5%3D107491%26aff_unique3%3D10199%26aff_unique5%3Ddd9e71878f3068537d55941bc7e78f54%26source%3DOther%26adgroup_id%3D1685%26gender%3D%26age%3D%22%2C%22tos%22%3A7%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1163270/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ffbb8f7bb87fc71c06d8c6fe1a7cd3f0958b03be0d116fd77f2a3ea80a722189

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-vcl-time-ms: 19
date: Tue, 21 Jun 2022 00:58:37 GMT
content-encoding: gzip
server: nginx
x-timer: S1655773118.508826,VS0,VE19
x-served-by: cache-hhn4059-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ 366 KB
145 KB 70ms
22ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lc3M8gUAAAAAHflC51We3LuNcNOsZREHtJ0ry10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://play.sweepstakesalerts.com/
Origin: https://play.sweepstakesalerts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 18:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148046
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Jun 2023 18:59:24 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 65ms
22ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://play.sweepstakesalerts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:39:45 GMT
x-content-type-options: nosniff
age: 29932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 16:39:45 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1872008003&t=event&ni=0&_s=1&dl=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3D002059%26email%3Dnamirid461%2540tagbert.com%26firstname%3D%26lastname%3D%26e%3Ddd9e71878f3068537d55941bc7e78f54%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE%26utm_campaign%3Dnewsletter%26affid%3D1659%26campaignid%3D10199%26message_id%3D66822%26message_version_id%3D107491%26aff_sub%3D1685%26aff_sub2%3D66822%26aff_sub3%3D%26aff_sub4%3D675%26aff_sub5%3D107491%26aff_unique3%3D10199%26aff_unique5%3Ddd9e71878f3068537d55941bc7e78f54%26source%3DOther%26adgroup_id%3D1685%26gender%3D%26age%3D&ul=en-us&de=UTF-8&dt=Win%2050000%20Today&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=User%20Acquisition&ea=Pre-Pop%20&el=Single%20Step%20Form&_u=aEDAAEABQAAAAC~&jid=&gjid=&cid=1072776200.1655773117&tid=UA-46324972-3&_gid=1905826748.1655773117&gtm=2wg6f0P7FW2V8&cd3=871&cd4=&cd7=tagbert.com&cd8=dd9e71878f3068537d55941bc7e78f54&cd11=66822&cd12=107491&z=1140780259

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 12:27:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45060
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1872008003&t=event&ni=0&_s=1&dl=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3D002059%26email%3Dnamirid461%2540tagbert.com%26firstname%3D%26lastname%3D%26e%3Ddd9e71878f3068537d55941bc7e78f54%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE%26utm_campaign%3Dnewsletter%26affid%3D1659%26campaignid%3D10199%26message_id%3D66822%26message_version_id%3D107491%26aff_sub%3D1685%26aff_sub2%3D66822%26aff_sub3%3D%26aff_sub4%3D675%26aff_sub5%3D107491%26aff_unique3%3D10199%26aff_unique5%3Ddd9e71878f3068537d55941bc7e78f54%26source%3DOther%26adgroup_id%3D1685%26gender%3D%26age%3D&ul=en-us&de=UTF-8&dt=Win%2050000%20Today&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=User%20Acquisition&ea=Viewed%20&el=Single%20Step%20Form&_u=aEDAAEABQAAAAC~&jid=&gjid=&cid=1072776200.1655773117&tid=UA-46324972-3&_gid=1905826748.1655773117&gtm=2wg6f0P7FW2V8&cd3=871&cd4=&cd7=tagbert.com&cd8=dd9e71878f3068537d55941bc7e78f54&cd11=66822&cd12=107491&z=289429641

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 12:27:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45060
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dark-bg.jpg
cdn.sweepstakesalerts.com/images/2021/06/21/ 171 KB
172 KB 22ms
22ms Image
image/jpeg 18.66.112.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.sweepstakesalerts.com/images/2021/06/21/dark-bg.jpg
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=namirid461%40tagbert.com&firstname=&lastname=&e=dd9e71878f3068537d55941bc7e78f54&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE&utm_campaign=newsletter&affid=1659&campaignid=10199&message_id=66822&message_version_id=107491&aff_sub=1685&aff_sub2=66822&aff_sub3=&aff_sub4=675&aff_sub5=107491&aff_unique3=10199&aff_unique5=dd9e71878f3068537d55941bc7e78f54&source=Other&adgroup_id=1685&gender=&age=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-102.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 274f76ec4a8353e03709b939357570efb824f07212c81c56fa5272a8ea27da83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 18:20:20 GMT
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
last-modified: Mon, 21 Jun 2021 15:53:55 GMT
server: AmazonS3
age: 110298
etag: "6302b713d1f51efa00f898c529ec092f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 175523
x-amz-cf-id: tmOwwiEv-k1KksbJUApUXVwNqKVj0O3_wpEPs3bgwz_u_xXfrE3Pkg==

GET
H2 200 logo-sweepstakesalerts-white.svg
cdn.play.sweepstakesalerts.com/static/img/ 29 KB
12 KB 22ms
21ms Image
image/svg+xml 143.204.89.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.play.sweepstakesalerts.com/static/img/logo-sweepstakesalerts-white.svg
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=namirid461%40tagbert.com&firstname=&lastname=&e=dd9e71878f3068537d55941bc7e78f54&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE&utm_campaign=newsletter&affid=1659&campaignid=10199&message_id=66822&message_version_id=107491&aff_sub=1685&aff_sub2=66822&aff_sub3=&aff_sub4=675&aff_sub5=107491&aff_unique3=10199&aff_unique5=dd9e71878f3068537d55941bc7e78f54&source=Other&adgroup_id=1685&gender=&age=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 244f03e6430da5686033b5c0ececa20702e15047ef64458993908bbd78d4c24b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 01:22:45 GMT
content-encoding: gzip
last-modified: Tue, 01 Oct 2019 22:48:45 GMT
server: AmazonS3
age: 344152
etag: "e4a2eb296ca372f408d8900e1adafe1e"
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 11443
x-amz-cf-id: QepUhc73ddod9xpf92F-KhF1fQGeORERTZFh0YqTmqhmJuQS317-pw==

GET
H2 200 50k.png
cdn.sweepstakesalerts.com/images/2021/06/21/ 126 KB
126 KB 37ms
37ms Image
image/png 18.66.112.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.sweepstakesalerts.com/images/2021/06/21/50k.png
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=namirid461%40tagbert.com&firstname=&lastname=&e=dd9e71878f3068537d55941bc7e78f54&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE&utm_campaign=newsletter&affid=1659&campaignid=10199&message_id=66822&message_version_id=107491&aff_sub=1685&aff_sub2=66822&aff_sub3=&aff_sub4=675&aff_sub5=107491&aff_unique3=10199&aff_unique5=dd9e71878f3068537d55941bc7e78f54&source=Other&adgroup_id=1685&gender=&age=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-102.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01d530b7bea0908d9ccb3c8850370d3af509b62aa6c0acca543cc8d12d945b8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 13:13:30 GMT
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
last-modified: Mon, 21 Jun 2021 15:53:53 GMT
server: AmazonS3
age: 301508
etag: "e35d8d5dd6599e32266629efef7acab1"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 128629
x-amz-cf-id: 8SouEPgZVykylIdJAlyiv-BfSI4kjDUj1BYNLPVxjiUCLHuWFSrh0A==

GET
H2 200 cross_storage Show response
pbsw.pushy.ai/wps/ Frame 5875 2 KB
1 KB 78ms
22ms Document
text/html 138.199.37.229
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://pbsw.pushy.ai/wps/cross_storage
Requested by: Host: sw.pushy.ai
URL: https://sw.pushy.ai/wps/da29b3f4-209d-4830-810a-502c7fecc5f9/main/wpsmain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-229.datapacket.com
Software: BunnyCDN-DE1-865 /
Resource Hash: 815ba892a341bb9a0639bf904e33982c263b80414ead45cd11f7ef1828870a64

Request headers

Referer: https://play.sweepstakesalerts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=2592000
cdn-cache: HIT
cdn-cachedat: 06/05/2022 18:39:36
cdn-edgestorageid: 601
cdn-proxyver: 1.02
cdn-pullzone: 644701
cdn-requestcountrycode: DE
cdn-requestid: cec39504f09101190a56ba2714af39b9
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-status: 200
cdn-uid: 13ae11fe-691f-4fee-a846-e4c09c2ae14f
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 21 Jun 2022 00:58:37 GMT
server: BunnyCDN-DE1-865
vary: Accept-Encoding

GET
H2 200 / Show response
play.sweepstakesalerts.com/session/ 0
534 B 116ms
116ms XHR
text/html 34.233.65.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://play.sweepstakesalerts.com/session/?ga_client_id=1072776200.1655773117

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.233.65.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-65-53.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
X-NewRelic-ID: UgQAU1JbGwQIVVFVDgAB
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Referer: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=namirid461%40tagbert.com&firstname=&lastname=&e=dd9e71878f3068537d55941bc7e78f54&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE&utm_campaign=newsletter&affid=1659&campaignid=10199&message_id=66822&message_version_id=107491&aff_sub=1685&aff_sub2=66822&aff_sub3=&aff_sub4=675&aff_sub5=107491&aff_unique3=10199&aff_unique5=dd9e71878f3068537d55941bc7e78f54&source=Other&adgroup_id=1685&gender=&age=

Response headers

date: Tue, 21 Jun 2022 00:58:37 GMT
vary: Cookie
x-newrelic-app-data: PxQBU1FRDAsTU1lTBwYOV1ITGhE1AwE2QgNWEVlbQFtcCxYnRA9QFg1ZWU4AFlZdVQgSTEFYUhEXC0VSFAM8EVURSwtXVhYeA0kJTwFRBFtcBQNVUFIKAgJVVFoFHRpXSBMOB1JWUlIAAQ0BCQtQVAIHG01XAF8RAWs=
server: nginx/1.10.3 (Ubuntu)
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: text/html; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 0

GET
H2 204 0
bat.bing.com/action/ 0
176 B 48ms
48ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26042910&tm=gtm002&Ver=2&mid=035a3615-9e97-4205-bd92-389c3d27a1b2&sid=488d71e0f0fd11ecb79539079f9e1fa2&vid=488da5c0f0fd11ecbd9d67676732af4a&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Win%2050000%20Today&p=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3D002059%26email%3Dnamirid461%2540tagbert.com%26firstname%3D%26lastname%3D%26e%3Ddd9e71878f3068537d55941bc7e78f54%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE%26utm_campaign%3Dnewsletter%26affid%3D1659%26campaignid%3D10199%26message_id%3D66822%26message_version_id%3D107491%26aff_sub%3D1685%26aff_sub2%3D66822%26aff_sub3%3D%26aff_sub4%3D675%26aff_sub5%3D107491%26aff_unique3%3D10199%26aff_unique5%3Ddd9e71878f3068537d55941bc7e78f54%26source%3DOther%26adgroup_id%3D1685%26gender%3D%26age%3D&r=&lt=1623&evt=pageLoad&msclkid=N&sv=1&rn=854148

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E4669B1E09E848CEAEE84E8B28DE3C6E Ref B: FRAEDGE1213 Ref C: 2022-06-21T00:58:37Z
date: Tue, 21 Jun 2022 00:58:37 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 26042910 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 316ms
188ms Script
application/x-javascript 2620:1ec:27::cafe:1734
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/26042910
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/26042910.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1734 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: c93b335840961470ef9c848c901d3500e6fc5844d071ec03060efb19c79b75e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 00:58:37 GMT
x-powered-by: ASP.NET
x-azure-ref: 0vRexYgAAAADzKRMkAyqLRJtwoo8Y7+wVQVRIMDFFREdFMDQxMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 14A9 15 KB
6 KB 227ms
35ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=play.sweepstakesalerts.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

cf123b4d7a9a20f1cd0a1e41dd39841845abb4350e5d466adb592f4bdf5b9be3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://play.sweepstakesalerts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6149
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 21 Jun 2022 00:58:37 GMT
server-processing-duration-in-ticks: 2284
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 91E8 41 KB
21 KB 57ms
57ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc3M8gUAAAAAHflC51We3LuNcNOsZREHtJ0ry10&co=aHR0cHM6Ly9wbGF5LnN3ZWVwc3Rha2VzYWxlcnRzLmNvbTo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=pl6iutv7lnmq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1ee9025bb8b37d215197fe73c8b9ebfbb21634edd711a9b47138f97849bf373a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vlCUYbFbUZF77Vcf77eyOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://play.sweepstakesalerts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 21895
content-security-policy: script-src 'report-sample' 'nonce-vlCUYbFbUZF77Vcf77eyOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 21 Jun 2022 00:58:37 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 91E8 51 KB
24 KB 65ms
21ms Stylesheet
text/css 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc3M8gUAAAAAHflC51We3LuNcNOsZREHtJ0ry10&co=aHR0cHM6Ly9wbGF5LnN3ZWVwc3Rha2VzYWxlcnRzLmNvbTo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=pl6iutv7lnmq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 20:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Jun 2023 20:21:07 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 91E8 366 KB
145 KB 64ms
21ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 18:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148046
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Jun 2023 18:59:24 GMT

GET
H2 200 pixel;r=96628695;source=gtm;rf=0;a=p-KgfKnLKEydhQX;url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3D002059%26email%3Dnamirid461%2540tagbert.com%26firstname%3D%26lastna...
pixel.quantserve.com/ 35 B
371 B 44ms
25ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=96628695;source=gtm;rf=0;a=p-KgfKnLKEydhQX;url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3D002059%26email%3Dnamirid461%2540tagbert.com%26firstname%3D%26lastname%3D%26e%3Ddd9e71878f3068537d55941bc7e78f54%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE%26utm_campaign%3Dnewsletter%26affid%3D1659%26campaignid%3D10199%26message_id%3D66822%26message_version_id%3D107491%26aff_sub%3D1685%26aff_sub2%3D66822%26aff_sub3%3D%26aff_sub4%3D675%26aff_sub5%3D107491%26aff_unique3%3D10199%26aff_unique5%3Ddd9e71878f3068537d55941bc7e78f54%26source%3DOther%26adgroup_id%3D1685%26gender%3D%26age%3D;uht=2;fpan=1;fpa=P0-938027122-1655773117804;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=sweepstakesalerts.com;je=0;sr=1600x1200x24;dst=0;et=1655773117804;tzo=0;ogl=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Jun 2022 00:58:37 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 14A9
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=sweepstakesalerts.com&sn=ChromeSyncframe&so=0&topUrl=play.sweepstakesalerts.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=3lhn7nxCU3NnREE5bG80MmhXTkJLUWh4RmRIZ3hmZnpHa1N2bVFwSGFMUGVnZnNFQ0VuYThGSkRqbGNzdlJjWW5TcGtDM2x1MHNLZU5Gb2pLYW9LdVVVZnRaUzR2T1R6dmNvQXN3Yk83dHZyOU9kV2VIbk1OaXRZdW56bn...

452 B
653 B

359ms
36ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=3lhn7nxCU3NnREE5bG80MmhXTkJLUWh4RmRIZ3hmZnpHa1N2bVFwSGFMUGVnZnNFQ0VuYThGSkRqbGNzdlJjWW5TcGtDM2x1MHNLZU5Gb2pLYW9LdVVVZnRaUzR2T1R6dmNvQXN3Yk83dHZyOU9kV2VIbk1OaXRZdW56bndoZlpFNnp1NTh3eXpSMjFBdkRoQnE2eGlNOEdiYk1IeHN6UDdIbnlYdW9DaVhjNWE3VTU0bE8rUVJaUEZzU2xmM3oxcFU0bVBnWTF5eHNSTDE1bFNPUHVieWNKMlZQVHU3aVpad0Zjd3RpM005bmZuSnlUdC9yL3A4OWtWdHlmZ0FmbXB2QnVGY2dPeldhWk0vQXhSMFZ1cGtNU2JFdXVhZ3NpR0pzWjd3ZEwrbzl5WEV3bz18&cppv=2

Requested by

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

83e8964f417c7c37d41d137d74e554d14882ee534524f323c04518026f16e445

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Jun 2022 00:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5626
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 21 Jun 2022 00:58:37 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=3lhn7nxCU3NnREE5bG80MmhXTkJLUWh4RmRIZ3hmZnpHa1N2bVFwSGFMUGVnZnNFQ0VuYThGSkRqbGNzdlJjWW5TcGtDM2x1MHNLZU5Gb2pLYW9LdVVVZnRaUzR2T1R6dmNvQXN3Yk83dHZyOU9kV2VIbk1OaXRZdW56bndoZlpFNnp1NTh3eXpSMjFBdkRoQnE2eGlNOEdiYk1IeHN6UDdIbnlYdW9DaVhjNWE3VTU0bE8rUVJaUEZzU2xmM3oxcFU0bVBnWTF5eHNSTDE1bFNPUHVieWNKMlZQVHU3aVpad0Zjd3RpM005bmZuSnlUdC9yL3A4OWtWdHlmZ0FmbXB2QnVGY2dPeldhWk0vQXhSMFZ1cGtNU2JFdXVhZ3NpR0pzWjd3ZEwrbzl5WEV3bz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1162
content-length: 567
expires: 0

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 91E8 2 KB
2 KB 22ms
22ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 364708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 23 Jun 2022 19:40:09 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 91E8 15 KB
15 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 546716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Jun 2023 17:06:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 91E8 15 KB
15 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 08:48:37 GMT
x-content-type-options: nosniff
age: 576600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Jun 2023 08:48:37 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 91E8 102 B
132 B 28ms
28ms Other
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc3M8gUAAAAAHflC51We3LuNcNOsZREHtJ0ry10&co=aHR0cHM6Ly9wbGF5LnN3ZWVwc3Rha2VzYWxlcnRzLmNvbTo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=pl6iutv7lnmq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 00:58:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 1; mode=block
expires: Tue, 21 Jun 2022 00:58:37 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-b/s/0.6.34/ 53 KB
23 KB 184ms
184ms Script
application/javascript 2620:1ec:27::cafe:1734
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-b/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/26042910
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1734 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 00:58:37 GMT
content-encoding: br
etag: "1d880d11ff3a854"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0vhexYgAAAABLg1/qGVxnSavDqVbHEWuaQVRIMDFFREdFMDQxMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 nr-1216.min.js Show response
js-agent.newrelic.com/ 38 KB
14 KB 73ms
21ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1216.min.js
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=namirid461%40tagbert.com&firstname=&lastname=&e=dd9e71878f3068537d55941bc7e78f54&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE&utm_campaign=newsletter&affid=1659&campaignid=10199&message_id=66822&message_version_id=107491&aff_sub=1685&aff_sub2=66822&aff_sub3=&aff_sub4=675&aff_sub5=107491&aff_unique3=10199&aff_unique5=dd9e71878f3068537d55941bc7e78f54&source=Other&adgroup_id=1685&gender=&age=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: gzip
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id: DQXVECYYH26T8XA2
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14391
x-amz-id-2: eALUuukJzB4ucStWKbHKE0iJ4pHw1jEWf2JkWgG6tOJtELdAqipD0ZP+vGohR4HC654nDcLzXqg=
x-served-by: cache-hhn4020-HHN
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1655773118.286167,VS0,VE0
date: Tue, 21 Jun 2022 00:58:38 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 67

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=8A6C4FD6565C4D5BB5C9ED36F134A3FE&RedC=c.clarity.ms&MXFR=2BE3AAFEDFB36B143BADBB34DBB36506
https://c.clarity.ms/c.gif?CtsSyncId=8A6C4FD6565C4D5BB5C9ED36F134A3FE&MUID=1AD58C6CE34F62101DB49DA6E29D63B2

42 B
368 B

42ms
42ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=8A6C4FD6565C4D5BB5C9ED36F134A3FE&MUID=1AD58C6CE34F62101DB49DA6E29D63B2
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Jun 2022 00:58:37 GMT
last-modified: Fri, 20 May 2022 21:53:17 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "17a28a3946cd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 21 Jun 2022 00:58:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 62016857F3DF433DB835FDBFEDD1091F Ref B: FRAEDGE1213 Ref C: 2022-06-21T00:58:38Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=8A6C4FD6565C4D5BB5C9ED36F134A3FE&MUID=1AD58C6CE34F62101DB49DA6E29D63B2
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK cf1f842459 Show response
bam.nr-data.net/1/ 49 B
725 B 280ms
230ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/cf1f842459?a=78107916&v=1216.487a282&to=Y1ZQYkRTW0BRWkRQWFocdENYUUFaX1cfTlJWQFtCUxxDWlVOQwNUVUdRXmlTWV9vTEJVRA%3D%3D&rst=2306&ck=1&ref=https://play.sweepstakesalerts.com/spin-to-win-50k&ap=79&be=970&fe=2226&dc=1607&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1655773115997,%22n%22:0,%22f%22:427,%22dn%22:428,%22dne%22:446,%22c%22:446,%22s%22:552,%22ce%22:665,%22rq%22:666,%22rp%22:853,%22rpe%22:961,%22dl%22:863,%22di%22:1607,%22ds%22:1607,%22de%22:1623,%22dc%22:2226,%22l%22:2226,%22le%22:2230%7D,%22navigation%22:%7B%7D%7D&fp=1018&fcp=1606&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 21 Jun 2022 00:58:38 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 71e8cc05ce769034-FRA

POST
H2 204 collect Show response
e.clarity.ms/ 0
182 B 351ms
111ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=namirid461%40tagbert.com&firstname=&lastname=&e=dd9e71878f3068537d55941bc7e78f54&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE&utm_campaign=newsletter&affid=1659&campaignid=10199&message_id=66822&message_version_id=107491&aff_sub=1685&aff_sub2=66822&aff_sub3=&aff_sub4=675&aff_sub5=107491&aff_unique3=10199&aff_unique5=dd9e71878f3068537d55941bc7e78f54&source=Other&adgroup_id=1685&gender=&age=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://play.sweepstakesalerts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://play.sweepstakesalerts.com
date: Tue, 21 Jun 2022 00:58:38 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 204 unip Show response
trc-events.taboola.com/1163270/log/3/ 0
254 B 107ms
27ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1163270/log/3/unip?en=pre_d_eng_tb&tos=1646&scd=100&ssd=1&est=1655773117473&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1655773119122&vi=1655773117463&ri=cb7ac7969dee3bc239e34ccbef01d87e&ref=null&cv=20220619-3-RELEASE&item-url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3D002059%26email%3Dnamirid461%2540tagbert.com%26firstname%3D%26lastname%3D%26e%3Ddd9e71878f3068537d55941bc7e78f54%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE%26utm_campaign%3Dnewsletter%26affid%3D1659%26campaignid%3D10199%26message_id%3D66822%26message_version_id%3D107491%26aff_sub%3D1685%26aff_sub2%3D66822%26aff_sub3%3D%26aff_sub4%3D675%26aff_sub5%3D107491%26aff_unique3%3D10199%26aff_unique5%3Ddd9e71878f3068537d55941bc7e78f54%26source%3DOther%26adgroup_id%3D1685%26gender%3D%26age%3D
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=namirid461%40tagbert.com&firstname=&lastname=&e=dd9e71878f3068537d55941bc7e78f54&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE&utm_campaign=newsletter&affid=1659&campaignid=10199&message_id=66822&message_version_id=107491&aff_sub=1685&aff_sub2=66822&aff_sub3=&aff_sub4=675&aff_sub5=107491&aff_unique3=10199&aff_unique5=dd9e71878f3068537d55941bc7e78f54&source=Other&adgroup_id=1685&gender=&age=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://play.sweepstakesalerts.com
pragma: no-cache
date: Tue, 21 Jun 2022 00:58:39 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 204 collect Show response
e.clarity.ms/ 0
48 B 108ms
108ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=namirid461%40tagbert.com&firstname=&lastname=&e=dd9e71878f3068537d55941bc7e78f54&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE&utm_campaign=newsletter&affid=1659&campaignid=10199&message_id=66822&message_version_id=107491&aff_sub=1685&aff_sub2=66822&aff_sub3=&aff_sub4=675&aff_sub5=107491&aff_unique3=10199&aff_unique5=dd9e71878f3068537d55941bc7e78f54&source=Other&adgroup_id=1685&gender=&age=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://play.sweepstakesalerts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://play.sweepstakesalerts.com
date: Tue, 21 Jun 2022 00:58:39 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 204 unip Show response
trc-events.taboola.com/1163270/log/3/ 0
253 B 28ms
28ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1163270/log/3/unip?en=pre_d_eng_tb&tos=4649&scd=100&ssd=1&est=1655773117473&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1655773122126&vi=1655773117463&ri=cb7ac7969dee3bc239e34ccbef01d87e&ref=null&cv=20220619-3-RELEASE&item-url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3D002059%26email%3Dnamirid461%2540tagbert.com%26firstname%3D%26lastname%3D%26e%3Ddd9e71878f3068537d55941bc7e78f54%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE%26utm_campaign%3Dnewsletter%26affid%3D1659%26campaignid%3D10199%26message_id%3D66822%26message_version_id%3D107491%26aff_sub%3D1685%26aff_sub2%3D66822%26aff_sub3%3D%26aff_sub4%3D675%26aff_sub5%3D107491%26aff_unique3%3D10199%26aff_unique5%3Ddd9e71878f3068537d55941bc7e78f54%26source%3DOther%26adgroup_id%3D1685%26gender%3D%26age%3D
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=namirid461%40tagbert.com&firstname=&lastname=&e=dd9e71878f3068537d55941bc7e78f54&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE&utm_campaign=newsletter&affid=1659&campaignid=10199&message_id=66822&message_version_id=107491&aff_sub=1685&aff_sub2=66822&aff_sub3=&aff_sub4=675&aff_sub5=107491&aff_unique3=10199&aff_unique5=dd9e71878f3068537d55941bc7e78f54&source=Other&adgroup_id=1685&gender=&age=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://play.sweepstakesalerts.com
pragma: no-cache
date: Tue, 21 Jun 2022 00:58:42 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 204 collect Show response
e.clarity.ms/ 0
48 B 109ms
108ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=namirid461%40tagbert.com&firstname=&lastname=&e=dd9e71878f3068537d55941bc7e78f54&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE&utm_campaign=newsletter&affid=1659&campaignid=10199&message_id=66822&message_version_id=107491&aff_sub=1685&aff_sub2=66822&aff_sub3=&aff_sub4=675&aff_sub5=107491&aff_unique3=10199&aff_unique5=dd9e71878f3068537d55941bc7e78f54&source=Other&adgroup_id=1685&gender=&age=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://play.sweepstakesalerts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://play.sweepstakesalerts.com
date: Tue, 21 Jun 2022 00:58:42 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
clicks.swpstrack.com/	1969-12-31 23:59:59	Name: TEMP_DATA Value: ffc03c5f-e445-4d1b-a4c0-7ab1f576235b
clicks.swpstrack.com/	1969-12-31 23:59:59	Name: esg1 Value: cR5/us_7/Es22odfX5IgF5auTT-XMdy/W/ctEXc/F/f1075465
play.sweepstakesalerts.com/	1970-01-20 04:16:22	Name: sessionid Value: 9c29oowfedn9mwiqunmpmxz0bg6a89ol
play.sweepstakesalerts.com/	1970-01-20 12:40:22	Name: csrftoken Value: U6E4TgHha2geNoZdUgKgW1ozyzevm7CokTpoFUKkUer38n7oHwU30nr9ACCFI2Oo
.sweepstakesalerts.com/	1970-01-20 06:05:49	Name: _gcl_au Value: 1.1.1201751872.1655773117
.sweepstakesalerts.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .sweepstakesalerts.com
.sweepstakesalerts.com/	1970-01-20 21:27:25	Name: _lc2_fpi Value: b5db4fe28af0--01g61w9et39qzbny08fz9w4nj9
.bing.com/	1970-01-20 13:17:49	Name: MUID Value: 1AD58C6CE34F62101DB49DA6E29D63B2
.sweepstakesalerts.com/	1970-01-20 21:27:25	Name: _ga Value: GA1.2.1072776200.1655773117
.sweepstakesalerts.com/	1970-01-20 03:57:39	Name: _gid Value: GA1.2.1905826748.1655773117
.sweepstakesalerts.com/	1970-01-20 03:56:13	Name: _gat_UA-46324972-3 Value: 1
.sweepstakesalerts.com/	1970-01-20 03:57:39	Name: _uetsid Value: 488d71e0f0fd11ecb79539079f9e1fa2
.sweepstakesalerts.com/	1970-01-20 13:17:49	Name: _uetvid Value: 488da5c0f0fd11ecbd9d67676732af4a
.liadm.com/	1970-01-20 21:27:25	Name: lidid Value: 0f657614-a076-4659-a0ce-889783fa1685
.quantserve.com/	1970-01-20 13:26:27	Name: mc Value: 62b117bd-cca58-d1ba8-9aa0b
.sweepstakesalerts.com/	1970-01-20 13:20:41	Name: __qca Value: P0-938027122-1655773117804
.criteo.com/	1970-01-20 13:17:49	Name: uid Value: 671ca7f2-d43a-4fc5-b8ea-cb417ef3f8dc
www.clarity.ms/	1970-01-20 12:41:49	Name: CLID Value: b57cac9e857d46eea6483066c6cc6a5b.20220621.20230621
.sweepstakesalerts.com/	1970-01-20 12:41:49	Name: _clck Value: n3tmhu\|1\|f2i\|0
.sweepstakesalerts.com/	1970-01-20 13:25:37	Name: cto_bundle Value: tMJVol9wZzVyJTJCUVY4ZGJ6eEgzSlFMWnR3ZTklMkZqdGRxaWtzcWlvOTNCR1Nid3N6eGFpOXQ2SFFlb3ZYWDZvOGZNbFE2QjQ3dFphV28xTUJYZTUwMHZvRXpyc2ZWTVNkUXlYQVRQOUZub2lIaUttdjFmM3NaY21vbmtEQkpkRzRwN3MlMkJTZzFRa082cklkT2FOUkcwb2I2NTR4eHFKS3p0YW9ZcG5KU092MGoza241SzglM0Q
.c.bing.com/	1970-01-20 13:17:49	Name: SRM_B Value: 1AD58C6CE34F62101DB49DA6E29D63B2
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 13:17:49	Name: MUID Value: 1AD58C6CE34F62101DB49DA6E29D63B2
.c.clarity.ms/	1970-01-20 03:56:13	Name: ANONCHK Value: 0
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: c79e9a1d0ae81810
.sweepstakesalerts.com/	1970-01-20 03:57:39	Name: _clsk Value: 1ly2z0l\|1655773118665\|1\|1\|e.clarity.ms/collect

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.pushy.ai
b-code.liadm.com
bam.nr-data.net
bat.bing.com
c.bing.com
c.clarity.ms
cdn.play.sweepstakesalerts.com
cdn.sweepstakesalerts.com
cdn.taboola.com
cdnjs.cloudflare.com
clicks.swpstrack.com
dynamic.criteo.com
e.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
js-agent.newrelic.com
mug.criteo.com
pbsw.pushy.ai
pixel.quantserve.com
play.sweepstakesalerts.com
potatojs.com
rp.liadm.com
rp4.liadm.com
rules.quantcount.com
secure.quantserve.com
static.criteo.net
stats.g.doubleclick.net
sw.pushy.ai
trc-events.taboola.com
trc.taboola.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
138.199.37.229
141.226.228.48
143.204.89.115
151.101.193.44
151.101.2.137
162.247.241.14
178.250.0.157
178.250.2.140
18.66.112.102
20.234.93.27
20.62.48.180
2600:1f18:136:3d02:1f47:bad9:4e37:4fe3
2600:1f18:730:b130:4c96:5596:18cd:cf5
2600:9000:2156:1800:5:c56e:3a00:93a1
2600:9000:2156:3800:6:44e3:f8c0:93a1
2600:9000:224a:a000:8:8845:1500:93a1
2606:4700::6811:180e
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:27::cafe:1734
2620:1ec:c11::200
2a00:1450:4001:802::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:813::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9d
2a02:2638:1::3
2a02:2638::1c
34.233.65.53
52.4.135.4
91.199.51.233
01d530b7bea0908d9ccb3c8850370d3af509b62aa6c0acca543cc8d12d945b8f
05723f4d608b0e50fdaabb2e3cb2cbf35941316a8a0cf1d2403389c786f0922a
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
148eac2ff26a5101d654d67a90d060691aac836a35e54c8343289d0091d6e1f0
159e8b1529b80f9684f7ebbf65e8f894043f2ade2df31e257a498220ef585582
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1ee9025bb8b37d215197fe73c8b9ebfbb21634edd711a9b47138f97849bf373a
244f03e6430da5686033b5c0ececa20702e15047ef64458993908bbd78d4c24b
25bccf6cce776230888ad96366ff1ad028b1a9390f82d00f279a791fe743cda0
274f76ec4a8353e03709b939357570efb824f07212c81c56fa5272a8ea27da83
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
3908b1571a9e3ef509ba535215db88a944f6d301e5a3194e21f98b63e4bc7d4b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
408a50c1effc5011fd28990e818d1b0f7315306f51e4c73c845aae84a57c21c7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26
815ba892a341bb9a0639bf904e33982c263b80414ead45cd11f7ef1828870a64
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83e8964f417c7c37d41d137d74e554d14882ee534524f323c04518026f16e445
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9f35bbbae3b065c10a0f6d1b82e02ca1762990ba7f8a3deaed83e38d9eacc45d
a0b7911e0c5d0eb5e2e61bda2048316ec32de2ea5f4b1f654a1a58732dc44226
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
af5bd4fb7e1da72767d8a204d61ed6029f93036174daec0d492d83da2dd4ee61
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b44241ddfb23dd4442e04cbd0a0e2193015f22af9f8aaf70166cc7728426d685
c93b335840961470ef9c848c901d3500e6fc5844d071ec03060efb19c79b75e4
c9c083f26202296edc3b4268bb67ab12399952f5ee404c7e476e741732cea0f6
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
cf123b4d7a9a20f1cd0a1e41dd39841845abb4350e5d466adb592f4bdf5b9be3
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfc6678e3b812f3097334f84e4f7ed816c8339cd0f1a5e5b90281e8c3374d463
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f4f961769b9b742af0d30b55f904d6ee625162f06fa2073270f3a0c0261dc872
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8fbc949098a7fe3568da9f4b7d1239175370dfec7e876761b2011b5d11a0b53
f9df8228ed8f7780a3c9d2969d769304f3644a2f05361ad62969133f0e8905a8
ffbb8f7bb87fc71c06d8c6fe1a7cd3f0958b03be0d116fd77f2a3ea80a722189

play.sweepstakesalerts.com Open in urlscan Pro 34.233.65.53 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

95 %HTTPS

58 %IPv6

22 Domains

37 Subdomains

31 IPs

7 Countries

1375 kBTransfer

2728 kBSize

26 Cookies

0 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

play.sweepstakesalerts.com Open in urlscan Pro
34.233.65.53 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

95 %
HTTPS

58 %
IPv6

22
Domains

37
Subdomains

31
IPs

7
Countries

1375 kB
Transfer

2728 kB
Size

26
Cookies

66 HTTP transactions
0 data transactions