go.paycor.com Open in urlscan Pro
104.17.72.206 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://go.paycor.com/nfl-ticket-sweepstakes.html
Submission: On October 23 via manual (October 23rd 2024, 3:12:04 pm UTC) from US — Scanned from CA

Summary HTTP 182 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 72 IPs in 2 countries across 55 domains to perform 182 HTTP transactions. The main IP is 104.17.72.206, located in and belongs to CLOUDFLARENET, US. The main domain is go.paycor.com. The Cisco Umbrella rank of the primary domain is 114341.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 8th 2024. Valid for: 10 months.

This is the only time go.paycor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	104.17.72.206 104.17.72.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.1.91 151.101.1.91	54113 (FASTLY) (FASTLY)
2	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
6	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:440... 2606:4700:4400::6812:29af	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
1 2	2606:4700::68... 2606:4700::6811:f6cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	69.192.29.241 69.192.29.241	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2607:f8b0:400... 2607:f8b0:4006:80f::2008	15169 (GOOGLE) (GOOGLE)
4	172.67.139.119 172.67.139.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:141b:1c0... 2600:141b:1c00:2588::523	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.238.49.70 18.238.49.70	16509 (AMAZON-02) (AMAZON-02)
6	2620:1ec:33:2... 2620:1ec:33:2::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	146.75.28.157 146.75.28.157	54113 (FASTLY) (FASTLY)
1	2600:141b:1c0... 2600:141b:1c00:6::17df:d10e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2620:116:800b... 2620:116:800b:21:c1e8:5385:5098:6bf0	14618 (AMAZON-AES) (AMAZON-AES)
2	2a04:4e42:400... 2a04:4e42:400::84	54113 (FASTLY) (FASTLY)
8	104.19.148.8 104.19.148.8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.115.149 108.138.115.149	16509 (AMAZON-02) (AMAZON-02)
2	157.240.241.1 157.240.241.1	32934 (FACEBOOK) (FACEBOOK)
5	18.238.55.127 18.238.55.127	16509 (AMAZON-02) (AMAZON-02)
2	3.168.122.30 3.168.122.30	16509 (AMAZON-02) (AMAZON-02)
4	52.45.216.149 52.45.216.149	14618 (AMAZON-AES) (AMAZON-AES)
1	52.85.61.96 52.85.61.96	16509 (AMAZON-02) (AMAZON-02)
1	52.7.151.245 52.7.151.245	14618 (AMAZON-AES) (AMAZON-AES)
1	104.16.117.43 104.16.117.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.142.80 35.244.142.80	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.173.219.88 18.173.219.88	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:1eb0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.164.124.2 18.164.124.2	16509 (AMAZON-02) (AMAZON-02)
2	34.210.202.206 34.210.202.206	16509 (AMAZON-02) (AMAZON-02)
1	52.2.105.52 52.2.105.52	14618 (AMAZON-AES) (AMAZON-AES)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1 2	98.82.157.231 98.82.157.231	14618 (AMAZON-AES) (AMAZON-AES)
2	2001:4860:480... 2001:4860:4802:34::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c0b::9a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
5	142.250.64.99 142.250.64.99	15169 (GOOGLE) (GOOGLE)
5	152.199.2.76 152.199.2.76	15133 (EDGECAST) (EDGECAST)
1	172.66.0.227 172.66.0.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1 2	172.217.165.134 172.217.165.134	15169 (GOOGLE) (GOOGLE)
1	142.250.80.102 142.250.80.102	15169 (GOOGLE) (GOOGLE)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 7	142.251.40.130 142.251.40.130	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21d... 2600:9000:21dd:6200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	23.56.163.34 23.56.163.34	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:1f16:19a... 2600:1f16:19a4:102:edbb:8c6b:d27b:1918	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.244.154.8 35.244.154.8	15169 (GOOGLE) (GOOGLE)
1	13.226.94.12 13.226.94.12	16509 (AMAZON-02) (AMAZON-02)
2	13.226.34.111 13.226.34.111	16509 (AMAZON-02) (AMAZON-02)
7	2600:1f18:e8a... 2600:1f18:e8a:cd04:9b88:a313:d24d:af44	14618 (AMAZON-AES) (AMAZON-AES)
1	52.71.121.170 52.71.121.170	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:1901:1:7... 2600:1901:1:7c5::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	151.101.65.91 151.101.65.91	54113 (FASTLY) (FASTLY)
2 4	142.250.64.68 142.250.64.68	15169 (GOOGLE) (GOOGLE)
1	192.184.68.254 192.184.68.254	14618 (AMAZON-AES) (AMAZON-AES)
1	50.17.167.46 50.17.167.46	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:251... 2600:9000:2511:5400:1d:8d6d:3b40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	142.250.81.232 142.250.81.232	15169 (GOOGLE) (GOOGLE)
1 2	142.251.41.2 142.251.41.2	15169 (GOOGLE) (GOOGLE)
2	18.116.104.186 18.116.104.186	16509 (AMAZON-02) (AMAZON-02)
2	35.81.173.170 35.81.173.170	16509 (AMAZON-02) (AMAZON-02)
1	35.81.162.201 35.81.162.201	16509 (AMAZON-02) (AMAZON-02)
3 3	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	54.245.46.233 54.245.46.233	16509 (AMAZON-02) (AMAZON-02)
1 1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 3	54.92.238.32 54.92.238.32	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:21d... 2600:9000:21dd:ca00:1f:5843:a6c0:21	16509 (AMAZON-02) (AMAZON-02)
182	72

34 104.17.72.206 (None, )

ASN13335 (CLOUDFLARENET, US)

go.paycor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

client-registry.mutinycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:29af (United States)

ASN13335 (CLOUDFLARENET, US)

assets.calendly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f6cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.192.29.241 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-29-241.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80f::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.139.119 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:2588::523 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.49.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-70.jfk52.r.cloudfront.net

ob.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:33:2::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:6::17df:d10e (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800b:21:c1e8:5385:5098:6bf0 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.19.148.8 (None, )

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.115.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-115-149.jfk50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.241.1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.238.55.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-127.jfk52.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.168.122.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-168-122-30.jfk52.r.cloudfront.net

solutions.invocacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.45.216.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-216-149.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.61.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-96.ewr53.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.7.151.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-151-245.compute-1.amazonaws.com

dx.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.117.43 (None, )

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.219.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-219-88.jfk52.r.cloudfront.net

static.oktopost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1eb0 (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.124.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-2.jfk50.r.cloudfront.net

visitor.technologyadvice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.210.202.206 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-202-206.us-west-2.compute.amazonaws.com

tvspix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.2.105.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-105-52.compute-1.amazonaws.com

arttrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

003-jww-697.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.82.157.231 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-82-157-231.compute-1.amazonaws.com

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c0b::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:824::2002 (United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.64.99 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f3.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 152.199.2.76 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.0.227 (United States)

ASN13335 (CLOUDFLARENET, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.165.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lax30s03-in-f6.1e100.net

9675597.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.102 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.40.130 (Queens, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21dd:6200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.56.163.34 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-163-34.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f16:19a4:102:edbb:8c6b:d27b:1918 (Columbus, United States)

ASN16509 (AMAZON-02, US)

capig.paycor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.154.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.94.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-94-12.jfk52.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.34.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-111.ewr53.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.71.121.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-121-170.compute-1.amazonaws.com

52.71.121.170	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:1:7c5:: (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

pixels.spotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

link.technologyadvice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.64.68 (Plainview, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s30-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.184.68.254 (United States)

ASN14618 (AMAZON-AES, US)

pixel-ssn.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.17.167.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-167-46.compute-1.amazonaws.com

pnapi.invoca.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2511:5400:1d:8d6d:3b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag-logger.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.81.232 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.41.2 (Queens, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.116.104.186 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-116-104-186.us-east-2.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.81.173.170 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-173-170.us-west-2.compute.amazonaws.com

px.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.81.162.201 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-162-201.us-west-2.compute.amazonaws.com

gs.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.40.198 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.245.46.233 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-245-46-233.us-west-2.compute.amazonaws.com

px.steelhousemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.92.238.32 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-92-238-32.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21dd:ca00:1f:5843:a6c0:21 (United States)

ASN16509 (AMAZON-02, US)

d1p0q2ti3pe3kr.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	paycor.com go.paycor.com — Cisco Umbrella Rank: 114341 capig.paycor.com — Cisco Umbrella Rank: 46122	384 KB
13	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 136 td.doubleclick.net — Cisco Umbrella Rank: 192 9675597.fls.doubleclick.net — Cisco Umbrella Rank: 137667 ad.doubleclick.net — Cisco Umbrella Rank: 150 googleads.g.doubleclick.net — Cisco Umbrella Rank: 42	6 KB
10	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2568 tracking.crazyegg.com — Cisco Umbrella Rank: 4786	225 KB
8	cheqzone.com ob.cheqzone.com — Cisco Umbrella Rank: 24554 obs.cheqzone.com — Cisco Umbrella Rank: 9626	42 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	509 KB
6	google.com 2 redirects analytics.google.com — Cisco Umbrella Rank: 147 www.google.com — Cisco Umbrella Rank: 3	176 B
6	bing.com bat.bing.com — Cisco Umbrella Rank: 348	16 KB
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	26 KB
5	google.ca www.google.ca — Cisco Umbrella Rank: 12143	319 B
5	driftt.com js.driftt.com — Cisco Umbrella Rank: 6590	71 KB
5	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1955 ka-f.fontawesome.com — Cisco Umbrella Rank: 5838	101 KB
4	adsrvr.org 4 redirects match.adsrvr.org — Cisco Umbrella Rank: 373 insight.adsrvr.org — Cisco Umbrella Rank: 945	2 KB
4	company-target.com s.company-target.com — Cisco Umbrella Rank: 1520 segments.company-target.com — Cisco Umbrella Rank: 1534 api.company-target.com — Cisco Umbrella Rank: 4087	2 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	4 KB
4	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 930	3 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 321 px4.ads.linkedin.com — Cisco Umbrella Rank: 6828	2 KB
4	bizible.com cdn.bizible.com — Cisco Umbrella Rank: 9266	26 KB
4	mountain.com dx.mountain.com — Cisco Umbrella Rank: 4802 px.mountain.com — Cisco Umbrella Rank: 5019 gs.mountain.com — Cisco Umbrella Rank: 9568	9 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 2579	10 KB
3	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 243	2 KB
3	technologyadvice.com visitor.technologyadvice.com — Cisco Umbrella Rank: 300580 link.technologyadvice.com — Cisco Umbrella Rank: 138979	2 KB
3	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 345 s.amazon-adsystem.com — Cisco Umbrella Rank: 352	8 KB
3	quantserve.com 1 redirects secure.quantserve.com — Cisco Umbrella Rank: 1471 pixel.quantserve.com — Cisco Umbrella Rank: 1044 pixel-ssn.quantserve.com — Cisco Umbrella Rank: 45226	11 KB
3	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3657	8 KB
2	cloudfront.net d1p0q2ti3pe3kr.cloudfront.net	2 KB
2	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 89	3 KB
2	spotify.com pixels.spotify.com — Cisco Umbrella Rank: 3275	271 B
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 812	773 B
2	tvspix.com tvspix.com — Cisco Umbrella Rank: 11465	387 B
2	g2crowd.com tracking.g2crowd.com — Cisco Umbrella Rank: 8252	2 KB
2	demandbase.com tag.demandbase.com — Cisco Umbrella Rank: 5931 tag-logger.demandbase.com — Cisco Umbrella Rank: 5266	18 KB
2	invocacdn.com solutions.invocacdn.com — Cisco Umbrella Rank: 5767	40 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	150 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 982	25 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 797	118 KB
2	calendly.com assets.calendly.com — Cisco Umbrella Rank: 14136	7 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 311	19 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3270	44 KB
1	steelhousemedia.com px.steelhousemedia.com — Cisco Umbrella Rank: 13137	319 B
1	invoca.net pnapi.invoca.net — Cisco Umbrella Rank: 6381	276 B
1	bizibly.com cdn.bizibly.com — Cisco Umbrella Rank: 13274	168 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1501	2 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 962	390 B
1	t.co t.co — Cisco Umbrella Rank: 859	628 B
1	mktoresp.com 003-jww-697.mktoresp.com — Cisco Umbrella Rank: 142385	318 B
1	arttrk.com arttrk.com — Cisco Umbrella Rank: 4993	131 B
1	oktopost.com static.oktopost.com — Cisco Umbrella Rank: 37857	4 KB
1	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 3973	22 KB
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4482	2 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 784	14 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 960	15 KB
1	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 2653	27 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 791	31 KB
1	mutinycdn.com client-registry.mutinycdn.com — Cisco Umbrella Rank: 18603	18 KB
0	okt.to Failed okt.to Failed
182	55

	Domain	Requested by
34	go.paycor.com	go.paycor.com
8	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
7	obs.cheqzone.com	ob.cheqzone.com go.paycor.com cdn.bizible.com
7	www.googletagmanager.com	go.paycor.com www.googletagmanager.com
6	bat.bing.com	www.googletagmanager.com bat.bing.com go.paycor.com
6	cdnjs.cloudflare.com	go.paycor.com cdnjs.cloudflare.com
5	www.google.ca	go.paycor.com
5	td.doubleclick.net	www.googletagmanager.com
5	js.driftt.com	go.paycor.com js.driftt.com
4	www.google.com	2 redirects go.paycor.com
4	www.facebook.com	go.paycor.com
4	ct.pinterest.com	s.pinimg.com
4	googleads.g.doubleclick.net	2 redirects www.googletagmanager.com
4	cdn.bizible.com	go.paycor.com cdn.bizible.com
4	tags.srv.stackadapt.com	go.paycor.com tags.srv.stackadapt.com cdn.bizible.com
4	ka-f.fontawesome.com	kit.fontawesome.com go.paycor.com
3	dpm.demdex.net	2 redirects go.paycor.com
3	match.adsrvr.org	3 redirects
3	px.ads.linkedin.com	1 redirects snap.licdn.com cdn.bizible.com
3	munchkin.marketo.net	go.paycor.com munchkin.marketo.net www.googletagmanager.com
2	d1p0q2ti3pe3kr.cloudfront.net
2	px.mountain.com	dx.mountain.com px.mountain.com
2	tracking.crazyegg.com	script.crazyegg.com
2	www.googleadservices.com	1 redirects www.googletagmanager.com
2	link.technologyadvice.com	visitor.technologyadvice.com
2	pixels.spotify.com	cdn.pdst.fm
2	api.company-target.com	tag.demandbase.com js.driftt.com
2	id.rlcdn.com	2 redirects
2	capig.paycor.com	connect.facebook.net cdn.bizible.com
2	9675597.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	analytics.google.com	www.googletagmanager.com
2	s.amazon-adsystem.com	1 redirects go.paycor.com
2	tvspix.com	go.paycor.com
2	tracking.g2crowd.com	go.paycor.com tracking.g2crowd.com
2	solutions.invocacdn.com	go.paycor.com solutions.invocacdn.com
2	connect.facebook.net	go.paycor.com connect.facebook.net
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	unpkg.com	1 redirects go.paycor.com
2	assets.calendly.com	go.paycor.com
2	cdn.jsdelivr.net	go.paycor.com
2	stackpath.bootstrapcdn.com	go.paycor.com
1	insight.adsrvr.org	1 redirects
1	px.steelhousemedia.com	go.paycor.com
1	gs.mountain.com	px.mountain.com
1	tag-logger.demandbase.com	cdn.bizible.com
1	pnapi.invoca.net	solutions.invocacdn.com
1	pixel-ssn.quantserve.com	go.paycor.com
1	pixel.quantserve.com	1 redirects
1	cdn.bizibly.com	go.paycor.com
1	segments.company-target.com	go.paycor.com
1	s.company-target.com	tag.demandbase.com
1	rules.quantcount.com	secure.quantserve.com
1	px4.ads.linkedin.com	go.paycor.com
1	ad.doubleclick.net	go.paycor.com
1	analytics.twitter.com	go.paycor.com
1	t.co	go.paycor.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	003-jww-697.mktoresp.com	munchkin.marketo.net
1	arttrk.com	go.paycor.com
1	visitor.technologyadvice.com	go.paycor.com
1	static.oktopost.com	go.paycor.com
1	cdn.pdst.fm	go.paycor.com
1	ws.zoominfo.com	go.paycor.com
1	dx.mountain.com	go.paycor.com
1	tag.demandbase.com	go.paycor.com
1	c.amazon-adsystem.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	ob.cheqzone.com	www.googletagmanager.com
1	res.cloudinary.com	go.paycor.com
1	code.jquery.com	go.paycor.com
1	kit.fontawesome.com	go.paycor.com
1	client-registry.mutinycdn.com	go.paycor.com
0	okt.to Failed	static.oktopost.com
182	75

This site contains links to these domains. Also see Links.

Domain
www.paycor.com
www.facebook.com
twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
go.paycor.com Cloudflare Inc ECC CA-3	`2024-03-08` - `2024-12-31`	10 months	crt.sh
client-registry.mutinycdn.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-06` - `2025-04-07`	a year	crt.sh
bootstrapcdn.com WE1	`2024-09-20` - `2024-12-19`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-01-27`	6 months	crt.sh
calendly.com E5	`2024-09-26` - `2024-12-25`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
*.google-analytics.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
ka-f.fontawesome.com WE1	`2024-08-29` - `2024-11-27`	3 months	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2023-12-18` - `2025-01-13`	a year	crt.sh
*.cheqzone.com Amazon RSA 2048 M02	`2023-11-23` - `2024-12-20`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
quantserve.com R11	`2024-10-22` - `2025-01-20`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-05` - `2025-08-07`	a year	crt.sh
script.crazyegg.com Cloudflare Inc ECC CA-3	`2024-08-02` - `2024-12-31`	5 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-01` - `2024-10-30`	3 months	crt.sh
drift.com Amazon RSA 2048 M03	`2024-07-30` - `2025-08-27`	a year	crt.sh
invocacdn.com Amazon RSA 2048 M02	`2024-08-23` - `2025-09-21`	a year	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M03	`2024-08-09` - `2025-09-06`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2024-08-27` - `2025-09-28`	a year	crt.sh
*.mountain.com Go Daddy Secure Certificate Authority - G2	`2024-05-23` - `2025-06-24`	a year	crt.sh
zoominfo.com E5	`2024-10-12` - `2025-01-10`	3 months	crt.sh
cdn.pdst.fm WR3	`2024-09-13` - `2024-12-12`	3 months	crt.sh
*.oktopost.com Amazon RSA 2048 M02	`2024-07-29` - `2025-08-28`	a year	crt.sh
g2crowd.com WE1	`2024-10-19` - `2025-01-17`	3 months	crt.sh
visitor.technologyadvice.com Amazon RSA 2048 M02	`2024-10-15` - `2025-11-13`	a year	crt.sh
tvspix.com Amazon RSA 2048 M03	`2024-03-25` - `2025-04-24`	a year	crt.sh
adxcel-ec2.com Amazon RSA 2048 M02	`2024-08-19` - `2025-09-17`	a year	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-15` - `2025-09-15`	a year	crt.sh
*.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.doubleclick.net WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.google.ca WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
io.bizible.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-07` - `2025-07-08`	a year	crt.sh
t.co E5	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-07` - `2025-10-06`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-10-14` - `2025-04-14`	6 months	crt.sh
capig.paycor.com Amazon RSA 2048 M03	`2024-08-14` - `2025-09-13`	a year	crt.sh
*.company-target.com R10	`2024-10-14` - `2025-01-12`	3 months	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2024-08-13` - `2025-09-14`	a year	crt.sh
52.71.121.170 Sectigo RSA Domain Validation Secure Server CA	`2024-01-24` - `2025-02-12`	a year	crt.sh
*.spotify.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-05` - `2025-02-04`	a year	crt.sh
technologyadvice.com R10	`2024-10-10` - `2025-01-08`	3 months	crt.sh
invoca.net Amazon RSA 2048 M03	`2024-08-23` - `2025-09-21`	a year	crt.sh
*.demandbase.com Amazon RSA 2048 M02	`2024-06-10` - `2025-07-08`	a year	crt.sh
crazyegg.com Amazon RSA 2048 M02	`2024-06-30` - `2025-07-30`	a year	crt.sh
*.googleadservices.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://go.paycor.com/nfl-ticket-sweepstakes.html
Frame ID: F87929D8C38D340F3F477DCB6E0B1B7F
Requests: 166 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fgo.paycor.com
Frame ID: 62829DCCDC94E8C477247FB1D6E06FA3
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-RL28C8SB39&gacid=872197903.1729696318&gtm=45je4ah0v889089799z872782260za200zb72782260&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533421~101686685~101823847&z=118939148
Frame ID: 006D6E26A1AB457DF0C6F83B78FDBC48
Requests: 1 HTTP requests in this frame

Frame: https://9675597.fls.doubleclick.net/activityi;dc_pre=CIfelvXkpIkDFewU-QAdJpQhXQ;src=9675597;type=audie0;cat=gener0;ord=1;num=4225707379174;npa=0;auiddc=1449276670.1729696318;ps=1;pcor=642624584;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9189988387z872782260za201zb72782260;gcd=13l3l3l3l1l1;dma=0;tag_exp=101686685~101823848;epver=2;~oref=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html
Frame ID: 77068C6673966A3F22100EFE3334EBF7
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=9675597;type=audie0;cat=gener0;ord=1;num=4225707379174;npa=0;auiddc=1449276670.1729696318;ps=1;pcor=642624584;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9189988387z872782260za201zb72782260;gcd=13l3l3l3l1l1;dma=0;tag_exp=101686685~101823848;epver=2;~oref=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html
Frame ID: B34A835FBC9E3DD9FD3A4EDF0E4E4BA1
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/977439273?random=1729696318615&cv=11&fst=1729696318615&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0h2z872782260za201zb72782260&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&hn=www.googleadservices.com&frm=0&tiba=Meet%20with%20Paycor%20Today&npa=0&pscdl=noapi&auid=1449276670.1729696318&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 8ABA630ADF58C68BAFFD73C8D3F414EE
Requests: 1 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: 414C0DAEA08D5D9A4BB6572DFEC67823
Requests: 1 HTTP requests in this frame

Frame: https://script.crazyegg.com/pages/data-scripts/0063/4307/sampling/go.paycor.com.json?t=1
Frame ID: 9345429849F0876FDE5876DE7CFBADEE
Requests: 2 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/944830538?random=1729696319303&cv=11&fst=1729696319303&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v872632945za200zb72782260&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101794736~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&hn=www.googleadservices.com&frm=0&tiba=Meet%20with%20Paycor%20Today&npa=0&pscdl=noapi&auid=1449276670.1729696318&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: A86997049E39D1849F29A1B0D0C669A3
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/944830538?random=1729696319355&cv=11&fst=1729696319355&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v872632945za200zb72782260&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101794736~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&label=2-KlCJmi_9MZEMrww8ID&hn=www.googleadservices.com&frm=0&tiba=Meet%20with%20Paycor%20Today&gtm_ee=1&npa=0&pscdl=noapi&auid=1449276670.1729696318&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&ct_cookie_present=0
Frame ID: 37BBE1586487A48590B38F15AC56B54E
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=z4ywmf9vceea&eId=z4ywmf9vceea&region=US&forceShow=false&skipCampaigns=false&sessionId=8094f043-8b87-46ee-823b-20d1a870d132&sessionStarted=1729696320.901&campaignRefreshToken=d417d0fc-0507-4618-a448-3a8b55d42da1&hideController=false&pageLoadStartTime=1729696317666&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html
Frame ID: D12437316A36ED478C87BE40F4830D1F
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1729696317666
Frame ID: 7030CCD35C71AF5AC711C65F45111088
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 01C93C1C27F339C187F6453B523D52F8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

(2) New Messages!

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

182
Requests

95 %
HTTPS

31 %
IPv6

55
Domains

75
Subdomains

72
IPs

2
Countries

2027 kB
Transfer

5571 kB
Size

80
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.paycor.com/services-support/
Title: Looking for Customer Support?

Search URL Search Domain Scan URL

URL: https://www.paycor.com/resource-center/case-studies/cincinnati-bengals/
Title: Cincinnati Bengals

Search URL Search Domain Scan URL

URL: https://www.paycor.com/company/news-press/paycor-announced-as-the-official-human-resources-payroll-software-partner-of-the-miami-dolphins/
Title: Miami Dolphins

Search URL Search Domain Scan URL

URL: https://www.paycor.com/nfl-sweepstakes-terms-and-conditions/
Title: here

Search URL Search Domain Scan URL

URL: https://www.facebook.com/paycor

Search URL Search Domain Scan URL

URL: https://twitter.com/paycorinc

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/paycor

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP 302
https://unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js

Request Chain 87

https://s.amazon-adsystem.com/iu3?pid=2edf3ac0-e411-433d-99b3-43c23a52c9c7&event=PageView&gtmVersion=3.5&ts=1729696318369 HTTP 302
https://s.amazon-adsystem.com/iu3?pid=2edf3ac0-e411-433d-99b3-43c23a52c9c7&event=PageView&gtmVersion=3.5&ts=1729696318369&dcc=t

Request Chain 97

https://9675597.fls.doubleclick.net/activityi;src=9675597;type=audie0;cat=gener0;ord=1;num=4225707379174;npa=0;auiddc=1449276670.1729696318;ps=1;pcor=642624584;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9189988387z872782260za201zb72782260;gcd=13l3l3l3l1l1;dma=0;tag_exp=101686685~101823848;epver=2;~oref=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html HTTP 302
https://9675597.fls.doubleclick.net/activityi;dc_pre=CIfelvXkpIkDFewU-QAdJpQhXQ;src=9675597;type=audie0;cat=gener0;ord=1;num=4225707379174;npa=0;auiddc=1449276670.1729696318;ps=1;pcor=642624584;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9189988387z872782260za201zb72782260;gcd=13l3l3l3l1l1;dma=0;tag_exp=101686685~101823848;epver=2;~oref=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html

Request Chain 101

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=10318&time=1729696318601&li_adsId=12055420-9ffc-4be4-9269-1eb720a247f3&url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=10318&time=1729696318601&li_adsId=12055420-9ffc-4be4-9269-1eb720a247f3&url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&e_ipv6=AQIcCXEmqWYoKAAAAZK570UTNAq3WWEGSE6YoHWe5Wstx1VNFApUamscdqRnQ4n9S-z5cdLI

Request Chain 110

https://id.rlcdn.com/464526.gif HTTP 307
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCL6k5LgGEgUI6AcQAEIASgA HTTP 307
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297vpLH7fAvvzfS5Cr1e-YANgfYrIH2vQAv9YU61mC5K9o

Request Chain 129

https://pixel.quantserve.com/pixel;r=1610650688;source=gtm;event=refresh;labels=_fp.event.Default;rf=0;a=p-c3PEYhkDwHV7g;url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html;ns=0;ce=1;qjs=1;qv=fd657345-20240925114642;ref=;d=paycor.com;dst=1;et=1729696319015;tzo=420;ogl=;ses=22523007-fd4f-4610-a90d-145401d39f93;uht=2;fpan=1;fpa=P0-234378685-1729696318677;pbc=;cm=undefined;gdpr=0;mdl= HTTP 302
https://pixel-ssn.quantserve.com/pixel;r=1610650688;source=gtm;event=refresh;labels=_fp.event.Default;rf=0;a=p-c3PEYhkDwHV7g;url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html;ns=0;ce=1;qjs=1;qv=fd657345-20240925114642;ref=;d=paycor.com;dst=1;et=1729696319015;tzo=420;ogl=;ses=22523007-fd4f-4610-a90d-145401d39f93;uht=2;fpan=1;fpa=P0-234378685-1729696318677;pbc=;cm=undefined;gdpr=0;mdl=;dip=96272948-1aa5-46cc-a21d-34d53159c31a

Request Chain 142

https://www.googleadservices.com/pagead/conversion/944830538/?label=2-KlCJmi_9MZEMrww8ID&guid=ON&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944830538/?label=2-KlCJmi_9MZEMrww8ID&guid=ON&script=0&ct_cookie_present=false&random=1413875483&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIxJm09eSkiQMVcQpoCB395C-qMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2dvLnBheWNvci5jb20v HTTP 302
https://www.google.com/pagead/1p-conversion/944830538/?label=2-KlCJmi_9MZEMrww8ID&guid=ON&script=0&ct_cookie_present=false&random=1413875483&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIxJm09eSkiQMVcQpoCB395C-qMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2dvLnBheWNvci5jb20v&is_vtc=1&cid=CAQSKQDpaXnfhioe2RHfogKUJOk2CVKeG-AomLgOkTozdxniQUh4I2JtXPCf&random=2694079061 HTTP 302
https://www.google.ca/pagead/1p-conversion/944830538/?label=2-KlCJmi_9MZEMrww8ID&guid=ON&script=0&ct_cookie_present=false&random=1413875483&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIxJm09eSkiQMVcQpoCB395C-qMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2dvLnBheWNvci5jb20v&is_vtc=1&cid=CAQSKQDpaXnfhioe2RHfogKUJOk2CVKeG-AomLgOkTozdxniQUh4I2JtXPCf&random=2694079061&ipr=y

Request Chain 157

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944830538/?random=80073439&cv=11&fst=1729696319355&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v872632945za200zb72782260&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101794736~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&label=2-KlCJmi_9MZEMrww8ID&hn=www.googleadservices.com&frm=0&tiba=Meet%20with%20Paycor%20Today&gtm_ee=1&npa=0&pscdl=noapi&auid=1449276670.1729696318&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECSixub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI7cq-9eSkiQMVyCdoCB0ENAqCMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2dvLnBheWNvci5jb20vQlhDaEVJOEwzaXVBWVFxc0h4b1BpNTlabnlBUkl0QUlYRVI0YkVqOHFacG1DYW1MRUhVbFROYWswYTVPQXZqMXBDRGRVY0U0UlBRcURJbUZMVFJhanJVcUxm HTTP 302
https://www.google.com/pagead/1p-conversion/944830538/?random=80073439&cv=11&fst=1729696319355&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v872632945za200zb72782260&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101794736~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&label=2-KlCJmi_9MZEMrww8ID&hn=www.googleadservices.com&frm=0&tiba=Meet%20with%20Paycor%20Today&gtm_ee=1&npa=0&pscdl=noapi&auid=1449276670.1729696318&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECSixub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI7cq-9eSkiQMVyCdoCB0ENAqCMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2dvLnBheWNvci5jb20vQlhDaEVJOEwzaXVBWVFxc0h4b1BpNTlabnlBUkl0QUlYRVI0YkVqOHFacG1DYW1MRUhVbFROYWswYTVPQXZqMXBDRGRVY0U0UlBRcURJbUZMVFJhanJVcUxm&is_vtc=1&cid=CAQSKQDpaXnfbu4q_GFFaBzMhVCr0F5NRYAb_CU9AddAr1P_sXtoDd2e3Nf0&random=4131367073 HTTP 302
https://www.google.ca/pagead/1p-conversion/944830538/?random=80073439&cv=11&fst=1729696319355&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v872632945za200zb72782260&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101794736~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&label=2-KlCJmi_9MZEMrww8ID&hn=www.googleadservices.com&frm=0&tiba=Meet%20with%20Paycor%20Today&gtm_ee=1&npa=0&pscdl=noapi&auid=1449276670.1729696318&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECSixub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI7cq-9eSkiQMVyCdoCB0ENAqCMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2dvLnBheWNvci5jb20vQlhDaEVJOEwzaXVBWVFxc0h4b1BpNTlabnlBUkl0QUlYRVI0YkVqOHFacG1DYW1MRUhVbFROYWswYTVPQXZqMXBDRGRVY0U0UlBRcURJbUZMVFJhanJVcUxm&is_vtc=1&cid=CAQSKQDpaXnfbu4q_GFFaBzMhVCr0F5NRYAb_CU9AddAr1P_sXtoDd2e3Nf0&random=4131367073&ipr=y

Request Chain 165

https://match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=2673daaf-9151-11ef-bc8e-15590d0e4dd9&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=2673daaf-9151-11ef-bc8e-15590d0e4dd9&gdpr=&gdpr_consent= HTTP 302
https://px.steelhousemedia.com/tdsync?tdid=f467de59-e4f8-4861-971e-78037a0bfdba&shguid=2673daaf-9151-11ef-bc8e-15590d0e4dd9

Request Chain 166

https://insight.adsrvr.org/track/evnt/?adv=tghvfxd&ct=0:czl5olp&fmt=3 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=2c5faf07-a303-4313-8a68-c98de8340f97&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=2c5faf07-a303-4313-8a68-c98de8340f97&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=f467de59-e4f8-4861-971e-78037a0bfdba

182 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request nfl-ticket-sweepstakes.html Show response
go.paycor.com/ 82 KB
18 KB 158ms
68ms Document
text/html 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac1619cd018fd734b52a030c05f18127a70c698b409a0207d4b71d93ca646690

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: stale-while-revalidate=60, max-age=300, public
cf-cache-status: DYNAMIC
cf-ray: 8d72a9a10cd636a2-YYZ
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 23 Oct 2024 15:11:57 GMT
p3p: CP="CAO CURa ADMa DEVa TAIa OUR IND UNI COM NAV INT"
server: cloudflare
vary: *,Accept-Encoding
x-asset-type: LP
x-cache-status: HIT
x-content-type-options: nosniff
x-mkto-nginx-cache: true

GET
H2 200 3c0acc200eb5c35d.js Show response
client-registry.mutinycdn.com/personalize/client/ 55 KB
18 KB 75ms
18ms Script
application/javascript 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://client-registry.mutinycdn.com/personalize/client/3c0acc200eb5c35d.js
Requested by: Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 78ea38b557e8d6b7de2441e3eaa054ec2db3fc5ad287cdb0f41bf16b85868838

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
etag: "fd8ce9b6e4690a250ec63a140b6534ce"
x-amz-version-id: aoPRWOBG00iNoKVFC6hMcf7ys5aHqSdw
age: 996
access-control-allow-methods: GET, HEAD
x-cache: HIT
x-country-code: CA
date: Wed, 23 Oct 2024 15:11:57 GMT
last-modified: Wed, 23 Oct 2024 13:42:17 GMT
content-type: application/javascript
x-served-by: cache-yul1970080-YUL
x-cache-hits: 0
x-amz-id-2: TYcDja4C5KpOLD9tUDiM2rxa5JEzGCPPiySlgIByoPcZ5lioSzMbbnBsvDKVereN/rruPRg10HBCPhdlTcbw/N3GbfspGYqx
x-edge-datacenter: YUL
vary: X-Continent-Code, Accept-Encoding
cache-control: s-maxage=3600, max-age=0
x-continent-code: NA
x-connection-speed: broadband
via: 1.1 varnish
x-amz-request-id: ZF3V95KWRZJDBES8
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17465
x-edge-region: North-America
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
28 KB 87ms
43ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://go.paycor.com
Referer: https://go.paycor.com/

Response headers

cdn-status: 200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"a15c2ac3234aa8f6064ef9c1f7383c37"
age: 11337
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 15:11:57 GMT
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 12/12/2023 01:20:55
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 021044b363eef32502c2ae1bbcaedb8c
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8d72a9a1ce16ab60-YYZ
access-control-allow-origin: *
cdn-edgestorageid: 1070
server: cloudflare
cdn-requestcountrycode: US

GET
H2 200 bootstrap-select.min.css
cdn.jsdelivr.net/npm/bootstrap-select@1.13.14/dist/css/ 11 KB
3 KB 72ms
16ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-select@1.13.14/dist/css/bootstrap-select.min.css

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

69279bee49c5f3502f7a3f07358da1562cc0a10d57e8a56cfc0f8977d367c99f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"2b70-ygnBz6wOQ/YNsvCEV2jKpYOM7Ks"
age: 2283085
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230069-FRA, cache-yul1970029-YUL
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2330
x-jsd-version: 1.13.14

GET
H2 200 contactTemplate.css
go.paycor.com/rs/003-JWW-697/images/ 16 KB
4 KB 106ms
102ms Stylesheet
text/css 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.paycor.com/rs/003-JWW-697/images/contactTemplate.css

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c1861dda6c9144cd64df5c984f62504a586581e894f7d0ead33980d831c55dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

cache-control: public, max-age=60
content-encoding: gzip
cf-cache-status: HIT
etag: "1813c9-408a-623b1907b8932"
x-content-type-options: nosniff
cf-ray: 8d72a9a19d7f36a2-YYZ
expires: Wed, 23 Oct 2024 15:12:57 GMT
accept-ranges: bytes
content-length: 3468
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: text/css
last-modified: Sat, 05 Oct 2024 02:30:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 2 KB
1 KB 76ms
36ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick-theme.min.css

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "65999b42-28f"
age: 577093
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LpUbo6dAi7dQchXFbwLxIeDpgWw1DZWIIUhbJDKbADYDYGGCiXHlXxV8dOARew8tvcknVrdmj9VRv8Lw4Zk4YzMvIiO1MBv2QgzslFhqY0PEJfkSUaNJhusGdD4qKcaQy1CkyC6k"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 13 Oct 2025 15:11:57 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 06 Jan 2024 19:26:10 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d72a9a1cd17b400-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 655
server: cloudflare

GET
H3 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 1 KB
1015 B 75ms
35ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.css

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "65999b45-18a"
age: 1842959
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=45aBMucLkpQqyPYubCWhKGPTnswF3MvwsZHC0tXgLLEad6iexmM%2BW34Xfl5bvHeSvWfgyOc8iPzgWqxZgg0Tg5bT6K7qnseoICUYRJii7e0WWkGB6lR%2BuiQ9o%2FYXI6e3gb9gPdRe"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 13 Oct 2025 15:11:57 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 06 Jan 2024 19:26:13 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d72a9a1cd1ab400-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 394
server: cloudflare

GET
H2 200 49b7a41772.js Show response
kit.fontawesome.com/ 13 KB
5 KB 123ms
68ms Script
text/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/49b7a41772.js
Requested by: Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e740d16c9a7624cbed2ff505ef8f2fb3114ade3dcabc942638369e719df90557

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://go.paycor.com
Referer: https://go.paycor.com/

Response headers

access-control-max-age: 3000
x-request-id: F_9a2qh9g9MTN3ZQxhRh
cache-control: max-age=60, public, stale-while-revalidate=30
content-encoding: gzip
cf-cache-status: REVALIDATED
access-control-allow-methods: GET, OPTIONS
cf-ray: 8d72a9a1defca2e6-YUL
access-control-allow-origin: *
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: text/javascript
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
server: cloudflare
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 widget.css
assets.calendly.com/assets/external/ 2 KB
1 KB 142ms
57ms Stylesheet
text/css 2606:4700:4400::6812:29af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.calendly.com/assets/external/widget.css

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:29af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e26474ab34af92aa853fbf500ef24f7686f3be953699d92f7295e292205fd836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"37862f74b0570347dff098154957ac17"
age: 186
cf-bgj: minify
x-content-type-options: nosniff
expires: Thu, 24 Oct 2024 15:11:57 GMT
cf-polished: origSize=3469
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: text/css
last-modified: Mon, 21 Oct 2024 22:38:16 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=300
cf-ray: 8d72a9a20d4da251-YUL
server: cloudflare

GET
H2 200 forms.js Show response
assets.calendly.com/assets/external/ 16 KB
5 KB 98ms
88ms Script
text/javascript 2606:4700:4400::6812:29af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.calendly.com/assets/external/forms.js

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:29af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4498e72f4b8b58343fa475208a5e12460f989572785e65a84967809dc1ad34a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=300
content-encoding: br
cf-cache-status: HIT
etag: W/"5324259c13329efce5a6c898d2f38e4f"
age: 110
cf-bgj: minify
x-content-type-options: nosniff
cf-ray: 8d72a9a28dd1a251-YUL
expires: Thu, 24 Oct 2024 15:11:57 GMT
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: text/javascript
last-modified: Tue, 22 Oct 2024 16:14:23 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 paycor_logo.svg
go.paycor.com/rs/003-JWW-697/images/ 6 KB
3 KB 133ms
131ms Image
image/svg+xml 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.paycor.com/rs/003-JWW-697/images/paycor_logo.svg

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18585ecbead42a4f77447d13d546e7d371a16f146ee43b715b080f17dddea098

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

cache-control: public, max-age=60
content-encoding: gzip
cf-cache-status: EXPIRED
etag: W/"1813ca-19f6-623b1907ba0a2"
x-content-type-options: nosniff
cf-ray: 8d72a9a19d8136a2-YYZ
expires: Wed, 23 Oct 2024 15:12:57 GMT
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: image/svg+xml
last-modified: Sat, 05 Oct 2024 02:30:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 Call_logo.svg
go.paycor.com/rs/003-JWW-697/images/ 3 KB
2 KB 108ms
106ms Image
image/svg+xml 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.paycor.com/rs/003-JWW-697/images/Call_logo.svg

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92f211356f06c6c42c98958af7b473d13278660f2e10e8cc9f38662d59d66bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

cache-control: public, max-age=60
content-encoding: gzip
cf-cache-status: EXPIRED
etag: W/"1813cb-ccb-623b190815d62"
x-content-type-options: nosniff
cf-ray: 8d72a9a19d8236a2-YYZ
expires: Wed, 23 Oct 2024 15:12:57 GMT
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: image/svg+xml
last-modified: Sat, 05 Oct 2024 02:30:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 forms2.min.js Show response
go.paycor.com/js/forms2/js/ 199 KB
66 KB 48ms
48ms Script
application/x-javascript 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.paycor.com/js/forms2/js/forms2.min.js

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0602c4fb1597b7e6e111fe79777e195cacbc73774fcaf233a7835b33372dceae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: "300dcd-31b91-62370c030d900"
age: 1462
x-content-type-options: nosniff
cf-ray: 8d72a9a23e1f36a2-YYZ
expires: Wed, 23 Oct 2024 19:11:57 GMT
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: application/x-javascript
last-modified: Tue, 01 Oct 2024 21:10:28 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 client-logo-desktop.png
go.paycor.com/rs/003-JWW-697/images/ 60 KB
60 KB 75ms
75ms Image
image/png 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.paycor.com/rs/003-JWW-697/images/client-logo-desktop.png

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f778b73ea945fa41e3ee45577832dae9e6e5058f2c96799605c66fd10c5c9f22

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

cache-control: public, max-age=60
cf-cache-status: EXPIRED
etag: "183878-f0a9-624365f516c31"
x-content-type-options: nosniff
cf-ray: 8d72a9a26e4936a2-YYZ
expires: Wed, 23 Oct 2024 15:12:57 GMT
accept-ranges: bytes
content-length: 61609
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: image/png
last-modified: Fri, 11 Oct 2024 16:56:46 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 client-logo-tablet.png
go.paycor.com/rs/003-JWW-697/images/ 60 KB
60 KB 97ms
84ms Image
image/png 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.paycor.com/rs/003-JWW-697/images/client-logo-tablet.png

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a633d1e78480ba635f17d5ea6826af8b1d9b80f7e7d626d517be1a8ffac0f18

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

cache-control: public, max-age=60
cf-cache-status: EXPIRED
etag: "1838a6-f0f7-624365f554491"
x-content-type-options: nosniff
cf-ray: 8d72a9a28e7436a2-YYZ
expires: Wed, 23 Oct 2024 15:12:57 GMT
accept-ranges: bytes
content-length: 61687
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: image/png
last-modified: Fri, 11 Oct 2024 16:56:46 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 client-logo-mobile.png
go.paycor.com/rs/003-JWW-697/images/ 22 KB
22 KB 85ms
77ms Image
image/png 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.paycor.com/rs/003-JWW-697/images/client-logo-mobile.png

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d909479887b720688f6be9e77f2dea88b218ce9edb097e728d1d4856fe3b097a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

cache-control: public, max-age=60
cf-cache-status: REVALIDATED
etag: "1813ce-5731-623b190871252"
x-content-type-options: nosniff
cf-ray: 8d72a9a28e7c36a2-YYZ
expires: Wed, 23 Oct 2024 15:12:57 GMT
accept-ranges: bytes
content-length: 22321
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: image/png
last-modified: Sat, 05 Oct 2024 02:30:01 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 detroit_zoo.png
go.paycor.com/rs/003-JWW-697/images/ 4 KB
4 KB 144ms
135ms Image
image/png 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.paycor.com/rs/003-JWW-697/images/detroit_zoo.png

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c15cd313c5ecb9116619a7c57f1e43c76e1b0df7a748ae7aa1eae1c1d3a69aa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

cache-control: public, max-age=60
cf-cache-status: REVALIDATED
etag: "1813cf-116d-623b1908c6d6b"
x-content-type-options: nosniff
cf-ray: 8d72a9a28e7d36a2-YYZ
expires: Wed, 23 Oct 2024 15:12:57 GMT
accept-ranges: bytes
content-length: 4461
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: image/png
last-modified: Sat, 05 Oct 2024 02:30:01 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 pure.png
go.paycor.com/rs/003-JWW-697/images/ 2 KB
2 KB 88ms
80ms Image
image/png 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.paycor.com/rs/003-JWW-697/images/pure.png

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

745c7a224abb99d9337983ace6f8906c0619eaf7b4188db5a5a5b396036c1f71

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

cache-control: public, max-age=60
cf-cache-status: REVALIDATED
etag: "1813d1-7f2-623b19092d223"
x-content-type-options: nosniff
cf-ray: 8d72a9a28e7e36a2-YYZ
expires: Wed, 23 Oct 2024 15:12:57 GMT
accept-ranges: bytes
content-length: 2034
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: image/png
last-modified: Sat, 05 Oct 2024 02:30:01 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 seaway.png
go.paycor.com/rs/003-JWW-697/images/ 3 KB
3 KB 86ms
78ms Image
image/png 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.paycor.com/rs/003-JWW-697/images/seaway.png

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bf572f97126e4e1871365b297eb9bc7910b490ec7dedfd9b55561660a2285f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

cache-control: public, max-age=60
cf-cache-status: REVALIDATED
etag: "1813d0-a1c-623b19092d223"
x-content-type-options: nosniff
cf-ray: 8d72a9a28e8136a2-YYZ
expires: Wed, 23 Oct 2024 15:12:57 GMT
accept-ranges: bytes
content-length: 2588
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: image/png
last-modified: Sat, 05 Oct 2024 02:30:01 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 wendys.png
go.paycor.com/rs/003-JWW-697/images/ 2 KB
2 KB 128ms
121ms Image
image/png 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.paycor.com/rs/003-JWW-697/images/wendys.png

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ebb87cd2f94f39db9a15001137e53f794088d84a57e539bb6bf8c1b5e262f24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

cache-control: public, max-age=60
cf-cache-status: REVALIDATED
etag: "1813d3-945-623b1909913b3"
x-content-type-options: nosniff
cf-ray: 8d72a9a28e8236a2-YYZ
expires: Wed, 23 Oct 2024 15:12:57 GMT
accept-ranges: bytes
content-length: 2373
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: image/png
last-modified: Sat, 05 Oct 2024 02:30:02 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 two_men_and_a_truck.png
go.paycor.com/rs/003-JWW-697/images/ 4 KB
5 KB 97ms
89ms Image
image/png 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.paycor.com/rs/003-JWW-697/images/two_men_and_a_truck.png

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c21caabb4273b6f596a86b2a0c44d466efa5840c77d330a813ab6b3b308e5f30

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

cache-control: public, max-age=60
cf-cache-status: REVALIDATED
etag: "1813d2-11b2-623b190990fcb"
x-content-type-options: nosniff
cf-ray: 8d72a9a28e8536a2-YYZ
expires: Wed, 23 Oct 2024 15:12:57 GMT
accept-ranges: bytes
content-length: 4530
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: image/png
last-modified: Sat, 05 Oct 2024 02:30:02 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 capterra-logo.png
go.paycor.com/rs/003-JWW-697/images/ 3 KB
3 KB 105ms
98ms Image
image/png 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.paycor.com/rs/003-JWW-697/images/capterra-logo.png

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a9d3a26f43dcc3cb89fa0062853e3abc6f2130e1eab2814e0a9d53dd0d872fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

cache-control: public, max-age=60
cf-cache-status: REVALIDATED
etag: "1813d4-d1c-623b1909ec0d4"
x-content-type-options: nosniff
cf-ray: 8d72a9a28e8736a2-YYZ
expires: Wed, 23 Oct 2024 15:12:57 GMT
accept-ranges: bytes
content-length: 3356
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: image/png
last-modified: Sat, 05 Oct 2024 02:30:02 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 capterra-stars.png
go.paycor.com/rs/003-JWW-697/images/ 1 KB
1 KB 77ms
70ms Image
image/png 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.paycor.com/rs/003-JWW-697/images/capterra-stars.png

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97aa9812d19683036ac220ef2826b9635e3f489f5cf8da75e53580f65485943f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

cache-control: public, max-age=60
cf-cache-status: REVALIDATED
etag: "1813d5-55c-623b1909ec4bc"
x-content-type-options: nosniff
cf-ray: 8d72a9a28e8936a2-YYZ
expires: Wed, 23 Oct 2024 15:12:57 GMT
accept-ranges: bytes
content-length: 1372
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: image/png
last-modified: Sat, 05 Oct 2024 02:30:02 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 jenna-dalgety.png
go.paycor.com/rs/003-JWW-697/images/ 28 KB
28 KB 84ms
77ms Image
image/png 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.paycor.com/rs/003-JWW-697/images/jenna-dalgety.png

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20d632d7bc7799439a1e73ee45971d708d1feaf8c5dcc7e29a9c1ba9816b8cf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

cache-control: public, max-age=60
cf-cache-status: REVALIDATED
etag: "1813d6-6ebe-623b190a48564"
x-content-type-options: nosniff
cf-ray: 8d72a9a28e8a36a2-YYZ
expires: Wed, 23 Oct 2024 15:12:57 GMT
accept-ranges: bytes
content-length: 28350
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: image/png
last-modified: Sat, 05 Oct 2024 02:30:03 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 laura-spradley.png
go.paycor.com/rs/003-JWW-697/images/ 25 KB
26 KB 78ms
71ms Image
image/png 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.paycor.com/rs/003-JWW-697/images/laura-spradley.png

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b501016faf30130124b195792a33767001cc7de627921aef21ad80eea955473d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

cache-control: public, max-age=60
cf-cache-status: REVALIDATED
etag: "1813d7-65ce-623b190a4b444"
x-content-type-options: nosniff
cf-ray: 8d72a9a28e8b36a2-YYZ
expires: Wed, 23 Oct 2024 15:12:57 GMT
accept-ranges: bytes
content-length: 26062
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: image/png
last-modified: Sat, 05 Oct 2024 02:30:03 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 nancy-flippin.png
go.paycor.com/rs/003-JWW-697/images/ 29 KB
29 KB 84ms
78ms Image
image/png 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.paycor.com/rs/003-JWW-697/images/nancy-flippin.png

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b31864324cc1d9b0079f4dbe4c3c0b30e1d063e7081f7378a81741d5377a0d70

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

cache-control: public, max-age=60
cf-cache-status: REVALIDATED
etag: "1813d8-7232-623b190ab4fad"
x-content-type-options: nosniff
cf-ray: 8d72a9a28e8d36a2-YYZ
expires: Wed, 23 Oct 2024 15:12:57 GMT
accept-ranges: bytes
content-length: 29234
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: image/png
last-modified: Sat, 05 Oct 2024 02:30:03 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 amanda-d.png
go.paycor.com/rs/003-JWW-697/images/ 5 KB
5 KB 89ms
83ms Image
image/png 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.paycor.com/rs/003-JWW-697/images/amanda-d.png

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

075040fed49981c136cea722095d5b766881875b5d5a3ca4b11392af03a8db3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

cache-control: public, max-age=60
cf-cache-status: REVALIDATED
etag: "1813d9-13fe-623b190ab8275"
x-content-type-options: nosniff
cf-ray: 8d72a9a28e8e36a2-YYZ
expires: Wed, 23 Oct 2024 15:12:57 GMT
accept-ranges: bytes
content-length: 5118
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: image/png
last-modified: Sat, 05 Oct 2024 02:30:03 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 lina-m.png
go.paycor.com/rs/003-JWW-697/images/ 12 KB
12 KB 71ms
66ms Image
image/png 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.paycor.com/rs/003-JWW-697/images/lina-m.png

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65c5364e2b44f6b90096f49946c988e5fb4c890e580b38175106396a14497cc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

cache-control: public, max-age=60
cf-cache-status: REVALIDATED
etag: "1813db-2f1d-623b190b93645"
x-content-type-options: nosniff
cf-ray: 8d72a9a28e8f36a2-YYZ
expires: Wed, 23 Oct 2024 15:12:57 GMT
accept-ranges: bytes
content-length: 12061
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: image/png
last-modified: Sat, 05 Oct 2024 02:30:04 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 lincoln-m.png
go.paycor.com/rs/003-JWW-697/images/ 10 KB
10 KB 84ms
79ms Image
image/png 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.paycor.com/rs/003-JWW-697/images/lincoln-m.png

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1746e5c46bfb5a7cfafbb6746a00b34d3e4853c27e071a746e04cced60773357

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

cache-control: public, max-age=60
cf-cache-status: REVALIDATED
etag: "1813da-294c-623b190b9325d"
x-content-type-options: nosniff
cf-ray: 8d72a9a28e9036a2-YYZ
expires: Wed, 23 Oct 2024 15:12:57 GMT
accept-ranges: bytes
content-length: 10572
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: image/png
last-modified: Sat, 05 Oct 2024 02:30:04 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 facebook.svg
go.paycor.com/rs/003-JWW-697/images/ 2 KB
827 B 84ms
78ms Image
image/svg+xml 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.paycor.com/rs/003-JWW-697/images/facebook.svg

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18ed6d9b8f22677990fced560a681264128f473c0544718e6508b8cc2503e6be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

cache-control: public, max-age=60
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1813a2-897-623b17ac593f4"
x-content-type-options: nosniff
cf-ray: 8d72a9a28e9136a2-YYZ
expires: Wed, 23 Oct 2024 15:12:57 GMT
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: image/svg+xml
last-modified: Sat, 05 Oct 2024 02:23:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 twitter_1.svg
go.paycor.com/rs/003-JWW-697/images/ 850 B
554 B 86ms
81ms Image
image/svg+xml 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.paycor.com/rs/003-JWW-697/images/twitter_1.svg

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d1011c3d5e8068ea641a20964537fd633feb949d4beb05d9009ef1d95345f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

cache-control: public, max-age=60
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1813dc-352-623b190c8da2e"
x-content-type-options: nosniff
cf-ray: 8d72a9a28e9236a2-YYZ
expires: Wed, 23 Oct 2024 15:12:57 GMT
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: image/svg+xml
last-modified: Sat, 05 Oct 2024 02:30:05 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 linkedin.svg
go.paycor.com/rs/003-JWW-697/images/ 655 B
485 B 76ms
71ms Image
image/svg+xml 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.paycor.com/rs/003-JWW-697/images/linkedin.svg

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1785189ae9e7a2caedc7181c14f17fd51fda9b29b0635be7f3099e4aed07a68d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

cache-control: public, max-age=60
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1813a6-28f-623b17acc17ec"
x-content-type-options: nosniff
cf-ray: 8d72a9a28e9536a2-YYZ
expires: Wed, 23 Oct 2024 15:12:57 GMT
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: image/svg+xml
last-modified: Sat, 05 Oct 2024 02:23:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
31 KB 72ms
16ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://go.paycor.com
Referer: https://go.paycor.com/

Response headers

content-encoding: gzip
etag: W/"28feccc0-15d84"
age: 4853048
x-cache: HIT, HIT
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 390489, 12050
x-served-by: cache-lga21981-LGA, cache-yul1970029-YUL
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1729696318.881597,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30879
server: nginx

GET
H3 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 21 KB
7 KB 53ms
47ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://go.paycor.com
Referer: https://go.paycor.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03fa9-520c"
age: 149778
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PnSMaCLQYjmmUvKzztgeKARoaeRM0eKsIvfKHp8NhvHLgeC4OsiCCWaK0pgl3RFdD8Q50%2B7rI6TjfWdmiCla%2BzQFkPaNriVjzY55jqxSJTv%2FNgPz0GXP5n5eli0d5Dw236HhggeA"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 13 Oct 2025 15:11:57 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:15:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d72a9a27bb73a0b-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6646
server: cloudflare

GET
H3 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 57 KB
16 KB 43ms
36ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://go.paycor.com
Referer: https://go.paycor.com/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: "e1d98d47689e00f8ecbc5d9f61bdb42e"
age: 251307
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 15:11:57 GMT
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 10/06/2024 16:28:44
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 1
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: df38358bf73e9efb71287606b867ea8e
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8d72a9a27ecdab60-YYZ
access-control-allow-origin: *
cdn-edgestorageid: 1067
server: cloudflare
cdn-requestcountrycode: US

GET
H2 200 bootstrap-select.min.js Show response
cdn.jsdelivr.net/npm/bootstrap-select@1.13.14/dist/js/ 51 KB
16 KB 34ms
22ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-select@1.13.14/dist/js/bootstrap-select.min.js

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6763de73150d26e3296cd0154ff12dede3b5d39251c734c0ae4f8af4e437e4cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"cc19-RPh/Fj9x0LrCeHYnL6mPYVOB/Pg"
age: 2770639
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220072-FRA, cache-yul1970029-YUL
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16623
x-jsd-version: 1.13.14

GET
H3 200 jquery.lazy.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.9/ 5 KB
3 KB 43ms
35ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.9/jquery.lazy.min.js

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecf4a6176a23634e19ed80b01b9c30bc7f9b754c55d4f3c220e46fbd3607a3b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec3-139e"
age: 146337
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=78ZtPFysyBzl3LlearWYtg3cMazis8e7IT90ix18%2FBIR%2FUlePQZJCknjFedpBKYFXgYeWpeArAQY9fbar7uVjDcgJk4NJdNXGUMaRovCct9DwB2yg09oj8YmtXMTlsBR5jQ5Fu%2FB"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 13 Oct 2025 15:11:57 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:47 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d72a9a28dc4b400-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2090
server: cloudflare

GET
H2 200 rater.js Show response
go.paycor.com/rs/003-JWW-697/images/ 17 KB
4 KB 87ms
77ms Script
application/x-javascript 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.paycor.com/rs/003-JWW-697/images/rater.js

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2290b2491ebe848200904256bfe6c23276c108d725b8106f25a49079fff71986

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

cache-control: public, max-age=60
content-encoding: gzip
cf-cache-status: HIT
etag: "1812aa-45f3-623b130d21e74"
x-content-type-options: nosniff
cf-ray: 8d72a9a28e7536a2-YYZ
expires: Wed, 23 Oct 2024 15:12:57 GMT
accept-ranges: bytes
content-length: 4032
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: application/x-javascript
last-modified: Sat, 05 Oct 2024 02:03:15 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 slick.min.js Show response
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 43 KB
10 KB 42ms
35ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.js

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03fd5-ab69"
age: 139084
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2FdAEA9qTuo1gviWFnU%2FQHUQUL0z9thlLgvdu2az%2FX4ExW06JMxcErBb31x96Ojw%2Fjg6fluZqaROgvLdrOKtg4nsx%2BQ9xpxfq2CyOVkcpDswTKkcfVDrI90jNEPm8kAPLIXOset0"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 13 Oct 2025 15:11:57 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:16:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d72a9a28dc6b400-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9564
server: cloudflare

GET
H2

200

lottie-player.js Show response
unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/
Redirect Chain

https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
https://unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js

371 KB
118 KB

32ms
32ms

Script
application/javascript

2606:4700::6811:f6cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Server

2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68b594d79a955d4237d365555d137be2842068c263d444f583556ee1f9a8cbc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "5cd35-FL4z5R7jgfyHeGPFiEURHtF1scw"
age: 23457
x-content-type-options: nosniff
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JAW8JC8P454VHSE6M6Q38Z9W-yul
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8d72a9a34b1fa31c-YUL
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js
content-encoding: br
cf-cache-status: HIT
age: 423
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8d72a9a2ca7ba31c-YUL
access-control-allow-origin: *
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JAWYHJHCCEDMRY9A04Y1NEH4-yul
server: cloudflare

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net// 1 KB
1 KB 122ms
27ms Script
application/x-javascript 69.192.29.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net//munchkin.js
Requested by: Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.29.241 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-29-241.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

Content-Encoding: gzip
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Connection: keep-alive
Accept-Ranges: bytes
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Length: 729
Date: Wed, 23 Oct 2024 15:11:57 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H2 200 stripmkttok.js Show response
go.paycor.com/js/ 2 KB
766 B 54ms
44ms Script
application/x-javascript 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.paycor.com/js/stripmkttok.js

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: "3029d2-602-62370c030d900"
age: 3713
x-content-type-options: nosniff
cf-ray: 8d72a9a28e7a36a2-YYZ
expires: Wed, 23 Oct 2024 19:11:57 GMT
accept-ranges: bytes
content-length: 678
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: application/x-javascript
last-modified: Tue, 01 Oct 2024 21:10:28 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 482 KB
138 KB 154ms
83ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PZ558V

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4246ed1ef7df315f68e9dd4baa08e1fbc8326021af3565f2de2106edc0d3e956

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Wed, 23 Oct 2024 15:11:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 140299
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 96ms
38ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=49b7a41772
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/49b7a41772.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
age: 251305
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DKsymNtgQoaG83YfeVExEQzjIRPy%2FWTNWuqO6XvzfYLoMPfmZFoo0rvpWp4jxB0cgu9yjWc2eRVhiV6eALEh6oYS1BHRDVSXQHR4hglceBzSid2zP7kHe4xsLLfINOS82DqIaPHhfA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: -GssCg30UX_ciI0_ERVJhxFqTVKbILArUujoaRcDCweqe2VXVWyTlw==
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: text/css
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Accept-Encoding
priority: u=1,i
access-control-allow-headers: fa-kit-token
server-timing: cfL4;desc="?proto=QUIC&rtt=27428&sent=17&recv=9&lost=0&retrans=0&sent_bytes=11138&recv_bytes=4998&delivery_rate=119006&cwnd=12000&unsent_bytes=0&cid=481fc746a7a5c1f3&ts=47&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 4ff42bdc51a4654aa785d44a72987f2a.cloudfront.net (CloudFront)
cf-ray: 8d72a9a2a965ac3a-YYZ
access-control-allow-origin: *
x-amz-cf-pop: YTO50-P3
server: cloudflare

GET
H3 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 91ms
34ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=49b7a41772
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/49b7a41772.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
age: 251305
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iP%2BHbbJiyRvavQkt%2B7I18js9fvWSzoNVn%2F8dkfZlwoo%2BR2PqAjFxm0d0%2F6U4cPfx7ZxxO2JK3pM339M6eLPmR%2F5JpJ1PNyjE0tb6dWM7N7GupQ5aVhla53wrvjLylOyCpQUr0wZfZg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 03jfcwmY48ll6tvXMiQUwngU3NM5e5xAXJDtkfaMw9RAwTLg6i31Xw==
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: text/css
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Accept-Encoding
priority: u=1,i
access-control-allow-headers: fa-kit-token
server-timing: cfL4;desc="?proto=QUIC&rtt=27428&sent=10&recv=9&lost=0&retrans=0&sent_bytes=4158&recv_bytes=4998&delivery_rate=119006&cwnd=12000&unsent_bytes=0&cid=481fc746a7a5c1f3&ts=45&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 d6796bed4f4a2cf7a6bde91bedf2a6b0.cloudfront.net (CloudFront)
cf-ray: 8d72a9a2a969ac3a-YYZ
access-control-allow-origin: *
x-amz-cf-pop: YTO50-P3
server: cloudflare

GET
H3 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
2 KB 93ms
36ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=49b7a41772
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/49b7a41772.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
age: 143715
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ehA6M09moWc1zhef8TjUYqYmEPbNc1QIkAkK%2Btoh%2BQ%2BGL9%2FsLUHJosV%2BxfHHlnL9SuH0zuJfWzMSNJplBcBdMDapFF7AaC1XtnD330A0KJpZmRYw6lTY6WC7LFxkTP%2BdXFhAkizFLg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Go1IXDvG35hx_jnCnJk-N6g1fLJfxmihimtaegzHcr9aIQbV4xVbwQ==
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: text/css
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Accept-Encoding
priority: u=1,i
access-control-allow-headers: fa-kit-token
server-timing: cfL4;desc="?proto=QUIC&rtt=27428&sent=15&recv=9&lost=0&retrans=0&sent_bytes=9410&recv_bytes=4998&delivery_rate=119006&cwnd=12000&unsent_bytes=0&cid=481fc746a7a5c1f3&ts=47&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 e93c42e901bd60413b64429b4ab31058.cloudfront.net (CloudFront)
cf-ray: 8d72a9a2a964ac3a-YYZ
access-control-allow-origin: *
x-amz-cf-pop: YTO50-P3
server: cloudflare

GET
H2 200 pay_Arrow.svg
go.paycor.com/rs/003-JWW-697/images/ 1 KB
838 B 80ms
76ms Image
image/svg+xml 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.paycor.com/rs/003-JWW-697/images/pay_Arrow.svg

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4287001c45173f2be378ba3250ed78c921c4e165d38f2a02fa36aac6ffa25a01

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

cache-control: public, max-age=60
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"181430-4b6-623b1e8b6c677"
x-content-type-options: nosniff
cf-ray: 8d72a9a28e9736a2-YYZ
expires: Wed, 23 Oct 2024 15:12:57 GMT
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: image/svg+xml
last-modified: Sat, 05 Oct 2024 02:54:40 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 getForm Show response
go.paycor.com/index.php/form/ 7 KB
2 KB 185ms
184ms XHR
application/javascript 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.paycor.com/index.php/form/getForm?munchkinId=003-JWW-697&form=1598
Requested by: Host: go.paycor.com
URL: https://go.paycor.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d398f6db2a47e142d69c90d4de72299b08f725a0bda9ca80403a60c2589a585c

Request headers

Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01

Response headers

cf-ray: 8d72a9a2ff0a36a2-YYZ
cached: true
content-encoding: gzip
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 quote.png
go.paycor.com/rs/003-JWW-697/images/ 674 B
757 B 69ms
68ms Image
image/png 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.paycor.com/rs/003-JWW-697/images/quote.png

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3344539a6a3dc6efa15dd2d791ef815dc6e8cb173be46aa4965d72410d0689d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

cache-control: public, max-age=60
cf-cache-status: REVALIDATED
etag: "1813dd-2a2-623b190ce315f"
x-content-type-options: nosniff
cf-ray: 8d72a9a31f2736a2-YYZ
expires: Wed, 23 Oct 2024 15:12:57 GMT
accept-ranges: bytes
content-length: 674
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: image/png
last-modified: Sat, 05 Oct 2024 02:30:05 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 JennaSue.woff
res.cloudinary.com/spiralyze/raw/upload/v1567144848/paycor/Fonts/ 26 KB
27 KB 148ms
28ms Font
application/octet-stream 2600:141b:1c00:2588::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res.cloudinary.com/spiralyze/raw/upload/v1567144848/paycor/Fonts/JennaSue.woff

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:141b:1c00:2588::523 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

d400e0c03ae4d1e6e440230bc576caf1c06a0c9ef9d2c1c7881e2dbad12523d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://go.paycor.com
Referer: https://go.paycor.com/

Response headers

strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=2592000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag
timing-allow-origin: *
etag: "fef46c44709051547f42402bca66c991"
accept-ranges: bytes
access-control-allow-origin: *
server-timing: cld-akam;dur=2;start=2024-10-23T15:11:58.067Z;desc=hit,rtt;dur=22
content-length: 27040
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: application/octet-stream
content-disposition: attachment; filename="JennaSue.woff"
server: Cloudinary
last-modified: Fri, 30 Aug 2019 06:00:49 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 49ms
48ms Script
application/x-javascript 69.192.29.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net//munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.29.241 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-29-241.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

Cache-Control: max-age=8640000
Content-Encoding: gzip
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Connection: keep-alive
Expires: Fri, 31 Jan 2025 15:11:58 GMT
Accept-Ranges: bytes
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Length: 4741
Date: Wed, 23 Oct 2024 15:11:58 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H3 200 ajax-loader.gif
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 4 KB
4 KB 35ms
34ms Image
image/gif 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ajax-loader.gif

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick-theme.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick-theme.min.css

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "65999b3e-c8a"
age: 146253
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l4Di0Lrzz5oNjoenkLPC3Y8w90WAj3Ubuq5wA%2BvyvF6qCwVJAWMIK0mPPRrfhJzOtw2IZsuP7VZS3i0seW1JbIcMArTRKMsmoQm4nh79WQLs0RxI6n9m9qRd5tW1c%2F5XWN0eDl91"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 13 Oct 2025 15:11:58 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: image/gif; charset=utf-8
last-modified: Sat, 06 Jan 2024 19:26:06 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d72a9a44f80b400-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3210
server: cloudflare

GET
H2 200 forms2.css
go.paycor.com/js/forms2/css/ 13 KB
3 KB 47ms
45ms Stylesheet
text/css 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.paycor.com/js/forms2/css/forms2.css

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: "4c0a04-3437-62370c030d900"
age: 4527
x-content-type-options: nosniff
cf-ray: 8d72a9a488ac36a2-YYZ
expires: Wed, 23 Oct 2024 19:11:58 GMT
accept-ranges: bytes
content-length: 2623
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: text/css
last-modified: Tue, 01 Oct 2024 21:10:28 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 forms2-theme-plain.css
go.paycor.com/js/forms2/css/ 828 B
357 B 46ms
45ms Stylesheet
text/css 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.paycor.com/js/forms2/css/forms2-theme-plain.css

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: "409c9-33c-62370c030d900"
age: 4187
x-content-type-options: nosniff
cf-ray: 8d72a9a488ae36a2-YYZ
expires: Wed, 23 Oct 2024 19:11:58 GMT
accept-ranges: bytes
content-length: 246
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: text/css
last-modified: Tue, 01 Oct 2024 21:10:28 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 316 KB
106 KB 75ms
42ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RL28C8SB39&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PZ558V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2981575b834ca75d51c580d5be9c6b314da5e0fdd5122fb3de5dd5e32b533a52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 23 Oct 2024 15:11:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 108490
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 clicktrue_invocation.js Show response
ob.cheqzone.com/ 108 KB
40 KB 132ms
27ms Script
text/javascript 18.238.49.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.cheqzone.com/clicktrue_invocation.js?id=3226
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PZ558V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-70.jfk52.r.cloudfront.net
Software: Caddy /
Resource Hash: 16039d93a15abf7b3a8585cf305b948a25dc918d6564c2c2243a35586ccf4fd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: "1af51-YvvMMcJVlsdLf8ui1G5fFgo8MuA"
age: 39646
via: 1.1 255e8a45aff6633687f7e4911e918abc.cloudfront.net (CloudFront)
expires: Wed, 23 Oct 2024 16:11:12 GMT
x-cache: Hit from cloudfront
content-length: 40347
x-amz-cf-id: kLJUEfMTaXzDuzqn0xMIDRA-_u1KTqtIdLLbBiOp6W7_7InATbRaOQ==
date: Wed, 23 Oct 2024 04:11:12 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: Caddy
x-amz-cf-pop: JFK52-P3

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 195ms
39ms Script
application/javascript 2620:1ec:33:2::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PZ558V

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:2::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 76280A34E58B42F7AB40546E461BA39E Ref B: BL2AA2010203025 Ref C: 2024-10-23T15:11:58Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 146ms
29ms Script
application/javascript 146.75.28.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PZ558V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

vary: Accept-Encoding,Host
cache-control: no-cache
content-encoding: gzip
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip"
accept-ranges: bytes
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 15412
date: Wed, 23 Oct 2024 15:11:58 GMT
x-tw-cdn: FT
last-modified: Fri, 15 Mar 2024 03:07:08 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-iad-kiad7000071-IAD
x-amz-server-side-encryption: AES256

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 146ms
32ms Script
application/javascript 2600:141b:1c00:6::17df:d10e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PZ558V

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d10e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

cache-control: max-age=74871
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Wed, 23 Oct 2024 15:11:58 GMT
last-modified: Thu, 22 Aug 2024 11:06:54 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 223 KB
80 KB 106ms
65ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-9675597&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PZ558V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b741f6354ecdefc1ccb56e03a149827d7b128275f9a055c03a2939589dd223c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Wed, 23 Oct 2024 15:11:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 81783
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
10 KB 161ms
42ms Script
application/javascript 2620:116:800b:21:c1e8:5385:5098:6bf0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PZ558V
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 20133cc700841ec85f087ff9834a922b482b9135e98574a9afebade4c754558c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

cache-control: private, max-age=604800
content-encoding: gzip
etag: "HP/dXILNCv8vRT01LqWQOg=="
expires: Wed, 30 Oct 2024 15:11:58 GMT
accept-ranges: bytes
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: application/javascript
vary: Accept-Encoding

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 98ms
17ms Script
application/javascript 2a04:4e42:400::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PZ558V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 919293e56b6a814a84a579b014f63a2423b0419c418494da7baa7c0c5893cde1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

access-control-max-age: 86400
access-control-expose-headers: X-CDN
cache-control: max-age=7200
content-encoding: br
etag: "b37f6fea55e9029c9c9d413c47f69cb7"
x-cdn: fastly
access-control-allow-methods: GET
alt-svc: h3=":443";ma=600
access-control-allow-origin: *
content-length: 1878
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-server-side-encryption: AES256

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 242 KB
87 KB 86ms
68ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-977439273&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PZ558V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ac9fab79ccbe41df5380e71a9e05f3dfa711542f0b3dcf676f8939d469aa620a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Wed, 23 Oct 2024 15:11:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 89251
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 4307.js Show response
script.crazyegg.com/pages/scripts/0063/ 7 KB
3 KB 101ms
40ms Script
text/javascript 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0063/4307.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PZ558V
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fd0c5be6344fcce2416b70b0cf3bf1cfd572ca8bcbbc906ebdb2a16b1722844

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

access-control-expose-headers: CE-Version
content-encoding: gzip
cf-bgj: minify
cf-cache-status: HIT
age: 5998
cf-polished: origSize=6996
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: text/javascript
last-modified: Wed, 23 Oct 2024 13:31:58 GMT
vary: Accept-Encoding
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 8d72a9a55b28abee-YYZ
access-control-allow-origin: *
ce-version: 11.5.299
server: cloudflare

GET
H2 200 amzn.js Show response
c.amazon-adsystem.com/aat/ 20 KB
7 KB 115ms
27ms Script
application/javascript 108.138.115.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aat/amzn.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PZ558V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-115-149.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2aeed5b3c05c979624808226ba200108245d3065417b983d135ab1346a9e6383

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

vary: Accept-Encoding
content-encoding: gzip
x-amz-version-id: QpoobFxu.qHBGIYRLNj8wglfi4825oSF
etag: W/"391dd673bf3b0837320a35aa7a940bf2"
via: 1.1 b2a97308187ed38f56c38676d5710b7e.cloudfront.net (CloudFront), 1.1 749177a97cae42477f22c33c927ca0ce.cloudfront.net (CloudFront)
x-cache: RefreshHit from cloudfront
x-amz-cf-id: 2JeRL-p8yFvpm_xpWK6WhT5MUt9mlq_rbKMel-1vLcR0C9FU7OV8Bg==
date: Tue, 22 Oct 2024 21:13:01 GMT
content-type: application/javascript
last-modified: Tue, 22 Oct 2024 21:10:56 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P8, JFK50-P3
x-amz-server-side-encryption: AES256

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 228 KB
58 KB 71ms
30ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

b3cad51ca0cfdbeac9d38f7aad54e6564408f0da56a6fd56350e0d03d4f0aef9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=23, mss=1232, tbw=4456, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: VF54Ymskkvu4MjBPtseJomJ6JytRGOcGdZX3P3NA3FrQkOjtY69/tvhn12RCkTBkUkxV44buVMuqrMpKbjFOJg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59508
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 z4ywmf9vceea.js Show response
js.driftt.com/include/1729696500000/ 221 KB
62 KB 138ms
66ms Script
application/javascript 18.238.55.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1729696500000/z4ywmf9vceea.js

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.55.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-55-127.jfk52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e96abb18e70acf14065e3bacb0dbd6942579a85d3d69d9d7551bea9c627ca3a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

content-encoding: gzip
x-amz-version-id: px8T70IzhuJ6oS1M7izBjK7Y8.9uRoPx
etag: W/"182931eb99afb01276b448d2f7bd627d"
access-control-allow-methods: GET, POST, OPTIONS
x-cache: RefreshHit from cloudfront
x-amz-cf-id: NW8sQn_8bzZd9TIyl6PMc0abzrjYfh29gDAEc14jKaC36Ru98wSM-w==
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 11 Oct 2024 18:47:07 GMT
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache
x-envoy-upstream-service-time: 46
access-control-allow-credentials: true
via: 1.1 30dd3884a4b369c2dc7ffa8271e1b512.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: JFK52-P4
server: istio-envoy
x-amz-server-side-encryption: AES256

GET
H2 200 invoca-latest.min.js Show response
solutions.invocacdn.com/js/ 110 KB
38 KB 121ms
27ms Script
text/javascript 3.168.122.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Requested by: Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.168.122.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-168-122-30.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ffd4a8500bc43a212726e3be57fc96ecf73b71619f9a65d2ddfb851333da6034

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

content-encoding: gzip
x-amz-version-id: GJUCt6_Mh76DKgPZG6f4outmHU9xoi3V
etag: W/"60479067ef4873f27439df1a7e206f19"
age: 2218
x-cache: Hit from cloudfront
x-amz-cf-id: YXjIiaFm4umfbJq-KrVqF2mLIf06N2CGAZZw-H39isVweP0bdmsGWQ==
date: Wed, 23 Oct 2024 14:35:01 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 23 Sep 2024 14:27:37 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=3600
via: 1.1 16ef2ce41ee63b7d045e809201991b04.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 22 KB
7 KB 107ms
31ms Script
text/javascript 52.45.216.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.216.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-216-149.compute-1.amazonaws.com
Software: /
Resource Hash: 15ef9082f7e8e7cc7fc3251e2fc8a07cb0d93049f71d33ef09015af80b21db8b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

access-control-allow-origin: *
cache-control: max-age=5
content-encoding: gzip
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: text/javascript

GET
H2 200 f7a1179d3d74b407.min.js Show response
tag.demandbase.com/ 63 KB
18 KB 93ms
27ms Script
application/javascript 52.85.61.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/f7a1179d3d74b407.min.js

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-96.ewr53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e97882de34ffe397cc4ba1c2badef97e1ea68b791224e02bc7d71963a6b029f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

content-encoding: gzip
x-amz-version-id: sp_L85w_JFfyRLE_Tc8IC5XDL0c.uySK
etag: W/"91845f35b9be7102c0d373527d0f2bbb"
age: 3367
x-cache: Hit from cloudfront
x-amz-cf-id: K_BrDLHIF-Kvt097iVcpWG0xDAQsaHHhDCdVq2eBkTXEUxyQqiZWQg==
date: Wed, 23 Oct 2024 14:15:52 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 17 Oct 2024 13:51:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=3600
via: 1.1 52b969a4ab7956a248b07efba57c92a4.cloudfront.net (CloudFront)
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-pop: EWR53-P1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK spx Show response
dx.mountain.com/ 16 KB
5 KB 137ms
33ms Script
application/javascript 52.7.151.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=32852&tdr=&plh=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&cb=4158082954269271term=value
Requested by: Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.151.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-151-245.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: cd36a2fb236fa77d2d4a499c3eeb78d904fab4132cf1d47a6fa7222ae0299623

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

transfer-encoding: chunked
content-encoding: gzip
x-envoy-upstream-service-time: 2
expires: Thu, 01 Jan 1970 00:00:00 GMT
be: spx-prod
date: Wed, 23 Oct 2024 15:11:57 GMT
content-type: application/javascript;charset=utf-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
server: istio-envoy

GET
H3 200 6238c29f3c89ed001cdebb98 Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 184ms
153ms Script
text/javascript 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/6238c29f3c89ed001cdebb98

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

29e36cf7062f5e533a9c29a6c045bf68a75c2e9365d8d9da7cd152fcafb7eb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

x-robots-tag: noindex, nofollow
content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
x-content-type-options: nosniff
via: 1.1 google
cf-ray: 8d72a9a5ea72a1fe-YYZ
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: text/javascript
vary: Accept-Encoding
x-powered-by: Express
server: cloudflare
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 22 KB
22 KB 66ms
18ms Script
text/javascript 35.244.142.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 42e2dd427dd9f9d45367c880c68289114b7de56373ff8bdc664ea0fa3ce77880

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type
x-goog-hash: crc32c=NZyeaA==, md5=Tt3uyVr9qWmz0bL7lwwesQ==
etag: "4eddeec95afda969b3d1b2fb970c1eb1"
age: 1297
x-goog-stored-content-encoding: identity
expires: Wed, 23 Oct 2024 15:50:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 22096
date: Wed, 23 Oct 2024 14:50:21 GMT
last-modified: Tue, 25 Jun 2024 13:55:49 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY0T3cxcA4BjuPOOm968f149p9nY_i0gJ1ln9FclYHna553n_a5y5RY5U0JBxOi_kWgzpoyfI3oAPA
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1719323749654301
content-length: 22096
server: UploadServer

GET
H2 200 oktrk.js Show response
static.oktopost.com/ 9 KB
4 KB 98ms
24ms Script
application/javascript 18.173.219.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.oktopost.com/oktrk.js
Requested by: Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.219.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-88.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 09016600a13dd4825b72516765a8da53d1ab896f7582c4619d014e8ee147ea84

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

content-encoding: gzip
etag: W/"57315c24d6fec75c4d46a8cc3fa6e0d5"
age: 6441
via: 1.1 1ecf1db0c771b8f74edd4bd269377c1e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: u-vu-GkIEGatQ36GsP41prcuUxSK4M3QyQzI0vWnORvSuNn9k3VHkA==
date: Wed, 23 Oct 2024 13:24:38 GMT
content-type: application/javascript
last-modified: Mon, 27 Jan 2020 09:47:41 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
vary: Accept-Encoding

GET
H2 200 1290.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 2 KB
2 KB 225ms
171ms Script
text/javascript 2606:4700::6812:1eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/1290.js?p=https://go.paycor.com/nfl-ticket-sweepstakes.html&e=

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1eb0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bf3d8359524efadae00cff06c5b4406acf28bdde2d27e1618b6125c83cfa887

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

content-encoding: br
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: text/javascript;charset=UTF-8
content-disposition: inline
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: no-referrer
x-download-options: noopen
cf-ray: 8d72a9a6392aa298-YUL
access-control-allow-origin: *
x-xss-protection: 0
origin-agent-cluster: ?1
server: cloudflare

GET
H2 200 taq.js Show response
visitor.technologyadvice.com/ 1 KB
2 KB 202ms
120ms Script
text/javascript 18.164.124.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visitor.technologyadvice.com/taq.js?t=1729728000000
Requested by: Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-2.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38ee169294a9603ae39d0712235f8480654c34a2a25bdca33cfca36be9cb8d0f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

x-amz-cf-pop: JFK50-P7
etag: "dd0bf2403763eb936b6c12c481565217"
via: 1.1 bef00830ac8715b50c3242c5f64020a4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 1436
x-amz-cf-id: Wcn9hyZv0wTQ8NQwjKBzjQdqBOljZ4DtagfQm8H85kYaX2wIRQI5vw==
date: Wed, 23 Oct 2024 15:11:59 GMT
content-type: text/javascript
vary: Accept-Encoding
server: AmazonS3
last-modified: Wed, 16 Oct 2024 16:49:50 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 t.png
tvspix.com/ 68 B
193 B 597ms
96ms Image
image/png 34.210.202.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tvspix.com/t.png?&t=1729696318219&l=tvscientific-pix-o-42183f41-2888-44a9-a87c-c50cb17b73e2&u3=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html
Requested by: Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.210.202.206 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-210-202-206.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 5a75a26f4dd38fe6f26a171533626d35e2df62b7c94a74c147c49589bac9b427

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

expires: 0
cache-control: no-cache, no-store, must-revalidate
content-length: 68
date: Wed, 23 Oct 2024 15:11:58 GMT
pragma: no-cache
content-type: image/png

GET
H2 200 t.png
tvspix.com/ 68 B
194 B 567ms
96ms Image
image/png 34.210.202.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tvspix.com/t.png?&t=1729696318220&l=tvscientific-pix-o-86b8464b-f62e-4985-9b2c-42a4e4dde4af&u3=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html
Requested by: Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.210.202.206 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-210-202-206.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 5a75a26f4dd38fe6f26a171533626d35e2df62b7c94a74c147c49589bac9b427

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

expires: 0
cache-control: no-cache, no-store, must-revalidate
content-length: 68
date: Wed, 23 Oct 2024 15:11:58 GMT
pragma: no-cache
content-type: image/png

GET
H/1.1 200
OK /
arttrk.com/pixel/ 43 B
131 B 135ms
37ms Image
image/gif 52.2.105.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arttrk.com/pixel/?ad_log=referer&action=purchase&pixid=b039cfe1-6e29-46d3-977b-9a310df9e912
Requested by: Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.2.105.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-105-52.compute-1.amazonaws.com
Software: /
Resource Hash: 693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

Content-Type: image/gif
Connection: keep-alive
Content-Length: 43

GET
H2 200 inputmask.min.js
go.paycor.com/js/forms2/polyfills/inputmask/ 4 KB
4 KB 40ms
39ms Image
application/x-javascript 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.paycor.com/js/forms2/polyfills/inputmask/inputmask.min.js

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: "4c09e1-10c9-62370c030d900"
age: 4312
x-content-type-options: nosniff
cf-ray: 8d72a9a5297536a2-YYZ
expires: Wed, 23 Oct 2024 19:11:58 GMT
accept-ranges: bytes
content-length: 1901
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: application/x-javascript
last-modified: Tue, 01 Oct 2024 21:10:28 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 6282 0
0 85ms
26ms Document
text/html 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fgo.paycor.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PZ558V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 149578
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Mon, 21 Oct 2024 21:39:00 GMT
expires: Tue, 21 Oct 2025 21:39:00 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK visitWebPage
003-jww-697.mktoresp.com/webevents/ 2 B
318 B 154ms
37ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://003-jww-697.mktoresp.com/webevents/visitWebPage?_mchNc=1729696318281&_mchCn=nfl-ticket-sweepstakes&_mchId=003-JWW-697&_mchTk=_mch-paycor.com-1729696318280-94005&_mchWs=j1RR&_mchHo=go.paycor.com&_mchPo=&_mchRu=%2Fnfl-ticket-sweepstakes.html&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

Transfer-Encoding: chunked
X-Request-Id: 7e9b78d1-807b-4082-865e-9b8214ae28ab
Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Origin: *
Date: Wed, 23 Oct 2024 15:11:58 GMT
Content-Type: text/plain; charset=UTF-8
Server: nginx/1.20.1

GET
H2 200 CTA_arrow.svg
go.paycor.com/rs/003-JWW-697/images/ 205 B
301 B 69ms
66ms Image
image/svg+xml 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.paycor.com/rs/003-JWW-697/images/CTA_arrow.svg

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad9e4ae8612a4bc1f3e4f8f2bb7b2d46916d3c65d2cfa28d23c5caad64e6cafa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

cache-control: public, max-age=60
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"181495-cd-623b283e09bd2"
x-content-type-options: nosniff
cf-ray: 8d72a9a589d036a2-YYZ
expires: Wed, 23 Oct 2024 15:12:58 GMT
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: image/svg+xml
last-modified: Sat, 05 Oct 2024 03:38:03 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 75 KB
76 KB 39ms
38ms Font
font/woff2 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2
Requested by: Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://go.paycor.com
Referer: https://go.paycor.com/

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
etag: "4f5ec865a8274ab291b6a42b5f70639e"
age: 176392
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KD7OuyAavotBUuerhOZ5qHkCV2%2FQ1wpjhAvmqLnn%2FMhJuo1sHnJ5fl1XTTsvEsgyzJ5BI4zEF2J5IJeqtXO9QythtI%2B5K3QkFL7i%2B2SPgk4OPvOM3rjgmKG8Huzti7XEoyJTcoEZnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: ziTUdaOeMUzy8rs4GIU0ehXLpEAYQqPXwdA1oUdo1AyVgQGH8cmN0A==
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: font/woff2
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
vary: Accept-Encoding
priority: u=0,i=?0
access-control-allow-headers: fa-kit-token
server-timing: cfL4;desc="?proto=QUIC&rtt=31662&sent=31&recv=27&lost=0&retrans=0&sent_bytes=25228&recv_bytes=6077&delivery_rate=705624&cwnd=16800&unsent_bytes=0&cid=481fc746a7a5c1f3&ts=514&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 7b53bcdb3c1cb902b1548ec19e2d9bc2.cloudfront.net (CloudFront)
cf-ray: 8d72a9a59d49ac3a-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 76736
x-amz-cf-pop: YTO50-P3
server: cloudflare

GET
H2 200 main.97c41ef3.js Show response
s.pinimg.com/ct/lib/ 82 KB
23 KB 21ms
17ms Script
application/javascript 2a04:4e42:400::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e2d60cdf4948bf1fcc89d3e1fb4875dbfe0cd45125eced25eb220b5fd72abe73

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

access-control-max-age: 86400
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
content-encoding: br
etag: "e1539e83e14f862d3b381b23e74d63fa"
x-cdn: fastly
access-control-allow-methods: GET
alt-svc: h3=":443";ma=600
access-control-allow-origin: *
content-length: 23701
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-server-side-encryption: AES256

GET
H2 200 inputmask.min.js Show response
go.paycor.com/js/forms2/polyfills/inputmask/ 4 KB
0 2ms
2ms Script
application/x-javascript 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.paycor.com/js/forms2/polyfills/inputmask/inputmask.min.js

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73414c95065567e930957ff752384bba697461df50952600e780c55f0080aef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/nfl-ticket-sweepstakes.html

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: "4c09e1-10c9-62370c030d900"
age: 4312
x-content-type-options: nosniff
cf-ray: 8d72a9a5297536a2-YYZ
expires: Wed, 23 Oct 2024 19:11:58 GMT
accept-ranges: bytes
content-length: 1901
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: application/x-javascript
last-modified: Tue, 01 Oct 2024 21:10:28 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 1658281131098209 Show response
connect.facebook.net/signals/config/ 299 KB
92 KB 29ms
27ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1658281131098209?v=2.9.173&r=stable&domain=go.paycor.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

2416aab63062f398a66af3601e5d32db1cb011bedb7418a701fcaa10341d7a58

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=74, mss=1232, tbw=67656, tp=63, tpl=0, uplat=2, ullat=-1
pragma: public
x-fb-debug: rAeWWSaAZJkv+vsMywJrRHZNyUtgpwdDxfSkUr2iDCBCaFAE3Nd2fKglyLmkZJrIrRr8DFD2hZcuRcM/o8vEFg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 93868
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 go.paycor.com.json Show response
script.crazyegg.com/pages/data-scripts/0063/4307/site/ 7 KB
3 KB 67ms
40ms XHR
application/json 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0063/4307/site/go.paycor.com.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0063/4307.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2df5e88fde374e579060ce73f49e849dbacc0705b00d22d8673653571480d856

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

access-control-expose-headers: CE-Version
content-encoding: gzip
cf-cache-status: HIT
age: 4312
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: application/json
last-modified: Wed, 23 Oct 2024 13:31:59 GMT
vary: Accept-Encoding
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 8d72a9a609f4aba5-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2466
ce-version: 11.5.299
server: cloudflare

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/
Redirect Chain

https://s.amazon-adsystem.com/iu3?pid=2edf3ac0-e411-433d-99b3-43c23a52c9c7&event=PageView&gtmVersion=3.5&ts=1729696318369
https://s.amazon-adsystem.com/iu3?pid=2edf3ac0-e411-433d-99b3-43c23a52c9c7&event=PageView&gtmVersion=3.5&ts=1729696318369&dcc=t

0
0

56ms
53ms

Fetch
text/html

98.82.157.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s.amazon-adsystem.com/iu3?pid=2edf3ac0-e411-433d-99b3-43c23a52c9c7&event=PageView&gtmVersion=3.5&ts=1729696318369&dcc=t
Requested by: Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html
Protocol: HTTP/1.1
Server: 98.82.157.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-98-82-157-231.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

Redirect headers

Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Location: https://s.amazon-adsystem.com/iu3?pid=2edf3ac0-e411-433d-99b3-43c23a52c9c7&event=PageView&gtmVersion=3.5&ts=1729696318369&dcc=t
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid: MXNJ6WBS362P9D3S5J9F
Content-Length: 0
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date: Wed, 23 Oct 2024 15:11:58 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server

POST
H2 204 collect
analytics.google.com/g/ 0
0 105ms
42ms Fetch
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-RL28C8SB39&gtm=45je4ah0v889089799z872782260za200zb72782260&_p=1729696317695&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533421~101686685~101823847&cid=872197903.1729696318&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1729696318&sct=1&seg=0&dl=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&dt=Meet%20with%20Paycor%20Today&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_url_clean=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes&ep.page_path_clean=%2Fnfl-ticket-sweepstakes&tfd=924
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RL28C8SB39&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://go.paycor.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
552 B 106ms
39ms Ping
text/plain 2607:f8b0:4004:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RL28C8SB39&cid=872197903.1729696318&gtm=45je4ah0v889089799z872782260za200zb72782260&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101533421~101686685~101823847
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RL28C8SB39&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://go.paycor.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 006D 0
0 120ms
50ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-RL28C8SB39&gacid=872197903.1729696318&gtm=45je4ah0v889089799z872782260za200zb72782260&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533421~101686685~101823847&z=118939148

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RL28C8SB39&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.paycor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 15:11:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 129ms
88ms Image
image/gif 142.250.64.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RL28C8SB39&cid=872197903.1729696318&gtm=45je4ah0v889089799z872782260za200zb72782260&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101533421~101686685~101823847&tag_exp=101533421~101686685~101823847&z=849902546

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 23 Oct 2024 15:11:58 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 67 KB
25 KB 115ms
24ms Script
application/x-javascript 152.199.2.76
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/scripts/bizible.js

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.2.76 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyd/D12D) /

Resource Hash

166f62c7a9aa03e83bd045e8469101d00f6f7dc09549cb4e5f350f128e5a92b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

strict-transport-security: max-age=31536000; includeSub
cache-control: max-age=86400
content-encoding: gzip
etag: "bf13d1efdc20db1:0"
age: 64593
accept-ranges: bytes
x-cache: HIT
content-length: 25393
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: application/x-javascript
last-modified: Thu, 17 Oct 2024 21:38:42 GMT
server: ECS (nyd/D12D)
vary: Accept-Encoding

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 61ms
61ms Script
application/x-javascript 69.192.29.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PZ558V
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.29.241 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-29-241.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

Content-Encoding: gzip
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Connection: keep-alive
Accept-Ranges: bytes
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Length: 729
Date: Wed, 23 Oct 2024 15:11:58 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H3 200 2780555e46c3031ae97407e9c52b4705.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 105 KB
36 KB 38ms
37ms Script
text/javascript 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/2780555e46c3031ae97407e9c52b4705.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0063/4307.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61917dc4b13b887a30af978c934892e7db4329ba72bbd655635613b537d760e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
content-encoding: gzip
cf-bgj: minify
cf-cache-status: HIT
age: 7749
cf-ray: 8d72a9a6dcf3abee-YYZ
cf-polished: origSize=107371
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: text/javascript
last-modified: Tue, 08 Oct 2024 19:20:03 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 adsct
t.co/i/ 43 B
628 B 139ms
77ms Image
image/gif 172.66.0.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=56422987-a987-41f5-8dad-8b9443f47fc9&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ff49b233-88ab-4751-802f-6920368aaf35&tw_document_href=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv47a&type=javascript&version=2.3.30

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

strict-transport-security: max-age=0
x-transaction-id: cfacbf01444dc8d8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 5cef8272c15f0b9aa804df8041e8fa3f92057d1e83c22ac439479bde61d067e1
cf-cache-status: DYNAMIC
cf-ray: 8d72a9a76bbfaab4-YYZ
x-response-time: 5
content-length: 43
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_b

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
390 B 174ms
53ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=56422987-a987-41f5-8dad-8b9443f47fc9&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ff49b233-88ab-4751-802f-6920368aaf35&tw_document_href=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv47a&type=javascript&version=2.3.30

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

strict-transport-security: max-age=631138519
x-transaction-id: a5ac802b4f4c265e
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 81a6bb8af05ba67b21ea75942b73a18cf4e95f41344d61e7c93eb3a8ee2328ca
x-response-time: 5
content-length: 43
date: Wed, 23 Oct 2024 15:11:58 GMT
perf: 7402827104
content-type: image/gif;charset=utf-8
server: tsa_b

GET
H2

200

activityi;dc_pre=CIfelvXkpIkDFewU-QAdJpQhXQ;src=9675597;type=audie0;cat=gener0;ord=1;num=4225707379174;npa=0;auiddc=1449276670.1729696318;ps=1;pcor=642624584;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=...
9675597.fls.doubleclick.net/ Frame 7706
Redirect Chain

https://9675597.fls.doubleclick.net/activityi;src=9675597;type=audie0;cat=gener0;ord=1;num=4225707379174;npa=0;auiddc=1449276670.1729696318;ps=1;pcor=642624584;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uap...
https://9675597.fls.doubleclick.net/activityi;dc_pre=CIfelvXkpIkDFewU-QAdJpQhXQ;src=9675597;type=audie0;cat=gener0;ord=1;num=4225707379174;npa=0;auiddc=1449276670.1729696318;ps=1;pcor=642624584;uaa...

0
0

110ms
108ms

Document
text/html

172.217.165.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9675597.fls.doubleclick.net/activityi;dc_pre=CIfelvXkpIkDFewU-QAdJpQhXQ;src=9675597;type=audie0;cat=gener0;ord=1;num=4225707379174;npa=0;auiddc=1449276670.1729696318;ps=1;pcor=642624584;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9189988387z872782260za201zb72782260;gcd=13l3l3l3l1l1;dma=0;tag_exp=101686685~101823848;epver=2;~oref=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-9675597&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.165.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax30s03-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.paycor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 368
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 15:11:58 GMT
expires: Wed, 23 Oct 2024 15:11:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 15:11:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9675597.fls.doubleclick.net/activityi;dc_pre=CIfelvXkpIkDFewU-QAdJpQhXQ;src=9675597;type=audie0;cat=gener0;ord=1;num=4225707379174;npa=0;auiddc=1449276670.1729696318;ps=1;pcor=642624584;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9189988387z872782260za201zb72782260;gcd=13l3l3l3l1l1;dma=0;tag_exp=101686685~101823848;epver=2;~oref=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activityi;fledge=1;src=9675597;type=audie0;cat=gener0;ord=1;num=4225707379174;npa=0;auiddc=1449276670.1729696318;ps=1;pcor=642624584;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;...
td.doubleclick.net/td/fls/rul/ Frame B34A 0
0 62ms
59ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=9675597;type=audie0;cat=gener0;ord=1;num=4225707379174;npa=0;auiddc=1449276670.1729696318;ps=1;pcor=642624584;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9189988387z872782260za201zb72782260;gcd=13l3l3l3l1l1;dma=0;tag_exp=101686685~101823848;epver=2;~oref=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-9675597&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.paycor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 15:11:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=9675597;type=audie0;cat=gener0;ord=1;num=4225707379174;npa=0;auiddc=1449276670.1729696318;ps=1;pcor=642624584;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=...
ad.doubleclick.net/ 0
24 B 140ms
93ms Image
image/png 142.250.80.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=9675597;type=audie0;cat=gener0;ord=1;num=4225707379174;npa=0;auiddc=1449276670.1729696318;ps=1;pcor=642624584;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9189988387z872782260za201zb72782260;gcd=13l3l3l3l1l1;dma=0;tag_exp=101686685~101823848;epver=2;~oref=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html?

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.102 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Wed, 23 Oct 2024 15:11:58 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"284954933935867242"}],"aggregatable_trigger_data":[{"filters":[{"14":["9155699"]}],"key_piece":"0x1ba41f261d2a0775","source_keys":["12","13","14","15","16","17","18","19","20","21","18268776","18268777","18268778","18268779","19180068","19180069","19180070","19180071","20564468","20564469","20564470","20564471","24842384","24842385","24842386","24842387","638502740","638502741","638502742","638502743"]},{"key_piece":"0x1c2f6884be2e592f","not_filters":{"14":["9155699"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","18268776","18268777","18268778","18268779","19180068","19180069","19180070","19180071","20564468","20564469","20564470","20564471","24842384","24842385","24842386","24842387","638502740","638502741","638502742","638502743"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"18268776":54,"18268777":54,"18268778":54,"18268779":5297,"19":65,"19180068":163,"19180069":163,"19180070":163,"19180071":15892,"20":65,"20564468":46,"20564469":46,"20564470":46,"20564471":4540,"21":6356,"24842384":54,"24842385":54,"24842386":54,"24842387":5297,"638502740":65,"638502741":65,"638502742":65,"638502743":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"17158493077905746981","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"284954933935867242","filters":[{"14":["9155699"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"284954933935867242","filters":[{"14":["9155699"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"284954933935867242","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"284954933935867242","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["9675597"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
817 B 188ms
114ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=10318&time=1729696318601&url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Referer: https://go.paycor.com/

Response headers

x-li-pop: afd-prod-lor1-x
content-encoding: gzip
x-fs-uuid: 000625264ea59f7828f3ec25e78cbe29
x-msedge-ref: Ref A: 787B6EF24B5A472FAD8D01374F987C36 Ref B: YMQ01EDGE0308 Ref C: 2024-10-23T15:11:58Z
x-li-fabric: prod-lor1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYlJk6ln3go8+wl54y+KQ==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=10318&time=1729696318601&li_adsId=12055420-9ffc-4be4-9269-1eb720a247f3&url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=10318&time=1729696318601&li_adsId=12055420-9ffc-4be4-9269-1eb720a247f3&url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&e_ipv6=AQIcC...

0
267 B

187ms
121ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=10318&time=1729696318601&li_adsId=12055420-9ffc-4be4-9269-1eb720a247f3&url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&e_ipv6=AQIcCXEmqWYoKAAAAZK570UTNAq3WWEGSE6YoHWe5Wstx1VNFApUamscdqRnQ4n9S-z5cdLI
Requested by: Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: AAFEE6F30BDE491298CB5A6D1FCAEC8C Ref B: YMQ01EDGE0409 Ref C: 2024-10-23T15:11:58Z
x-li-fabric: prod-lor1
x-li-uuid: AAYlJk6pINSxIhC2PxiIug==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=10318&time=1729696318601&li_adsId=12055420-9ffc-4be4-9269-1eb720a247f3&url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&e_ipv6=AQIcCXEmqWYoKAAAAZK570UTNAq3WWEGSE6YoHWe5Wstx1VNFApUamscdqRnQ4n9S-z5cdLI
x-msedge-ref: Ref A: 00C1F257F9A248599BE476BFA53FF7BF Ref B: YMQ01EDGE0416 Ref C: 2024-10-23T15:11:58Z
x-li-fabric: prod-lor1
x-li-uuid: AAYlJk6ltAEuC8KMG5xang==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Wed, 23 Oct 2024 15:11:57 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/977439273/ 5 KB
2 KB 108ms
53ms Script
text/javascript 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/977439273/?random=1729696318615&cv=11&fst=1729696318615&bg=ffffff&guid=ON&async=1&gtm=45be4al0h2z872782260za201zb72782260&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&hn=www.googleadservices.com&frm=0&tiba=Meet%20with%20Paycor%20Today&npa=0&pscdl=noapi&auid=1449276670.1729696318&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-977439273&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

43dd8d596db1cd1142b9d1c38283455874c6fa4d62059a687812cdbda152f09d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2341
date: Wed, 23 Oct 2024 15:11:58 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 977439273
td.doubleclick.net/td/rul/ Frame 8ABA 0
0 50ms
48ms Document
text/html 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/977439273?random=1729696318615&cv=11&fst=1729696318615&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0h2z872782260za201zb72782260&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&hn=www.googleadservices.com&frm=0&tiba=Meet%20with%20Paycor%20Today&npa=0&pscdl=noapi&auid=1449276670.1729696318&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-977439273&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.paycor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 15:11:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 rules-p-c3PEYhkDwHV7g.js Show response
rules.quantcount.com/ 4 KB
2 KB 107ms
25ms Script
application/javascript 2600:9000:21dd:6200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-c3PEYhkDwHV7g.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:6200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72070cec790e67d0a805202517453b8853de2088ba633f8ed75635b39b932adb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

content-encoding: gzip
etag: W/"c6901f2524c58aa235839aeadc0144af"
age: 1456
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: 1flcIjtrmiODkwjWVLmfqIBHLOV59VCOWPDZMCoXWpGP09o4T9PviA==
date: Wed, 23 Oct 2024 14:47:42 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 13 Oct 2022 22:21:01 GMT
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
via: 1.1 8f53b5d73ff2f5f8cae7b49606b79bd4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 / Show response
ct.pinterest.com/user/ 321 B
766 B 232ms
147ms XHR
application/json 23.56.163.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613639982760&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1729696318692&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.56.163.34 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-163-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

access-control-expose-headers: Epik,Pin-Unauth
content-encoding: gzip
x-pinterest-rid-128bit: 177e8f7743b917f7ae976c2e3d7d4cb0
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=600
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-cdn: akamai
access-control-allow-credentials: true
referrer-policy: origin
pin-unauth: dWlkPU5XSTBPVGcwTkRBdFpqazBNaTAwWXpCbUxXRXlNVFF0TkdFellqUTVZekE0TURrMQ
pinterest-version: 4c367255c34ed9223ef8c37450ea65abc9db1e3c
access-control-allow-origin: https://go.paycor.com
content-length: 186
akamai-grn: 0.6f24c317.1729696318.126a96d4
x-pinterest-rid: 1258064302993868

POST
H2 200 80c01962f03a2508878ddeedfe0fea7e62245f5dd79fd8724596c04515aaf847 Show response
capig.paycor.com/events/ 0
315 B 152ms
43ms XHR
text/plain 2600:1f16:19a4:102:edbb:8c6b:d27b:1918
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capig.paycor.com/events/80c01962f03a2508878ddeedfe0fea7e62245f5dd79fd8724596c04515aaf847
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/1658281131098209?v=2.9.173&r=stable&domain=go.paycor.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f16:19a4:102:edbb:8c6b:d27b:1918 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://go.paycor.com/

Response headers

access-control-allow-origin: https://go.paycor.com
content-length: 0
date: Wed, 23 Oct 2024 15:11:58 GMT
vary: origin
access-control-allow-credentials: true

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 123ms
26ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1658281131098209&ev=PageView&dl=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&rl=&if=false&ts=1729696318835&sw=1600&sh=1200&v=2.9.173&r=stable&ec=0&o=4126&fbp=fb.1.1729696318832.241742857275661676&eid=ob3_plugin-set_aa2cb1c90414c07115e26cccf62bbbf246d2444c91b5c73c467c375599164a82&ler=empty&cdl=API_unavailable&it=1729696318363&coo=false&exp=h2&rqm=GET

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=29, rtx=0, c=10, mss=1297, tbw=2958, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 197ms
101ms Image
image/png 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1658281131098209&ev=PageView&dl=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&rl=&if=false&ts=1729696318835&sw=1600&sh=1200&v=2.9.173&r=stable&ec=0&o=4126&fbp=fb.1.1729696318832.241742857275661676&eid=ob3_plugin-set_aa2cb1c90414c07115e26cccf62bbbf246d2444c91b5c73c467c375599164a82&ler=empty&cdl=API_unavailable&it=1729696318363&coo=false&exp=h2&rqm=FGET

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7428989119942868999"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 15:11:59 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: qIJx1rCmpuVZe4zg6O9iT1izOrouTHtHzcBNUORCqxxlS71YL6xAQ9vQ+3zS8AFHu70xGpVppUNnOWwG6lc5Lw==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7428989119942868999", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=14, mss=1297, tbw=3276, tp=-1, tpl=-1, uplat=74, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 sync
s.company-target.com/s/ Frame 414C 0
0 111ms
39ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.company-target.com/s/sync?exc=lr

Requested by

Host: tag.demandbase.com
URL: https://tag.demandbase.com/f7a1179d3d74b407.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

22.71.96.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://go.paycor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
content-type: text/html; charset=UTF-8
date: Wed, 23 Oct 2024 15:11:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google

GET
H/1.1

200
OK

log
segments.company-target.com/
Redirect Chain

https://id.rlcdn.com/464526.gif
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCL6k5LgGEgUI6AcQAEIASgA
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297vpLH7fAvvzfS5Cr1e-YANgfYrIH2vQAv9YU61mC5K9o

26 B
349 B

101ms
33ms

Image
image/gif

13.226.94.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297vpLH7fAvvzfS5Cr1e-YANgfYrIH2vQAv9YU61mC5K9o
Requested by: Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html
Protocol: HTTP/1.1
Server: 13.226.94.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-94-12.jfk52.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

Connection: keep-alive
Via: 1.1 d2a8ed791444e9690ab7038aa7bd8766.cloudfront.net (CloudFront)
X-Cache: Miss from cloudfront
Content-Length: 26
X-Amz-Cf-Id: z_ASOWBM_BS4qfaQJbTwIQfdA1XnhUvyC15_JzjbGF7gfiu_i6HGBQ==
Date: Wed, 23 Oct 2024 15:11:59 GMT
Content-Type: image/gif
X-Amz-Cf-Pop: JFK52-P10

Redirect headers

cache-control: no-cache, no-store
timing-allow-origin: *
location: https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297vpLH7fAvvzfS5Cr1e-YANgfYrIH2vQAv9YU61mC5K9o
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 0
date: Wed, 23 Oct 2024 15:11:59 GMT

POST
H2 200 ip.json Show response
api.company-target.com/api/v3/ 465 B
1015 B 194ms
112ms XHR
application/json 13.226.34.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.company-target.com/api/v3/ip.json?referrer=&page=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&page_title=Meet%20with%20Paycor%20Today

Requested by

Host: tag.demandbase.com
URL: https://tag.demandbase.com/f7a1179d3d74b407.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.34.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-34-111.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

ee98439c11ee9f2eaece7971d414049ec4089f484c21bef2c3145533592098ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://go.paycor.com/

Response headers

access-control-max-age: 7200
access-control-expose-headers: x-amz-cf-id
content-encoding: gzip
identification-source: CENTRAL
access-control-allow-methods: GET, POST, OPTIONS
request-id: 3fa8ccc9-696c-4c11-836e-f65a025c1463
expires: Tue, 22 Oct 2024 15:11:59 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: eIjgJmNZzF1Q5lizt3qQ0j3cHh8J5QCrBQs7R0iIbFddyk2heErECw==
date: Wed, 23 Oct 2024 15:11:59 GMT
content-type: application/json;charset=utf-8
vary: Accept-Encoding, Origin
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
api-version: v3
access-control-allow-credentials: true
via: 1.1 45a2ed7d71b913b3658a34b14cb3cc86.cloudfront.net (CloudFront)
access-control-allow-origin: https://go.paycor.com
x-amz-cf-pop: EWR53-C2
server: nginx

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 36ms
36ms Stylesheet
text/css 52.45.216.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.216.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-216-149.compute-1.amazonaws.com
Software: /
Resource Hash: 629dea3fc8ca3364508e787cddbe7e6a1e0e72071d9ba2ba4539a2c60c8f1dea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

access-control-allow-origin: *
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
2 KB 111ms
40ms Fetch
image/jpeg 52.45.216.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.216.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-216-149.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

access-control-allow-origin: *
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: image/jpeg

GET
H2 200 tag-live.js Show response
solutions.invocacdn.com/js/networks/1803/2188110568/ 6 KB
2 KB 34ms
33ms Script
text/javascript 3.168.122.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/networks/1803/2188110568/tag-live.js
Requested by: Host: solutions.invocacdn.com
URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.168.122.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-168-122-30.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 181ce4e83b335254aef5dca885e5e5df6db31d0c2cd52ffa643c5e0ddfecd13b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

content-encoding: br
x-amz-version-id: mtnNeGvzmfvp8nF..iegunSvEeFcT.4L
etag: W/"fe7115d3a39530ebe111d8d5e758c80c"
age: 230
x-cache: Hit from cloudfront
x-amz-cf-id: Oho9NdVe0hwhFL0cYFzpV4DYWYXgANWXJvlFiyzM0R7zYxXLdcX6JA==
date: Wed, 23 Oct 2024 15:08:09 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Mon, 16 Sep 2024 17:28:24 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=300
via: 1.1 16ef2ce41ee63b7d045e809201991b04.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET ping
okt.to/ 0
0

GET
H2 200 ct Show response
obs.cheqzone.com/ 3 KB
2 KB 160ms
66ms Script
text/javascript 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cheqzone.com/ct?id=3226&url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1729696318936&hl=2&op=0&ag=4155436659&rand=0492072107792771210008009925625284719038527618837156076276008400780167581676510900902&fs=1600x1200&fst=1600x1200&np=linux%20x86_64&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDEzMDldLFsiYWJuY2giLDI0XSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W119Il0sWy0yMywiKyJdLFstMzAsIltcInZcIiwwXSJdLFstMzMsIi0iXSxbLTUwLCItIl0sWy01MiwiLSJdLFstNzEsImEwMTEwMDEwMTAwMTAwMTAxMDAwMTAxMDAxMTExMTAxMDAwMDEwIl0sWy01LCItIl0sWy0yNywiWzUwLDEwLDAsXCI0Z1wiLG51bGxdIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTMyLCIyIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAxMDExMDEwMDAwMDEwIl0sWy02MywiLSJdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjYsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjoxOTMwODIwMjc5LFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCJdIl0sWy0yMCwiODcyMTk3OTAzLjE3Mjk2OTYzMTgiXSxbLTQ1LCI2MjAsNjc3LDAsMCwwLDU2MiwwLDAsNjQ4LDAsMCwwLDAsMCwwLDAsMCwwLDAsNjg0LDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy01MywiMTAwIl0sWy01OSwiZGVmYXVsdCJdLFstNjQsIlswLFwiXCIsW11dIl0sWy02NiwiZ2VvbG9jYXRpb24sY2h1YWZ1bGx2ZXJzaW9ubGlzdCxjcm9zc29yaWdpbmlzb2xhdGVkLHNjcmVlbndha2Vsb2NrLHB1YmxpY2tleWNyZWRlbnRpYWxzZ2V0LHNoYXJlZHN0b3JhZ2VzZWxlY3R1cmwsY2h1YWFyY2gsY29tcHV0ZXByZXNzdXJlLGNocHJlZmVyc3JlZHVjZWR0cmFuc3BhcmVuY3ksdXNiLGNoc2F2ZWRhdGEscHVibGlja2V5Y3JlZGVudGlhbHNjcmVhdGUsc2hhcmVkc3RvcmFnZSxydW5hZGF1Y3Rpb24sY2h1YWZvcm1mYWN0b3JzLGNoZG93bmxpbmssb3RwY3JlZGVudGlhbHMscGF5bWVudCxjaHVhLGNodWFtb2RlbCxjaGVjdCxhdXRvcGxheSxjYW1lcmEscHJpdmF0ZXN0YXRldG9rZW5pc3N1YW5jZSxhY2NlbGVyb21ldGVyLGNodWFwbGF0Zm9ybXZlcnNpb24saWRsZWRldGVjdGlvbixwcml2YXRlYWdncmVnYXRpb24saW50ZXJlc3Rjb2hvcnQsY2h2aWV3cG9ydGhlaWdodCxsb2NhbGZvbnRzLGNodWFwbGF0Zm9ybSxtaWRpLGNodWFmdWxsdmVyc2lvbix4cnNwYXRpYWx0cmFja2luZyxjbGlwYm9hcmRyZWFkLGdhbWVwYWQsZGlzcGxheWNhcHR1cmUsa2V5Ym9hcmRtYXAsam9pbmFkaW50ZXJlc3Rncm91cCxjaHdpZHRoLGNocHJlZmVyc3JlZHVjZWRtb3Rpb24sYnJvd3Npbmd0b3BpY3MsZW5jcnlwdGVkbWVkaWEsZ3lyb3Njb3BlLHNlcmlhbCxjaHJ0dCxjaHVhbW9iaWxlLHdpbmRvd21hbmFnZW1lbnQsdW5sb2FkLGNoZHByLGNocHJlZmVyc2NvbG9yc2NoZW1lLGNodWF3b3c2NCxhdHRyaWJ1dGlvbnJlcG9ydGluZyxmdWxsc2NyZWVuLGlkZW50aXR5Y3JlZGVudGlhbHNnZXQscHJpdmF0ZXN0YXRldG9rZW5yZWRlbXB0aW9uLGhpZCxjaHVhYml0bmVzcyxzdG9yYWdlYWNjZXNzLHN5bmN4aHIsY2hkZXZpY2VtZW1vcnksY2h2aWV3cG9ydHdpZHRoLHBpY3R1cmVpbnBpY3R1cmUsbWFnbmV0b21ldGVyLGNsaXBib2FyZHdyaXRlLG1pY3JvcGhvbmUiXSxbLTQsIi0iXSxbLTE0LCItIl0sWy0yMSwiLSJdLFstMzcsIi0xNDQtNjYtMTgwLSJdLFstNTUsIjEiXSxbLTEsIi0iXSxbLTIsIjksZUFIV1gxL2YzcXpDdmJrdXltUXdnbElhRjNwSXNnSUlqU1ErOGlLZ3FJMG9zSUFpcEZFRVFSSWtVZ2RFUVFwVW9KU0F0Q0FxU0g5R3l5N1pXWitlci9kK2U5MmJ3c0NTRC8xZSJdLFstMTUsIi0iXSxbLTQwLCIzMyJdLFstNywiLSJdLFstMTMsIi0iXSxbLTI2LCJ7XCJ0amhzXCI6MjIzMjU4MDYsXCJ1amhzXCI6MTcyNTk0MDYsXCJqaHNsXCI6NDI5NDcwNTE1Mn0iXSxbLTM1LCJbMTcyOTY5NjMxODc0NSw3XSJdLFstNDYsIjAiXSxbLTUxLCItIl0sWy02MCwxOTJdLFstNjUsIi0iXSxbLTE3LCIxNiJdLFstMzQsIi0iXSxbLTQxLCItIl0sWy00OCwiMCwwIl0sWy01OCwiLSJdLFstNjEsIntcIndnc2xcIjpcIjQ7cGFja2VkXzR4OF9pbnRlZ2VyX2RvdF9wcm9kdWN0O3VucmVzdHJpY3RlZF9wb2ludGVyX3BhcmFtZXRlcnM7cG9pbnRlcl9jb21wb3NpdGVfYWNjZXNzO3JlYWRvbmx5X2FuZF9yZWFkd3JpdGVfc3RvcmFnZV90ZXh0dXJlcztcIixcInBjZlwiOlwiYmdyYTh1bm9ybVwifSJdLFstNjgsIi0iXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTI5LCItIl0sWy00OSwiLSJdLFstNjIsIjgwIl0sWy02LCItIl0sWy0xOSwiWzQ5MCw0OTAsNDkwLDQ5MCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTI4NSwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIiwxNjAwLDEyMDBdIl0sWy0yNCwiW10iXSxbLTI1LCItIl0sWy0zMSwiZmFsc2UiXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJdLFstMzksIltcIjIwMDMwMTA3XCIsMixcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCw1LHRydWUsdHJ1ZSxudWxsLDAsdHJ1ZSx0cnVlXSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTQ3LCJBbWVyaWNhL1ZhbmNvdXZlcixlbi1HQixsYXRuLGdyZWdvcnkiXSxbLTU3LCJXRTBaVjF4T2NWaFhYVlZjU3hjRldsWlVTVXhOWEYwSEdXSllTaGxZU1VsVlFHUVpFVnhQV0ZVWldFMFpCVmhYVmxkQVZGWk1TZ2NaRVFNT0F3Z01DUW9KQVJBVkdRVllWMVpYUUZSV1RFb0hBd2dCQXdvSkVCVllUUmw0UzB0WVFCZEtYQmtSVVUxTlNVb0RGaFpXV3hkYVVWeElRMVpYWEJkYVZsUVdXbFZRV2xKTlMweGNabEJYVDFaYVdFMVFWbGNYVTBvR1VGMEVDZ3NMRHdNSUF3OEJDUUVKRUJWWVRSbExHUkZSVFUxSlNnTVdGbFpiRjFwUlhFaERWbGRjRjFwV1ZCWmFWVkJhVWsxTFRGeG1VRmRQVmxwWVRWQldWeGRUU2daUVhRUUtDd3NQQXdnRERnc09EUWtRIl0sWy03MCwiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTM4LCJpLC0xLC0xLDEsMCwxLDAsMzksNTEsNzIsLTEsMCwzNjksMzY5LDEzODcsMTM4NyJdLFstNDQsIjAsMCwwLDUiXSxbLTU0LCJ7XCJoXCI6W1wiXzNcIixcIjI4NzI4OTkzMjBcIl0sXCJkXCI6W10sXCJiXCI6W1wiXzFcIixcIjUwMzk1MTk3MVwiLFwiXzBcIixcIjI3NzE1NzEwMlwiXSxcInNcIjoxfSJdLFstNTYsImxhbmRzY2FwZS1wcmltYXJ5Il0sWy02NywiMjUzMjMxMjg4ODozNiJdLFstNjksIkxpbnV4IHg4Nl82NHxHb29nbGUgSW5jLnw4fDE2fHwwIl0sWyJibmNoIiw0NTNdLFstMTIsIm51bGwiXSxbLTE2LCIwIl0sWyJkZGIiLCIwLDksMSwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMSwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMSwxLDAsMCwwLDAsMSwxLDMsMjIsMCw0LDAsMCwyLDAsMCwwLDAsMCwwLDAsMCwwLDM0LDEsMCwwLDAsMCwwLDM2LDAsMCwxLDAiXSxbImNiIiwiMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsOCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCw1LDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDEsMCwwLDAsMCwwLDEsMCwwLDgsMCwwLDAsMCwwLDAsMCwxLDAsMCJdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=hX1Qi4Am4L&pto=1436&ver=62&gac=872197903.1729696318&mei=&ap=&fe=-&duid=&suid=&tuid=&fbc=1.1729696318832.241742857275661676&gtm=W10%3D&it=101%2C689%2C154&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=-&io=
Requested by: Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/clicktrue_invocation.js?id=3226
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: c10cf21ab41255228edf51a322d3e7ab9c174cf15bd8283cfb5f8580d70dd349

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: https://go.paycor.com
content-encoding: gzip
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-length: 1282
date: Wed, 23 Oct 2024 15:11:59 GMT
content-type: text/javascript

GET
H/1.1 200
OK is Show response
52.71.121.170/ 32 B
437 B 129ms
34ms Fetch
text/plain 52.71.121.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://52.71.121.170/is
Requested by: Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=32852&tdr=&plh=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&cb=4158082954269271term=value
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.71.121.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-121-170.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 1927f317060524a0622e029842ab53fad815b5d108d038db004711ed2973ca27

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

x-envoy-upstream-service-time: 1
connection: close
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
x-application-context: application:prod:8080
content-length: 32
date: Wed, 23 Oct 2024 15:11:59 GMT
content-type: text/plain;charset=utf-8
server: istio-envoy
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header

GET
H2 200 / Show response
ct.pinterest.com/v3/ 35 B
540 B 112ms
109ms Fetch
image/gif 23.56.163.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/v3/?tid=2613639982760&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2297c41ef3%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1729696318962

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.56.163.34 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-163-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

x-pinterest-rid-128bit: 13e83575dab07e2b14590c6ecac783ee
expires: Sat, 01 Jan 2000 00:00:00 GMT
date: Wed, 23 Oct 2024 15:11:59 GMT
content-type: image/gif
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-cdn: akamai
access-control-allow-credentials: true
referrer-policy: origin
pinterest-version: 4c367255c34ed9223ef8c37450ea65abc9db1e3c
access-control-allow-origin: https://go.paycor.com
content-length: 35
akamai-grn: 0.6f24c317.1729696319.126a9984
x-pinterest-rid: 1466216823673816

GET
H2 200 5511164.js Show response
bat.bing.com/p/action/ 370 B
424 B 50ms
49ms Script
application/javascript 2620:1ec:33:2::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5511164.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:2::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fce461e0fefe1d6d687b3eab8304d3affaf23fb674b18bfb5242ccfc544e1bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 215AAF9DB0B14AE881FF577D0B27039D Ref B: BL2AA2010203025 Ref C: 2024-10-23T15:11:58Z
x-cache: CONFIG_NOCACHE
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

POST
H2 200 ingest Show response
pixels.spotify.com/v1/ 52 B
271 B 53ms
50ms Fetch
application/json 2600:1901:1:7c5::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pixels.spotify.com/v1/ingest

Requested by

Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:7c5:: , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

envoy /

Resource Hash

0dc7cfc7ba1b59a31f1e5e6540f7f6ef0abe5e6b24bab356ec510f28b9847ff2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.paycor.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000
grpc-status: 0
content-encoding: gzip
x-envoy-upstream-service-time: 1
x-content-type-options: nosniff
via: HTTP/2 edgeproxy, 1.1 google
grpc-accept-encoding: gzip,x-snappy-framed
access-control-allow-origin: https://go.paycor.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: application/json
vary: Accept-Encoding
grpc-encoding: identity
server: envoy

OPTIONS
H2 200 ingest
pixels.spotify.com/v1/ Frame 0
0 106ms
47ms Preflight 2600:1901:1:7c5::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.spotify.com/v1/ingest
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:1:7c5:: , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://go.paycor.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-origin: https://go.paycor.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 23 Oct 2024 15:11:58 GMT
server: envoy
vary: Accept-Encoding
via: HTTP/2 edgeproxy, 1.1 google

POST
H2 200 events Show response
link.technologyadvice.com/wt/v2/ 53 B
457 B 148ms
108ms Fetch
application/json 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://link.technologyadvice.com/wt/v2/events
Requested by: Host: visitor.technologyadvice.com
URL: https://visitor.technologyadvice.com/taq.js?t=1729728000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: a5f1e29cc96cab38624682668015340219bd25cdb6cfa75af776bbb6edac220e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://go.paycor.com/

Response headers

cache-control: no-cache, private
referer: https://go.paycor.com/
x-timer: S1729696319.211631,VS0,VE91
access-control-allow-credentials: true
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://go.paycor.com
x-cache: MISS, MISS, MISS
date: Wed, 23 Oct 2024 15:11:59 GMT
content-type: application/json
x-served-by: cache-iad-kjyo7100119-IAD, cache-chi-kigq8000074-CHI, cache-yul1970077-YUL
server: envoy
x-cache-hits: 0, 0, 0
vary: Origin

POST
H2 200 assign
tracking.g2crowd.com/attribution_tracking/conversions/ 0
0 62ms
60ms Ping
text/html 2606:4700::6812:1eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.g2crowd.com/attribution_tracking/conversions/assign
Requested by: Host: tracking.g2crowd.com
URL: https://tracking.g2crowd.com/attribution_tracking/conversions/1290.js?p=https://go.paycor.com/nfl-ticket-sweepstakes.html&e=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary4eZupgBAZtlBpqmD
Referer: https://go.paycor.com/

Response headers

OPTIONS
H2 204 events
link.technologyadvice.com/wt/v2/ Frame 0
0 182ms
131ms Preflight 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://link.technologyadvice.com/wt/v2/events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://go.paycor.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST,OPTIONS
access-control-allow-origin: https://go.paycor.com
access-control-max-age: 86400
date: Wed, 23 Oct 2024 15:11:59 GMT
vary: Origin
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: cache-iad-kjyo7100110-IAD, cache-chi-kigq8000126-CHI, cache-yul1970040-YUL
x-timer: S1729696319.040279,VS0,VE114

GET
H2 200 ipv
cdn.bizible.com/ 43 B
328 B 28ms
24ms Image
image/gif 152.199.2.76
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizible.com/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=8f76337e4b614f629cc8a6d03917f372&_biz_l=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&_biz_t=1729696319003&_biz_i=Meet%20with%20Paycor%20Today&_biz_n=0&rnd=772429&cdn_o=a&_biz_z=1729696319005

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.2.76 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyd/D164) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

strict-transport-security: max-age=31536000; includeSub
cache-control: no-cache, no-store
pragma: no-cache
age: 410195
expires: -1
accept-ranges: bytes
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-length: 43
date: Wed, 23 Oct 2024 15:11:59 GMT
content-type: Image/GIF
last-modified: Fri, 18 Oct 2024 21:15:24 GMT
server: ECS (nyd/D164)

GET
H2 200 u
cdn.bizibly.com/ 43 B
168 B 35ms
29ms Image
image/gif 152.199.2.76
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizibly.com/u?_biz_u=8f76337e4b614f629cc8a6d03917f372&_biz_l=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&_biz_t=1729696319008&_biz_i=Meet%20with%20Paycor%20Today&rnd=442429&cdn_o=a&_biz_z=1729696319008

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.2.76 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyd/D12D) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

strict-transport-security: max-age=31536000; includeSub
cache-control: no-cache, no-store
pragma: no-cache
age: 410195
expires: -1
accept-ranges: bytes
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-length: 43
date: Wed, 23 Oct 2024 15:11:59 GMT
content-type: Image/GIF
last-modified: Fri, 18 Oct 2024 21:15:24 GMT
server: ECS (nyd/D12D)

GET
H3 200 /
www.google.com/pagead/1p-user-list/977439273/ 42 B
64 B 109ms
47ms Image
image/gif 142.250.64.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/977439273/?random=1729696318615&cv=11&fst=1729695600000&bg=ffffff&guid=ON&async=1&gtm=45be4al0h2z872782260za201zb72782260&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&hn=www.googleadservices.com&frm=0&tiba=Meet%20with%20Paycor%20Today&npa=0&pscdl=noapi&auid=1449276670.1729696318&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfDTFowhUcY1AFthVZg61bc9srgg8VXYG3ppfZMT2WV0_9OTZD&random=2211633978&rmt_tld=0&ipr=y

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.68 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 23 Oct 2024 15:11:59 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.ca/pagead/1p-user-list/977439273/ 42 B
64 B 54ms
53ms Image
image/gif 142.250.64.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/977439273/?random=1729696318615&cv=11&fst=1729695600000&bg=ffffff&guid=ON&async=1&gtm=45be4al0h2z872782260za201zb72782260&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&hn=www.googleadservices.com&frm=0&tiba=Meet%20with%20Paycor%20Today&npa=0&pscdl=noapi&auid=1449276670.1729696318&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfDTFowhUcY1AFthVZg61bc9srgg8VXYG3ppfZMT2WV0_9OTZD&random=2211633978&rmt_tld=1&ipr=y

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 23 Oct 2024 15:11:59 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2

200

pixel;r=1610650688;source=gtm;event=refresh;labels=_fp.event.Default;rf=0;a=p-c3PEYhkDwHV7g;url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html;ns=0;ce=1;qjs=1;qv=fd657345-20240925114642;...
pixel-ssn.quantserve.com/
Redirect Chain

https://pixel.quantserve.com/pixel;r=1610650688;source=gtm;event=refresh;labels=_fp.event.Default;rf=0;a=p-c3PEYhkDwHV7g;url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html;ns=0;ce=1;qjs=...
https://pixel-ssn.quantserve.com/pixel;r=1610650688;source=gtm;event=refresh;labels=_fp.event.Default;rf=0;a=p-c3PEYhkDwHV7g;url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html;ns=0;ce=1;...

35 B
356 B

128ms
35ms

Image
image/gif

192.184.68.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel-ssn.quantserve.com/pixel;r=1610650688;source=gtm;event=refresh;labels=_fp.event.Default;rf=0;a=p-c3PEYhkDwHV7g;url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html;ns=0;ce=1;qjs=1;qv=fd657345-20240925114642;ref=;d=paycor.com;dst=1;et=1729696319015;tzo=420;ogl=;ses=22523007-fd4f-4610-a90d-145401d39f93;uht=2;fpan=1;fpa=P0-234378685-1729696318677;pbc=;cm=undefined;gdpr=0;mdl=;dip=96272948-1aa5-46cc-a21d-34d53159c31a

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Server

192.184.68.254 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

strict-transport-security: max-age=86400
cache-control: private, no-cache, no-store, proxy-revalidate
pragma: no-cache
expires: Fri, 04 Aug 1978 12:00:00 GMT
content-length: 35
date: Wed, 23 Oct 2024 15:11:59 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[{"label":["XIs9cXuHhiR3L4rY6hRZdQ=="],"pcode":["p-c3PEYhkDwHV7g"]}],"trigger_data":"1"}]}
content-type: image/gif

Redirect headers

strict-transport-security: max-age=86400
cache-control: private, no-cache, no-store, proxy-revalidate
location: https://pixel-ssn.quantserve.com/pixel;r=1610650688;source=gtm;event=refresh;labels=_fp.event.Default;rf=0;a=p-c3PEYhkDwHV7g;url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html;ns=0;ce=1;qjs=1;qv=fd657345-20240925114642;ref=;d=paycor.com;dst=1;et=1729696319015;tzo=420;ogl=;ses=22523007-fd4f-4610-a90d-145401d39f93;uht=2;fpan=1;fpa=P0-234378685-1729696318677;pbc=;cm=undefined;gdpr=0;mdl=;dip=96272948-1aa5-46cc-a21d-34d53159c31a
pragma: no-cache
expires: Fri, 04 Aug 1978 12:00:00 GMT
content-length: 35
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
date: Wed, 23 Oct 2024 15:11:59 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[{"label":["XIs9cXuHhiR3L4rY6hRZdQ=="],"pcode":["p-c3PEYhkDwHV7g"]}],"trigger_data":"1"}]}
content-type: image/gif

GET
H3 200 go.paycor.com.json Show response
script.crazyegg.com/pages/data-scripts/0063/4307/sampling/ Frame 9345 46 B
272 B 86ms
86ms XHR
application/json 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0063/4307/sampling/go.paycor.com.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/2780555e46c3031ae97407e9c52b4705.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29d6b32f545f36a29ab83a4be5f92d4ebfb43a6dcc6457f7681a8478e5e8ea6c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers: CE-Version
content-encoding: gzip
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 15:11:59 GMT
content-type: application/json
last-modified: Wed, 23 Oct 2024 15:10:15 GMT
vary: Accept-Encoding
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 8d72a9aa2e96aba5-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 65
ce-version: 11.5.299
server: cloudflare

GET
H/1.1 200
OK na.jsonp Show response
pnapi.invoca.net/1803/ 98 B
276 B 173ms
59ms Script
text/plain 50.17.167.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pnapi.invoca.net/1803/na.jsonp?network_id=1803&js_version=4.34.0&tag_id=1803%2F2188110568&request_data_shared_params=%7B%22calling_page%22%3A%22https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html%22%2C%22journey%22%3A%22%2Fnfl-ticket-sweepstakes.html%22%2C%22landing_page%22%3A%22https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html%22%2C%22ga_measurement_id%22%3A%22G-RL28C8SB39%22%2C%22ga_session_id%22%3A%221729696318%22%2C%22g_cid%22%3A%22872197903.1729696318%22%2C%22utm_medium%22%3A%22direct%22%2C%22utm_source%22%3A%22direct%22%2C%22gcm_uid%22%3Anull%2C%22invoca_id%22%3A%22i-2fe5a88b-e019-4642-c8d4-e82366ba1931%22%7D&client_messages=%7B%7D&client_info=%7B%22url%22%3A%22https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html%22%2C%22referrer%22%3A%22%22%2C%22cores%22%3A16%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22screenWidth%22%3A1600%2C%22screenHeight%22%3A1200%2C%22language%22%3A%22en-CA%22%7D&jsoncallback=json_rr1&
Requested by: Host: solutions.invocacdn.com
URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.167.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-167-46.compute-1.amazonaws.com
Software: Goliath /
Resource Hash: 7671fefe5aa8416b578619d1b005f62f4cd89fe194e9db864b6439d96b52355f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 98
Date: Wed, 23 Oct 2024 15:11:59 GMT
Server: Goliath
processing_time: 15.13167ms

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
195 B 109ms
107ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.paycor.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 54EC562ABC554A2FBAC30C09CFDAE311 Ref B: YMQ01EDGE0416 Ref C: 2024-10-23T15:11:59Z
x-li-fabric: prod-lor1
access-control-allow-credentials: true
x-li-uuid: AAYlJk6rxQBg4jS/eEVnVw==
x-li-proto: http/2
access-control-allow-origin: https://go.paycor.com
x-cache: CONFIG_NOCACHE
date: Wed, 23 Oct 2024 15:11:58 GMT
vary: Origin

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 116 B
327 B 53ms
51ms Script
text/javascript 152.199.2.76
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/xdc.js?_biz_u=8f76337e4b614f629cc8a6d03917f372&_biz_h=-1906410348&cdn_o=a&jsVer=4.24.10.17

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.2.76 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyd/D132) /

Resource Hash

0a9f74959f38176c483816a78c3b4b4c54112f4a42ed493aaf8e72c0db398406

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

strict-transport-security: max-age=31536000; includeSub
cache-control: private, must-revalidate, max-age=21600
content-encoding: gzip
etag: C39AD453
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-length: 220
date: Wed, 23 Oct 2024 15:11:59 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: ECS (nyd/D132)

GET
H2 200 bg9s Show response
tag-logger.demandbase.com/ 0
416 B 117ms
51ms XHR
text/html 2600:9000:2511:5400:1d:8d6d:3b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=eIjgJmNZzF1Q5lizt3qQ0j3cHh8J5QCrBQs7R0iIbFddyk2heErECw==&api-version=v3
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:5400:1d:8d6d:3b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

x-amz-version-id: 8SdDCdpJvGjkSiMFPv08XcVSgwOMVVmH
etag: "d41d8cd98f00b204e9800998ecf8427e"
age: 52759
x-cache: Hit from cloudfront
x-amz-cf-id: GzIS8Cy40BFCpoxYhsFTQ4ZFl9xTgp2HqJsOG2xaItfHkBnQh1WvDA==
date: Wed, 23 Oct 2024 00:32:40 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Tue, 07 Mar 2023 20:47:02 GMT
via: 1.1 c38cfac20df9757e670e782ca61768aa.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-amz-cf-pop: JFK50-P6
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 204 0
bat.bing.com/action/ 0
361 B 43ms
41ms Image
text/plain 2620:1ec:33:2::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5511164&tm=gtm002&Ver=2&mid=30209844-8c88-4ca1-b8de-e3972d67af1d&bo=1&sid=2631cee0915111efaa177f56bfebe49a&vid=26321180915111efa59a23552e51da4a&vids=1&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=Meet%20with%20Paycor%20Today&p=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&r=&lt=578&evt=pageLoad&sv=1&cdb=AQAQ&rn=349051

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:2::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 729F5A332D864EF897C2825A57FD94F7 Ref B: BL2AA2010203025 Ref C: 2024-10-23T15:11:59Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Wed, 23 Oct 2024 15:11:58 GMT

GET
H2 200 u
cdn.bizible.com/ 43 B
86 B 29ms
28ms Image
image/gif 152.199.2.76
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizible.com/u?mapType=mkto&mapValue=id%3A003-JWW-697%26token%3A_mch-paycor.com-1729696318280-94005&_biz_u=8f76337e4b614f629cc8a6d03917f372&_biz_l=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&_biz_t=1729696319009&_biz_i=Meet%20with%20Paycor%20Today&_biz_n=1&rnd=944525&cdn_o=a&_biz_z=1729696319118

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.2.76 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyd/D12D) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

strict-transport-security: max-age=31536000; includeSub
cache-control: no-cache, no-store
pragma: no-cache
age: 410195
expires: -1
accept-ranges: bytes
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-length: 43
date: Wed, 23 Oct 2024 15:11:59 GMT
content-type: Image/GIF
last-modified: Fri, 18 Oct 2024 21:15:24 GMT
server: ECS (nyd/D12D)

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 283 KB
97 KB 72ms
72ms Script
application/javascript 142.250.81.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-944830538&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PZ558V

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.232 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

53c42422910dbb0335b749c57e38c52af2db78db162fe4b893e45d8d9151f73e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 23 Oct 2024 15:11:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 15:11:59 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 99561
x-xss-protection: 0
server: Google Tag Manager

POST
H2 200 80c01962f03a2508878ddeedfe0fea7e62245f5dd79fd8724596c04515aaf847 Show response
capig.paycor.com/events/ 0
314 B 48ms
43ms XHR
text/plain 2600:1f16:19a4:102:edbb:8c6b:d27b:1918
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capig.paycor.com/events/80c01962f03a2508878ddeedfe0fea7e62245f5dd79fd8724596c04515aaf847
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f16:19a4:102:edbb:8c6b:d27b:1918 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://go.paycor.com/

Response headers

access-control-allow-origin: https://go.paycor.com
content-length: 0
date: Wed, 23 Oct 2024 15:11:59 GMT
vary: origin
access-control-allow-credentials: true

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 30ms
24ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1658281131098209&ev=CHEQ&dl=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&rl=&if=false&ts=1729696319125&sw=1600&sh=1200&v=2.9.173&r=stable&ec=1&o=4126&fbp=fb.1.1729696318832.241742857275661676&eid=ob3_plugin-set_26c4997092118690534a717d3f2ecec5f5f9dd27e97ef30ad553f09373838ee7&ler=empty&cdl=API_unavailable&it=1729696318363&coo=false&exp=h2&rqm=GET

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=31, rtx=0, c=14, mss=1297, tbw=6599, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 23 Oct 2024 15:11:59 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
846 B 52ms
48ms Image
image/png 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1658281131098209&ev=CHEQ&dl=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&rl=&if=false&ts=1729696319125&sw=1600&sh=1200&v=2.9.173&r=stable&ec=1&o=4126&fbp=fb.1.1729696318832.241742857275661676&eid=ob3_plugin-set_26c4997092118690534a717d3f2ecec5f5f9dd27e97ef30ad553f09373838ee7&ler=empty&cdl=API_unavailable&it=1729696318363&coo=false&exp=h2&rqm=FGET

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7428989122737798711"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 15:11:59 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 89v3jtTkvOcOR95cPRh4TpLnJ9u7xVTaPKs3Fyid7VqHjzxzv6nEcPmv2Bd+fmqeodVxyQ1GKPN7PQ2VJMq2aQ==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7428989122737798711", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=14, mss=1297, tbw=6745, tp=-1, tpl=-1, uplat=24, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 204 0
bat.bing.com/action/ 0
238 B 43ms
40ms Image
text/plain 2620:1ec:33:2::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5511164&tm=gtm002&Ver=2&mid=30209844-8c88-4ca1-b8de-e3972d67af1d&bo=2&sid=2631cee0915111efaa177f56bfebe49a&vid=26321180915111efa59a23552e51da4a&vids=0&msclkid=N&ec=CHEQ&el=Invalid_Users&ev=0&ea=Invalid_Users&en=Y&p=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&sw=1600&sh=1200&sc=24&evt=custom&cdb=AQAQ&rn=583920

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:2::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 06BA842B8DF34539BA33C15384041B19 Ref B: BL2AA2010203025 Ref C: 2024-10-23T15:11:59Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Wed, 23 Oct 2024 15:11:58 GMT

GET
H3

200

/
www.google.ca/pagead/1p-conversion/944830538/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/944830538/?label=2-KlCJmi_9MZEMrww8ID&guid=ON&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944830538/?label=2-KlCJmi_9MZEMrww8ID&guid=ON&script=0&ct_cookie_present=false&random=1413875483&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisW...
https://www.google.com/pagead/1p-conversion/944830538/?label=2-KlCJmi_9MZEMrww8ID&guid=ON&script=0&ct_cookie_present=false&random=1413875483&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIx...
https://www.google.ca/pagead/1p-conversion/944830538/?label=2-KlCJmi_9MZEMrww8ID&guid=ON&script=0&ct_cookie_present=false&random=1413875483&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIxJ...

42 B
64 B

65ms
65ms

Image
image/gif

142.250.64.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-conversion/944830538/?label=2-KlCJmi_9MZEMrww8ID&guid=ON&script=0&ct_cookie_present=false&random=1413875483&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIxJm09eSkiQMVcQpoCB395C-qMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2dvLnBheWNvci5jb20v&is_vtc=1&cid=CAQSKQDpaXnfhioe2RHfogKUJOk2CVKeG-AomLgOkTozdxniQUh4I2JtXPCf&random=2694079061&ipr=y

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Server

142.250.64.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 23 Oct 2024 15:11:59 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.ca/pagead/1p-conversion/944830538/?label=2-KlCJmi_9MZEMrww8ID&guid=ON&script=0&ct_cookie_present=false&random=1413875483&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIxJm09eSkiQMVcQpoCB395C-qMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2dvLnBheWNvci5jb20v&is_vtc=1&cid=CAQSKQDpaXnfhioe2RHfogKUJOk2CVKeG-AomLgOkTozdxniQUh4I2JtXPCf&random=2694079061&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 23 Oct 2024 15:11:59 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 tc_imp.gif
obs.cheqzone.com/tracker/ 43 B
79 B 40ms
37ms Image
image/gif 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.cheqzone.com/tracker/tc_imp.gif?e=37dfbd8ee84e001268e7c13cec448b949225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5d138f6b3b19501a0ca1bfea87204f86d188002b371af62e7607d13eda629300625670975a0959630c5b92e83e5d79b06da277d35bf2953bf7586aaf0d2d7011da55ec4cf99fd1d837b12807ff74c0a8556d84043143714e99d60266e76ebda395b60f1eea1cd1f32be233a7348e09d95971b1281bf9045e6c2dca423eda86e2b12fff35e500b315f7576102f9976b2c5c2f0bfe3ccd821cf3032bfb95a13a360246abfa3230d7d9074b3a33245450f8973c132545fba71c668da8f53090fe5b6c1d3cc8f7f3c5da2ea1d8dd5df5559a4a22708fbddba7fc2694dab73a9f310dd0f1cf781d12f1616ca0961067ebdeaf76860efa44b4d64dc55dd7dd21912a3f949a27c477d590b4e185fdbb5d6eb66cbca4e57e0e2afc822ac3eb00ad16195cc8030cd9cd95c3c0f58226873bc599b29a69f87f7233953421829b9f0e6990ee74eb59b4dd0d8670ac6c4f47149467ee569287af3fe0c719e45ca9cfdc9b3fdd17047afe1e4c0030096ec0a864a455d3dcc77ce5de2bbd91269adaa9ff7788a3b14d747fc8a71e48d8a3025f01e2e7ef38b63088b44ef3f279e30ffc68c00d906d83ba36d51220e6af9b61363f631d2b0c5e1eace88a6fd30aa5595c157b8be8168ac65c75aaaad5a8bd72c3eae6f580f1a9f24a4734f84598b45d6f84476713d2645f7669f07dae701ec4f9dd71c83cc52fe0a82fc4a40e9b7d132020027c1380c1e4db3c78499b184595d4c5bab0ca500482adbe7595d36e78dfdb0e2168fa93c54b27b726e8438d4ea666cf00d19656a4e62ef0d8cd8bcc5568b1a5673f9e64e2c8e9ff049632714a59887a0110e7b155e48108d8dbdf9146c7879b215a6603ef41f456fb11ebde37f46714781e646f75e0469cd56617ab65c3a4fc29cb8f10dd6679ae0d6e6cc2bd931850ed72fc92029a5a731240bc273eddec8439d95d3f86974ce28c88bd9248d95e5c3e07ad3476108e9a0c40a865b1abd327d196b052416ef329320205c91557e085fc4152e922038fc8d41a908aeddd5374eb6cf85227&cri=hX1Qi4Am4L&ts=207&cb=1729696319143
Requested by: Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
date: Wed, 23 Oct 2024 15:11:59 GMT
pragma: no-cache
content-type: image/gif

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 94 B
285 B 30ms
30ms XHR
text/plain 52.45.216.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=Qj_LCZmHF4CpXTmVPFE52w&is_js=true&landing_url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&t=Meet%20with%20Paycor%20Today&tip=Ztf7ItG7hfXH3W9hCeaKwbtT2bdee3bifQd8T23pvBA&host=https%3A%2F%2Fgo.paycor.com&sa_conv_data_css_value=%270-a2b16bcd-fd59-5f96-585f-b23182920362%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9a2b16bcdfd595f96585fb23182920362a772d167&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa-user-id-v3=s%253AAQAKIPiNVVVjf4Tl9IQr6-i1WViXVQEozW0CRQSMhmC6a0aAENYBGAQgvqTkuAYwAToEQiu0oEIEXTfHkw.E7f68wxK2Jsp%252F1mQmEyaF%252FU7OuYF%252BiicGJ90YjQEFUM&sa-user-id-v2=s%253AorFrzf1ZX5ZYX7IxgpIDYqdy0Wc.SPXDt9tHLKKGBgsRIME1P3Dp860tMQpLFWsgWKQRpmo&sa-user-id=s%253A0-a2b16bcd-fd59-5f96-585f-b23182920362.hgDOA52uEDsvLLS8wHBk1%252FnUUdvQbtnS6E0OP2Fmz54
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.216.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-216-149.compute-1.amazonaws.com
Software: /
Resource Hash: 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

access-control-allow-methods: GET
access-control-allow-origin: https://go.paycor.com
content-length: 94
date: Wed, 23 Oct 2024 15:11:59 GMT
content-type: text/plain; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 15323291.js Show response
bat.bing.com/p/action/ 370 B
394 B 41ms
41ms Script
application/javascript 2620:1ec:33:2::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/15323291.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:2::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fce461e0fefe1d6d687b3eab8304d3affaf23fb674b18bfb5242ccfc544e1bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FB131EF7147045559304DBE7105F8410 Ref B: BL2AA2010203025 Ref C: 2024-10-23T15:11:59Z
x-cache: CONFIG_NOCACHE
date: Wed, 23 Oct 2024 15:11:58 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

OPTIONS
H2 204 clock
tracking.crazyegg.com/ Frame 0
0 157ms
60ms Preflight 18.116.104.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?u=634307&st=412903&t=1729696319171&tk=8e5cdfca0495759aac2a9671d575c242
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.116.104.186 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-116-104-186.us-east-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://go.paycor.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,Access-Control-Allow-Origin,Access-Control-Allow-Methods
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public, max-age=86400
date: Wed, 23 Oct 2024 15:11:59 GMT
server: awselb/2.0
vary: Access-Control-Request-Headers, Origin, Access-Control-Request-Method

POST
H2 200 clock Show response
tracking.crazyegg.com/ Frame 9345 41 B
147 B 71ms
69ms XHR
text/plain 18.116.104.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?u=634307&st=412903&t=1729696319171&tk=8e5cdfca0495759aac2a9671d575c242
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/2780555e46c3031ae97407e9c52b4705.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.116.104.186 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-116-104-186.us-east-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: a9313ebfd90c3c362427d3fab8ae608f94556f7c9d7255871fc24a0f567b2e0b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
Referer

Response headers

cache-control: no-store
access-control-allow-origin: *
content-length: 41
date: Wed, 23 Oct 2024 15:11:59 GMT
content-type: text/plain
server: awselb/2.0

GET
H/1.1 200
OK st Show response
px.mountain.com/ 2 KB
1 KB 391ms
96ms Script
application/javascript 35.81.173.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=G-RL28C8SB39&ga_client_id=872197903.1729696318&shpt=Meet%20with%20Paycor%20Today&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-RL28C8SB39%22%2C%22ga_client_id%22%3A%22872197903.1729696318%22%2C%22shpt%22%3A%22Meet%20with%20Paycor%20Today%22%2C%22dcm_cid%22%3A%221729696318.1%22%2C%22mntnis%22%3A%22jXApKJNwHlrM9V%2BlCfvQrmv%2Bn7fz2wC5%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A2%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%7D&dcm_cid=1729696318.1&available_ga=%5B%7B%22id%22%3A%22G-RL28C8SB39%22%2C%22sess_id%22%3A%221729696318%22%7D%5D&hardcoded_ga=G-RL28C8SB39&dxver=4.0.0&shaid=32852&plh=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&cb=4158082954269271term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue
Requested by: Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=32852&tdr=&plh=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&cb=4158082954269271term=value
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.81.173.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-173-170.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 5426b345da7f7eb985c28c3461c02306d9e0fae4d1918021c651c426c6eae700

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

transfer-encoding: chunked
content-encoding: gzip
x-envoy-upstream-service-time: 0
connection: close
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
date: Wed, 23 Oct 2024 15:11:59 GMT
content-type: application/javascript;charset=utf-8
server: istio-envoy

GET
H2 204 0
bat.bing.com/action/ 0
121 B 41ms
39ms Image
text/plain 2620:1ec:33:2::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=15323291&Ver=2&mid=578c558a-6e87-44d2-bdec-b4019f0eea3f&bo=1&sid=2631cee0915111efaa177f56bfebe49a&vid=26321180915111efa59a23552e51da4a&vids=0&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=Meet%20with%20Paycor%20Today&p=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&r=&lt=578&evt=pageLoad&sv=1&cdb=AQAQ&rn=715028

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:2::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3502D15918DF4FF0B15E062E59191025 Ref B: BL2AA2010203025 Ref C: 2024-10-23T15:11:59Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Wed, 23 Oct 2024 15:11:58 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/944830538/ 5 KB
2 KB 51ms
50ms Script
text/javascript 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944830538/?random=1729696319303&cv=11&fst=1729696319303&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v872632945za200zb72782260&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101794736~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&hn=www.googleadservices.com&frm=0&tiba=Meet%20with%20Paycor%20Today&npa=0&pscdl=noapi&auid=1449276670.1729696318&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-944830538&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

7715b903698c24eace8dd3aa182c3e123756f9c85ed26a619265c717efe3752d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2371
date: Wed, 23 Oct 2024 15:11:59 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 944830538
td.doubleclick.net/td/rul/ Frame A869 0
0 53ms
52ms Document
text/html 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/944830538?random=1729696319303&cv=11&fst=1729696319303&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v872632945za200zb72782260&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101794736~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&hn=www.googleadservices.com&frm=0&tiba=Meet%20with%20Paycor%20Today&npa=0&pscdl=noapi&auid=1449276670.1729696318&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-944830538&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.paycor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 15:11:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/944830538/ 5 KB
3 KB 54ms
54ms Script
text/javascript 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/944830538/?random=1729696319355&cv=11&fst=1729696319355&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v872632945za200zb72782260&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101794736~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&label=2-KlCJmi_9MZEMrww8ID&hn=www.googleadservices.com&frm=0&tiba=Meet%20with%20Paycor%20Today&gtm_ee=1&npa=0&pscdl=noapi&auid=1449276670.1729696318&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-944830538&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

798496dbab04f947d90c5fc70f55dadb837fc294ade6c10fcc91af59e50b3120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2660
date: Wed, 23 Oct 2024 15:11:59 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 944830538
td.doubleclick.net/td/rul/ Frame 37BB 0
0 52ms
52ms Document
text/html 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/944830538?random=1729696319355&cv=11&fst=1729696319355&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v872632945za200zb72782260&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101794736~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&label=2-KlCJmi_9MZEMrww8ID&hn=www.googleadservices.com&frm=0&tiba=Meet%20with%20Paycor%20Today&gtm_ee=1&npa=0&pscdl=noapi&auid=1449276670.1729696318&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&ct_cookie_present=0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-944830538&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.paycor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 609
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 15:11:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/944830538/ 42 B
64 B 47ms
46ms Image
image/gif 142.250.64.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/944830538/?random=1729696319303&cv=11&fst=1729695600000&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v872632945za200zb72782260&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101794736~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&hn=www.googleadservices.com&frm=0&tiba=Meet%20with%20Paycor%20Today&npa=0&pscdl=noapi&auid=1449276670.1729696318&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfrb3g5PEDHE-82S34LfYWTwwifB1ZXiqB0x5apvJH0WL1d5gK&random=3809501815&rmt_tld=0&ipr=y

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.68 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 23 Oct 2024 15:11:59 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.ca/pagead/1p-user-list/944830538/ 42 B
64 B 49ms
48ms Image
image/gif 142.250.64.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/944830538/?random=1729696319303&cv=11&fst=1729695600000&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v872632945za200zb72782260&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101794736~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&hn=www.googleadservices.com&frm=0&tiba=Meet%20with%20Paycor%20Today&npa=0&pscdl=noapi&auid=1449276670.1729696318&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfrb3g5PEDHE-82S34LfYWTwwifB1ZXiqB0x5apvJH0WL1d5gK&random=3809501815&rmt_tld=1&ipr=y

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 23 Oct 2024 15:11:59 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 51c1d44ef02049b8bd6c7c412b7622d1.js Show response
script.crazyegg.com/pages/versioned/tracking-scripts/ 95 KB
31 KB 40ms
40ms Script
text/javascript 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/tracking-scripts/51c1d44ef02049b8bd6c7c412b7622d1.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0063/4307.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ea2a1c44caddb672fad2f2cf72e8b828cd2e1ddb099f10b7f72f1f93121d945

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
content-encoding: gzip
cf-bgj: minify
cf-cache-status: HIT
age: 7750
cf-ray: 8d72a9ac5bd2abee-YYZ
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 15:11:59 GMT
content-type: text/javascript
last-modified: Fri, 11 Oct 2024 16:53:10 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3

200

/
www.google.ca/pagead/1p-conversion/944830538/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944830538/?random=80073439&cv=11&fst=1729696319355&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v872632945za200zb72782260&gcd=13l3l3l3l1l1&...
https://www.google.com/pagead/1p-conversion/944830538/?random=80073439&cv=11&fst=1729696319355&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v872632945za200zb72782260&gcd=13l3l3l3l1l1&dma=0&tag_exp=1016866...
https://www.google.ca/pagead/1p-conversion/944830538/?random=80073439&cv=11&fst=1729696319355&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v872632945za200zb72782260&gcd=13l3l3l3l1l1&dma=0&tag_exp=10168668...

42 B
64 B

56ms
55ms

Image
image/gif

142.250.64.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-conversion/944830538/?random=80073439&cv=11&fst=1729696319355&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v872632945za200zb72782260&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101794736~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&label=2-KlCJmi_9MZEMrww8ID&hn=www.googleadservices.com&frm=0&tiba=Meet%20with%20Paycor%20Today&gtm_ee=1&npa=0&pscdl=noapi&auid=1449276670.1729696318&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECSixub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI7cq-9eSkiQMVyCdoCB0ENAqCMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2dvLnBheWNvci5jb20vQlhDaEVJOEwzaXVBWVFxc0h4b1BpNTlabnlBUkl0QUlYRVI0YkVqOHFacG1DYW1MRUhVbFROYWswYTVPQXZqMXBDRGRVY0U0UlBRcURJbUZMVFJhanJVcUxm&is_vtc=1&cid=CAQSKQDpaXnfbu4q_GFFaBzMhVCr0F5NRYAb_CU9AddAr1P_sXtoDd2e3Nf0&random=4131367073&ipr=y

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Server

142.250.64.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 23 Oct 2024 15:11:59 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.ca/pagead/1p-conversion/944830538/?random=80073439&cv=11&fst=1729696319355&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v872632945za200zb72782260&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101794736~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&label=2-KlCJmi_9MZEMrww8ID&hn=www.googleadservices.com&frm=0&tiba=Meet%20with%20Paycor%20Today&gtm_ee=1&npa=0&pscdl=noapi&auid=1449276670.1729696318&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECSixub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI7cq-9eSkiQMVyCdoCB0ENAqCMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2dvLnBheWNvci5jb20vQlhDaEVJOEwzaXVBWVFxc0h4b1BpNTlabnlBUkl0QUlYRVI0YkVqOHFacG1DYW1MRUhVbFROYWswYTVPQXZqMXBDRGRVY0U0UlBRcURJbUZMVFJhanJVcUxm&is_vtc=1&cid=CAQSKQDpaXnfbu4q_GFFaBzMhVCr0F5NRYAb_CU9AddAr1P_sXtoDd2e3Nf0&random=4131367073&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 23 Oct 2024 15:11:59 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 index.js Show response
script.crazyegg.com/scripts/addons/1.0.112/ 897 B
696 B 37ms
36ms Script
application/javascript 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/scripts/addons/1.0.112/index.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0063/4307.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9598e291a1015e2151d3a0a9b0623b1f1e5e614186cb867ffb39dd79ca44385a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
content-encoding: gzip
cf-bgj: minify
cf-cache-status: HIT
age: 7745
cf-ray: 8d72a9acec53abee-YYZ
expires: Thu, 23 Oct 2025 15:11:59 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 15:11:59 GMT
content-type: application/javascript;charset=utf-8
last-modified: Mon, 26 Aug 2024 07:41:36 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 e1135c7f31a16440d5fc9944b7402d81.js Show response
script.crazyegg.com/scripts/addons/thirdparty/ 325 KB
82 KB 40ms
39ms Script
application/javascript 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/scripts/addons/thirdparty/e1135c7f31a16440d5fc9944b7402d81.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0063/4307.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 850b42447426e232e97c525df9bc3ac34a1c18d888c70b771d400306bfa4b954

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
content-encoding: gzip
cf-bgj: minify
cf-cache-status: HIT
age: 7745
cf-ray: 8d72a9ad2ca3abee-YYZ
expires: Thu, 23 Oct 2025 15:11:59 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 15:11:59 GMT
content-type: application/javascript;charset=utf-8
last-modified: Mon, 26 Aug 2024 07:41:37 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK gs Show response
gs.mountain.com/ 144 B
733 B 405ms
97ms Script
application/javascript 35.81.162.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gs.mountain.com/gs
Requested by: Host: px.mountain.com
URL: https://px.mountain.com/st?ga_tracking_id=G-RL28C8SB39&ga_client_id=872197903.1729696318&shpt=Meet%20with%20Paycor%20Today&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-RL28C8SB39%22%2C%22ga_client_id%22%3A%22872197903.1729696318%22%2C%22shpt%22%3A%22Meet%20with%20Paycor%20Today%22%2C%22dcm_cid%22%3A%221729696318.1%22%2C%22mntnis%22%3A%22jXApKJNwHlrM9V%2BlCfvQrmv%2Bn7fz2wC5%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A2%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%7D&dcm_cid=1729696318.1&available_ga=%5B%7B%22id%22%3A%22G-RL28C8SB39%22%2C%22sess_id%22%3A%221729696318%22%7D%5D&hardcoded_ga=G-RL28C8SB39&dxver=4.0.0&shaid=32852&plh=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&cb=4158082954269271term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.81.162.201 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-162-201.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: ee557fc05612343f3d5c8588faa304ba5fadced68ed5aad119801c5f73ecef25

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 0
connection: close
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
x-application-context: application:prod:8080
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
date: Wed, 23 Oct 2024 15:11:59 GMT
content-length: 144
content-type: application/javascript;charset=utf-8
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: istio-envoy
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header

GET
H3 200 survey.js Show response
script.crazyegg.com/scripts/addons/1.0.112/ 260 KB
69 KB 43ms
42ms Script
application/javascript 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/scripts/addons/1.0.112/survey.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0063/4307.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9ac6bd66b23bd217fdf334d8ea816d348982e7e68a7d87cb07c6b8f4101acb2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

content-encoding: gzip
cf-bgj: minify
cf-cache-status: HIT
age: 7745
expires: Thu, 23 Oct 2025 15:11:59 GMT
cf-polished: origSize=266540
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 15:11:59 GMT
content-type: application/javascript;charset=utf-8
last-modified: Mon, 26 Aug 2024 07:41:37 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 8d72a9adbd2aabee-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H/1.1 200
OK st Show response
px.mountain.com/ 5 KB
2 KB 297ms
111ms Script
application/javascript 35.81.173.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=G-RL28C8SB39&ga_client_id=872197903.1729696318&shpt=Meet%20with%20Paycor%20Today&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-RL28C8SB39%22%2C%22ga_client_id%22%3A%22872197903.1729696318%22%2C%22shpt%22%3A%22Meet%20with%20Paycor%20Today%22%2C%22dcm_cid%22%3A%221729696318.1%22%2C%22mntnis%22%3A%22jXApKJNwHlrM9V%2BlCfvQrmv%2Bn7fz2wC5%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A2%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%7D&dcm_cid=1729696318.1&available_ga=%5B%7B%22id%22%3A%22G-RL28C8SB39%22%2C%22sess_id%22%3A%221729696318%22%7D%5D&hardcoded_ga=G-RL28C8SB39&dxver=4.0.0&shaid=32852&plh=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue&cb=1729696319528567&shguid=f347680e-21f0-392f-a261-7dcbfdb0f417&shgts=1729696319935
Requested by: Host: px.mountain.com
URL: https://px.mountain.com/st?ga_tracking_id=G-RL28C8SB39&ga_client_id=872197903.1729696318&shpt=Meet%20with%20Paycor%20Today&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-RL28C8SB39%22%2C%22ga_client_id%22%3A%22872197903.1729696318%22%2C%22shpt%22%3A%22Meet%20with%20Paycor%20Today%22%2C%22dcm_cid%22%3A%221729696318.1%22%2C%22mntnis%22%3A%22jXApKJNwHlrM9V%2BlCfvQrmv%2Bn7fz2wC5%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A2%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%7D&dcm_cid=1729696318.1&available_ga=%5B%7B%22id%22%3A%22G-RL28C8SB39%22%2C%22sess_id%22%3A%221729696318%22%7D%5D&hardcoded_ga=G-RL28C8SB39&dxver=4.0.0&shaid=32852&plh=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&cb=4158082954269271term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.81.173.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-173-170.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 491ac25818a7d740cd3f9a0b6e39509ce307be5b55bee980e93f0edfb43c4cf4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

transfer-encoding: chunked
content-encoding: gzip
x-envoy-upstream-service-time: 15
connection: close
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
date: Wed, 23 Oct 2024 15:12:00 GMT
content-type: application/javascript;charset=utf-8
server: istio-envoy

POST
H2 200 mon Show response
obs.cheqzone.com/ 0
145 B 42ms
40ms XHR
application/json 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cheqzone.com/mon
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://go.paycor.com/

Response headers

access-control-allow-origin: https://go.paycor.com
content-length: 0
date: Wed, 23 Oct 2024 15:12:00 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

POST
H2 200 mon Show response
obs.cheqzone.com/ 0
16 B 41ms
39ms XHR
application/json 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cheqzone.com/mon
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://go.paycor.com/

Response headers

access-control-allow-origin: https://go.paycor.com
content-length: 0
date: Wed, 23 Oct 2024 15:12:00 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

GET
H/1.1

200
OK

tdsync
px.steelhousemedia.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=2673daaf-9151-11ef-bc8e-15590d0e4dd9&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=2673daaf-9151-11ef-bc8e-15590d0e4dd9&gdpr=&gdpr_consent=
https://px.steelhousemedia.com/tdsync?tdid=f467de59-e4f8-4861-971e-78037a0bfdba&shguid=2673daaf-9151-11ef-bc8e-15590d0e4dd9

0
319 B

469ms
171ms

Image
text/plain

54.245.46.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.steelhousemedia.com/tdsync?tdid=f467de59-e4f8-4861-971e-78037a0bfdba&shguid=2673daaf-9151-11ef-bc8e-15590d0e4dd9
Requested by: Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html
Protocol: HTTP/1.1
Server: 54.245.46.233 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-46-233.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

x-envoy-upstream-service-time: 77
connection: close
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-length: 0
date: Wed, 23 Oct 2024 15:12:00 GMT
server: istio-envoy
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header

Redirect headers

location: https://px.steelhousemedia.com/tdsync?tdid=f467de59-e4f8-4861-971e-78037a0bfdba&shguid=2673daaf-9151-11ef-bc8e-15590d0e4dd9
content-length: 277
date: Wed, 23 Oct 2024 15:12:00 GMT
server: Kestrel

GET
H2

200

ibs:dpid=903&dpuuid=f467de59-e4f8-4861-971e-78037a0bfdba
dpm.demdex.net/
Redirect Chain

https://insight.adsrvr.org/track/evnt/?adv=tghvfxd&ct=0:czl5olp&fmt=3
https://dpm.demdex.net/ibs:dpid=903&dpuuid=2c5faf07-a303-4313-8a68-c98de8340f97&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=2c5faf07-a303-4313-8a68-c98de8340f97&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
https://dpm.demdex.net/ibs:dpid=903&dpuuid=f467de59-e4f8-4861-971e-78037a0bfdba

42 B
714 B

41ms
40ms

Image
image/gif

54.92.238.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=f467de59-e4f8-4861-971e-78037a0bfdba

Requested by

Host: go.paycor.com
URL: https://go.paycor.com/nfl-ticket-sweepstakes.html

Protocol

Server

54.92.238.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-92-238-32.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-va6-1-v066-0b72355e9.edge-va6.demdex.com 8 ms
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
x-tid: 3Vs5CcesQMw=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 59
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Wed, 23 Oct 2024 15:12:00 GMT
content-type: image/gif

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=f467de59-e4f8-4861-971e-78037a0bfdba
content-length: 189
date: Wed, 23 Oct 2024 15:12:00 GMT
server: Kestrel

GET
H2 200 core
js.driftt.com/ Frame D124 0
0 98ms
56ms Document
text/html 18.238.55.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=z4ywmf9vceea&eId=z4ywmf9vceea&region=US&forceShow=false&skipCampaigns=false&sessionId=8094f043-8b87-46ee-823b-20d1a870d132&sessionStarted=1729696320.901&campaignRefreshToken=d417d0fc-0507-4618-a448-3a8b55d42da1&hideController=false&pageLoadStartTime=1729696317666&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1729696500000/z4ywmf9vceea.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.55.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-55-127.jfk52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.paycor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 23 Oct 2024 15:12:00 GMT
etag: W/"323cf43fb7dd4d8ce2fbf72604328721"
last-modified: Fri, 11 Oct 2024 18:46:52 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 2c8fc98e914dd92124c9f02bae44cffc.cloudfront.net (CloudFront)
x-amz-cf-id: C7sMtl_Eby_ePkBqFC37ApduDwL31ObEG_L8fbTjpCNTkFPA3ZepnQ==
x-amz-cf-pop: JFK52-P4
x-amz-server-side-encryption: AES256
x-amz-version-id: KOzChVsUmRwQhfJPojbnFLzc1Y3kJgXL
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 19

GET
H2 200 chat
js.driftt.com/core/ Frame 7030 0
0 82ms
45ms Document
text/html 18.238.55.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1729696317666

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1729696500000/z4ywmf9vceea.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.55.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-55-127.jfk52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.paycor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 23 Oct 2024 15:12:00 GMT
etag: W/"323cf43fb7dd4d8ce2fbf72604328721"
last-modified: Fri, 11 Oct 2024 18:46:52 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 2c8fc98e914dd92124c9f02bae44cffc.cloudfront.net (CloudFront)
x-amz-cf-id: hON7YFlMNgBmMe-HhKfbXKJZvApU6AxP41oTwuEi8CGvib72uNHz4g==
x-amz-cf-pop: JFK52-P4
x-amz-server-side-encryption: AES256
x-amz-version-id: KOzChVsUmRwQhfJPojbnFLzc1Y3kJgXL
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 26

GET
H3 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
2 KB 64ms
64ms Script
application/javascript 23.56.163.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/static/ct/token_create.js

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js

Protocol

Security

QUIC, , AES_256_GCM

Server

23.56.163.34 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-163-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: max-age=7200
content-encoding: gzip
etag: "16d5d552603d86726ae439fc61299d42"
x-cdn: akamai
quic-version: 0x00000001
alt-svc: h3=":443"; ma=600
content-length: 2114
date: Wed, 23 Oct 2024 15:12:00 GMT
akamai-grn: 0.6f24c317.1729696320.126abd02
content-type: application/javascript
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 ct.html
ct.pinterest.com/ Frame 01C9 0
0 103ms
40ms Document
text/html 23.56.163.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.56.163.34 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-163-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://go.paycor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

akamai-grn: 0.6f24c317.1729696321.126abe1c
alt-svc: h3=":443"; ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Wed, 23 Oct 2024 15:12:01 GMT
pinterest-version: 4c367255c34ed9223ef8c37450ea65abc9db1e3c
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1313048175941999
x-pinterest-rid-128bit: b6dd5f68425484a8b638d79787f97ff1

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 53ms
52ms Image
text/html 142.250.81.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=728802134&rv=4ah0&tag_exp=101686685~101794736~101823848&u=AAAAAAAIAAAAACAgCAAAAABA&ut=Ag&h=Ag&gtm=45be4ah0v872632945za200zb72782260&ccid=72632945&cid=AW-944830538&l=L192.S81.B75.E1655.I576.EC9.TC9.HTC0~gtm.init.S1.V0.E81.TS5ogt1pdatav2.TI4.TE2.TS5ccdadslast.TI6.TE0.TS5ccdadd1pdata.TI7.TE0.TS5ccdadd1pdata.TI8.TE0.TS5ccdemform.TI9.TE1.TS5ccdpreautopii.TI10.TE0.TS5ogtadsdatatos.TI11.TE0.TS5ccdadsfirst.TI12.TE0~gtm.js.S0.V0.E72.TS5rep.TI1.TE0~gtm.dom.S0.V0.E67~*.S0.V0.E66~*.S0.V0.E66~*~*.S0.V0.E10~gtm.load.S0.V0.E2~gtm.init_consent.S3.V2.E82~AWCT1629.1665

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.232 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Wed, 23 Oct 2024 15:12:00 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 favicon-f8132340c7be589c4ca35a88d20f6523551542e2cb0611d5bfcea22e71d4023f.ico
d1p0q2ti3pe3kr.cloudfront.net/assets/icons/ 1 KB
2 KB 109ms
26ms Other
image/vnd.microsoft.icon 2600:9000:21dd:ca00:1f:5843:a6c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1p0q2ti3pe3kr.cloudfront.net/assets/icons/favicon-f8132340c7be589c4ca35a88d20f6523551542e2cb0611d5bfcea22e71d4023f.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:ca00:1f:5843:a6c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f8132340c7be589c4ca35a88d20f6523551542e2cb0611d5bfcea22e71d4023f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

cache-control: public, max-age=31557600
etag: "09bebe4063f3117b2c3b9c7ce1dd71e7"
age: 23958182
via: 1.1 80bad22a3308bca7ca55a6da6a46dad4.cloudfront.net (CloudFront)
expires: Fri, 12 Jan 2018 22:42:42 GMT
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 1150
x-amz-cf-id: ninYEzIfEmJ5O4gcjXJaKIabtehHENM-hvkzHIFYFOG7mdWJpb_GwQ==
date: Sat, 20 Jan 2024 08:09:00 GMT
content-type: image/vnd.microsoft.icon
last-modified: Thu, 12 Jan 2017 16:41:18 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2

GET
H2 200 favicon-f8132340c7be589c4ca35a88d20f6523551542e2cb0611d5bfcea22e71d4023f.ico
d1p0q2ti3pe3kr.cloudfront.net/assets/icons/ 1 KB
0 0ms
0ms Other
image/vnd.microsoft.icon 2600:9000:21dd:ca00:1f:5843:a6c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1p0q2ti3pe3kr.cloudfront.net/assets/icons/favicon-f8132340c7be589c4ca35a88d20f6523551542e2cb0611d5bfcea22e71d4023f.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:ca00:1f:5843:a6c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f8132340c7be589c4ca35a88d20f6523551542e2cb0611d5bfcea22e71d4023f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

cache-control: public, max-age=31557600
etag: "09bebe4063f3117b2c3b9c7ce1dd71e7"
age: 23958182
via: 1.1 80bad22a3308bca7ca55a6da6a46dad4.cloudfront.net (CloudFront)
expires: Fri, 12 Jan 2018 22:42:42 GMT
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 1150
x-amz-cf-id: ninYEzIfEmJ5O4gcjXJaKIabtehHENM-hvkzHIFYFOG7mdWJpb_GwQ==
date: Sat, 20 Jan 2024 08:09:00 GMT
content-type: image/vnd.microsoft.icon
last-modified: Thu, 12 Jan 2017 16:41:18 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2

GET
H2 200 ip.json Show response
api.company-target.com/api/v3/ 465 B
1015 B 115ms
65ms Fetch
application/json 13.226.34.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.company-target.com/api/v3/ip.json?auth=demandbase_U8suSxauj2pCiYOUuaotJJE2Uh3A0DBsyIpFvdi5&page=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&page_title=Meet%20with%20Paycor%20Today&referrer=

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1729696500000/z4ywmf9vceea.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.34.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-34-111.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

ee98439c11ee9f2eaece7971d414049ec4089f484c21bef2c3145533592098ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

access-control-max-age: 7200
access-control-expose-headers: x-amz-cf-id
content-encoding: gzip
identification-source: CENTRAL
access-control-allow-methods: GET, POST, OPTIONS
request-id: d23d73d0-0085-46c1-9e4b-074941895feb
expires: Tue, 22 Oct 2024 15:12:01 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: k6JTBTRppE9IiwSTMzlLqW47gbYY4XIIAtVyunA3ebhfl9qpa0islA==
date: Wed, 23 Oct 2024 15:12:01 GMT
content-type: application/json;charset=utf-8
vary: Accept-Encoding, Origin
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
api-version: v3
access-control-allow-credentials: true
via: 1.1 5d840d432727e3561fd1a3de915212ca.cloudfront.net (CloudFront)
access-control-allow-origin: https://go.paycor.com
x-amz-cf-pop: EWR53-C2
server: nginx

POST
H2 200 mon Show response
obs.cheqzone.com/ 0
39 B 40ms
38ms XHR
application/json 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cheqzone.com/mon
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://go.paycor.com/

Response headers

access-control-allow-origin: https://go.paycor.com
content-length: 0
date: Wed, 23 Oct 2024 15:12:02 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

GET
H2 200 3.ee35dea2.chunk.js Show response
js.driftt.com/conductor/assets/ 158 B
852 B 28ms
28ms Script
application/javascript 18.238.55.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/conductor/assets/3.ee35dea2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1729696500000/z4ywmf9vceea.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.55.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-55-127.jfk52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

3005a54fc57fc2d8c70cc41e4ca7fcaaed7514b03f28581082c454e6a2d11f3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.paycor.com/

Response headers

x-amz-version-id: rYV3Tk3yEytdzde9thJ_AN9ul6xSrvB.
etag: "e6714addd36102488fb27a980401fd36"
age: 2902125
access-control-allow-methods: GET, POST, OPTIONS
x-cache: Hit from cloudfront
x-amz-cf-id: MV9_5bSSrzCZmC0rAbypVdqIPewvA5ai8ryxWxhJZRuP-sr0TxRHdA==
date: Fri, 20 Sep 2024 01:03:17 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 10 Sep 2024 14:51:22 GMT
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
x-envoy-upstream-service-time: 15
access-control-allow-credentials: true
via: 1.1 30dd3884a4b369c2dc7ffa8271e1b512.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 158
x-amz-cf-pop: JFK52-P4
server: istio-envoy
x-amz-server-side-encryption: AES256

GET
H2 206 notification.5f7c6014.mp3
js.driftt.com/conductor/assets/media/ 8 KB
8 KB 26ms
25ms Media
audio/mpeg 18.238.55.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/conductor/assets/media/notification.5f7c6014.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.55.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-55-127.jfk52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

bf06f41bb3a1429115fa2dcfbee9986234d6d319da3597648e4e980340d52027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.paycor.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: piQRg_cGHlFbiywBVJF7IKII4lLsz0a_
etag: "5f7c6014cf73831f91963a668b71fbb9"
age: 3315385
access-control-allow-methods: GET, POST, OPTIONS
x-cache: Hit from cloudfront
x-amz-cf-id: 8npZN2ZbwEIetTOher2ujPt1RBobokpPspR5UgTpCAKXl10ZxwVFAg==
date: Sat, 05 Oct 2024 06:25:38 GMT
content-type: audio/mpeg
last-modified: Thu, 05 Oct 2023 15:35:50 GMT
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
x-envoy-upstream-service-time: 39
access-control-allow-credentials: true
Content-Range: bytes 0-7754/7755
via: 1.1 30dd3884a4b369c2dc7ffa8271e1b512.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 7755
x-amz-cf-pop: JFK52-P4
server: istio-envoy
x-amz-server-side-encryption: AES256

POST
H2 200 mon Show response
obs.cheqzone.com/ 0
39 B 40ms
38ms XHR
application/json 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cheqzone.com/mon
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://go.paycor.com/

Response headers

access-control-allow-origin: https://go.paycor.com
content-length: 0
date: Wed, 23 Oct 2024 15:12:03 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

POST
H2 204 collect
analytics.google.com/g/ 0
0 41ms
38ms Fetch
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-RL28C8SB39&gtm=45je4ah0v889089799za200zb72782260&_p=1729696317695&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533421~101686685~101823847&cid=872197903.1729696318&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&sid=1729696318&sct=1&seg=0&dl=https%3A%2F%2Fgo.paycor.com%2Fnfl-ticket-sweepstakes.html&dt=Meet%20with%20Paycor%20Today&_s=2&tfd=6613
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RL28C8SB39&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://go.paycor.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://go.paycor.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 15:12:04 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 mon Show response
obs.cheqzone.com/ 0
39 B 40ms
38ms XHR
application/json 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cheqzone.com/mon
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://go.paycor.com/

Response headers

access-control-allow-origin: https://go.paycor.com
content-length: 0
date: Wed, 23 Oct 2024 15:12:04 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: okt.to
URL: https://okt.to/ping?uri=%2Fnfl-ticket-sweepstakes.html&aid=001f0ag3s13uc2r&ts=1729696318933

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

80 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.capig.paycor.com/events/80c01962f03a2508878ddeedfe0fea7e62245f5dd79fd8724596c04515aaf847	1970-01-21 02:37:52	Name: cee Value: pWw%2B7QK1ZL9h4dJPVCyozBNMcSywWoR89AST1WXC5Ew%3D.%7B%7D
go.paycor.com/	1969-12-31 23:59:59	Name: BIGipServerab01web-nginx-app_https Value: !+tR4/N7XI7rsfoKwZJ6CmE6tjLF6/22QCUDTf4VskNcE9kinZ5FBgDfSygOBOkCzMciTpyV2tPNvL3k=
.go.paycor.com/	1970-01-21 00:28:18	Name: __cf_bm Value: e6cXJleG.Krpnxa8EQFQI4XJY1wYigNuDj3ugNFFHJU-1729696317-1.0.1.1-_4sVoAkVRjYhqbskQQmNrpoFuKl8pQR4AhDLs3.7HC5ryusTyYzknv45uW3GYOz69s3I65tQ4uHgXqHPuGwAtQ
.calendly.com/	1969-12-31 23:59:59	Name: _cfuvid Value: zZJk5MSR1vUhlbsv3GiskU6h6plynXRav4ElM.qFTy0-1729696317806-0.0.1.1-604800000
.paycor.com/	1970-01-21 02:37:52	Name: _gcl_au Value: 1.1.1449276670.1729696318
.paycor.com/	1970-01-21 10:04:16	Name: _mkto_trk Value: id:003-JWW-697&token:_mch-paycor.com-1729696318280-94005
.paycor.com/	1970-01-21 10:04:16	Name: _ga Value: GA1.1.872197903.1729696318
tags.srv.stackadapt.com/	1970-01-21 09:13:52	Name: sa-user-id Value: s%3A0-a2b16bcd-fd59-5f96-585f-b23182920362.hgDOA52uEDsvLLS8wHBk1%2FnUUdvQbtnS6E0OP2Fmz54
.srv.stackadapt.com/	1970-01-21 09:13:52	Name: sa-user-id Value: s%3A0-a2b16bcd-fd59-5f96-585f-b23182920362.hgDOA52uEDsvLLS8wHBk1%2FnUUdvQbtnS6E0OP2Fmz54
tags.srv.stackadapt.com/	1970-01-21 09:13:52	Name: sa-user-id-v2 Value: s%3AorFrzf1ZX5ZYX7IxgpIDYqdy0Wc.SPXDt9tHLKKGBgsRIME1P3Dp860tMQpLFWsgWKQRpmo
.srv.stackadapt.com/	1970-01-21 09:13:52	Name: sa-user-id-v2 Value: s%3AorFrzf1ZX5ZYX7IxgpIDYqdy0Wc.SPXDt9tHLKKGBgsRIME1P3Dp860tMQpLFWsgWKQRpmo
tags.srv.stackadapt.com/	1970-01-21 09:13:52	Name: sa-user-id-v3 Value: s%3AAQAKIPiNVVVjf4Tl9IQr6-i1WViXVQEozW0CRQSMhmC6a0aAENYBGAQgvqTkuAYwAToEQiu0oEIEXTfHkw.E7f68wxK2Jsp%2F1mQmEyaF%2FU7OuYF%2BiicGJ90YjQEFUM
.srv.stackadapt.com/	1970-01-21 09:13:52	Name: sa-user-id-v3 Value: s%3AAQAKIPiNVVVjf4Tl9IQr6-i1WViXVQEozW0CRQSMhmC6a0aAENYBGAQgvqTkuAYwAToEQiu0oEIEXTfHkw.E7f68wxK2Jsp%2F1mQmEyaF%2FU7OuYF%2BiicGJ90YjQEFUM
.ws.zoominfo.com/	1970-01-21 09:13:52	Name: visitorId Value: 82165c2aa53c55654960e117db8a3dc0557577018d7acf501388f47b5841456a
.zoominfo.com/	1970-01-21 00:28:18	Name: __cf_bm Value: bYreKUjPUkxrMyRJmUab884esGypM_Xh_wLOPYYiKLY-1729696318-1.0.1.1-kK7JZnEm7h.UYDrRAqmUKzs8Gtf3yG42RmdIgSin9igiFI0.vWjDkPVCj1NP_Z4RMan1Uu_xhRCSnTzZqJWI8A
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: Y1KQIB35Dihy_LfyeLn9a0NsGAm56AJfSxdSzN7LZes-1729696318516-0.0.1.1-604800000
.g2crowd.com/	1970-01-21 00:28:18	Name: __cf_bm Value: qLXg1ljygv.CHD.F_0fnkwVZEnipAN2lbDZFrrB4FkQ-1729696318-1.0.1.1-envfS4.IIrYqrTDbg.rEA2MN8YZipvWzaOo_V7p3ovUEukImqQzfbFHK7uRctqmVRoc5lyE6MO8uXTztc0g3dQ
.t.co/	1970-01-21 10:04:16	Name: muc_ads Value: daba9686-0187-4fd7-b715-75924af6676f
.t.co/	1970-01-21 00:28:18	Name: __cf_bm Value: FrOQoEtiM5mk7P3S7YSfqvfNKFPNrD9BTxTMe0wDGN0-1729696318-1.0.1.1-PDF4AoPNHiHKadj2hdUSz20sS4V.TWEeyaxSgPSO0dXYU96UdI2xa4TLrjP8X_CxHss4Wrn8HuIunxn75IIunQ
.amazon-adsystem.com/	1970-01-21 06:29:42	Name: ad-id Value: AzoBlKAEwEA0ni_AgFZgjyw
.amazon-adsystem.com/	1970-01-21 10:04:16	Name: ad-privacy Value: 0
.doubleclick.net/	1970-01-21 01:11:28	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 10:04:16	Name: IDE Value: AHWqTUm-yDzcObZ_6XIMBbvSt9uPGGDSWY-Qbs1O0EtTRZ9t2oPbsfkcK829ZceR
.twitter.com/	1970-01-21 10:04:16	Name: personalization_id Value: "v1_9GU5phKf669jwcqhdmj1tw=="
.linkedin.com/	1970-01-21 09:13:52	Name: bcookie Value: "v=2&11d77480-9e88-4df5-8dd5-6fd1e2bc9971"
.linkedin.com/	1970-01-21 04:47:28	Name: li_gc Value: MTswOzE3Mjk2OTYzMTg7MjswMjENFoYgrsNbFEmB/w9AeHqIBf3uA4JrADEgtDhTB6MCJQ==
.linkedin.com/	1970-01-21 00:29:42	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=3380:u=1:x=1:i=1729696318:t=1729782718:v=2:sig=AQEShbdvspKZBOGQVEktQEonGPOM9Y3R"
.paycor.com/	1970-01-21 02:37:52	Name: _fbp Value: fb.1.1729696318832.241742857275661676
go.paycor.com/	1970-01-21 09:13:52	Name: __pdst Value: e41d9a6db6ee4ffbb5eb5fd2b0c9d6e6
go.paycor.com/	1970-01-21 09:13:52	Name: sa-user-id Value: s%253A0-a2b16bcd-fd59-5f96-585f-b23182920362.hgDOA52uEDsvLLS8wHBk1%252FnUUdvQbtnS6E0OP2Fmz54
go.paycor.com/	1970-01-21 09:13:52	Name: sa-user-id-v2 Value: s%253AorFrzf1ZX5ZYX7IxgpIDYqdy0Wc.SPXDt9tHLKKGBgsRIME1P3Dp860tMQpLFWsgWKQRpmo
go.paycor.com/	1970-01-21 09:13:52	Name: sa-user-id-v3 Value: s%253AAQAKIPiNVVVjf4Tl9IQr6-i1WViXVQEozW0CRQSMhmC6a0aAENYBGAQgvqTkuAYwAToEQiu0oEIEXTfHkw.E7f68wxK2Jsp%252F1mQmEyaF%252FU7OuYF%252BiicGJ90YjQEFUM
.doubleclick.net/	1970-01-21 04:47:28	Name: receive-cookie-deprecation Value: 1
.company-target.com/	1970-01-21 10:04:16	Name: tuuid Value: 6314b5e7-9415-40f4-9b29-7d6bcf036162
.company-target.com/	1970-01-21 10:04:16	Name: tuuid_lu Value: 1729696318\|ix:0\|mctv:0\|rp:0
.go.paycor.com/	1970-01-21 09:13:52	Name: _pin_unauth Value: dWlkPU5XSTBPVGcwTkRBdFpqazBNaTAwWXpCbUxXRXlNVFF0TkdFellqUTVZekE0TURrMQ
.paycor.com/	1970-01-21 09:13:52	Name: _biz_uid Value: 8f76337e4b614f629cc8a6d03917f372
.paycor.com/	1970-01-21 09:13:52	Name: _biz_nA Value: 2
.bizible.com/	1970-01-21 09:13:52	Name: _BUID Value: 8f76337e4b614f629cc8a6d03917f372
.bizibly.com/	1970-01-21 09:13:52	Name: _BUID Value: 663f0ba6132853d1e7bd92dc3e279e1f
.rlcdn.com/	1970-01-21 09:13:52	Name: rlas3 Value: 0PKuPzctX3m9H0lMbe2fDp5OnXX+HO0vtZD+i43paQ8=
.rlcdn.com/	1970-01-21 01:54:40	Name: pxrc Value: CL+k5LgGEgUI6AcQABIGCMrdKhAA
.quantserve.com/	1970-01-21 09:58:30	Name: mc Value: 6719123f-0c655-fd3e5-aaee6
.pinterest.com/	1970-01-21 09:13:52	Name: ar_debug Value: 1
obs.cheqzone.com/	1970-01-21 08:32:06	Name: cg_uuid Value: e64b177818f13f550d4bcc4896f84dfe
.casalemedia.com/	1970-01-21 09:13:52	Name: CMID Value: ZxkSP9HM6UgAAEThACZVYQAA
.casalemedia.com/	1970-01-21 02:37:52	Name: CMPS Value: 3500
.casalemedia.com/	1970-01-21 02:37:52	Name: CMPRO Value: 3500
.tremorhub.com/	1970-01-21 09:14:13	Name: tvid Value: ca813f9a8e3245e0accfb8ba06978bc1
.tremorhub.com/	1970-01-21 10:04:16	Name: tv_UIDM Value: 6314b5e7-9415-40f4-9b29-7d6bcf036162
.rubiconproject.com/	1970-01-21 09:13:52	Name: audit_p Value: 1\|pZxX9VXXArOeKV9LnsBaJxfp347cBx9Vrylto4WiwG07wCFCn6f3es9r/ZT/Qqu4VVW7CC2aGFYwHTRO1/p4iJLoYn4tEwhGUVHG4ZjHcr0KsPsaXjknFgW8xe5UttdPKSqUTe5de9QwWsoGYYAB/hxguyga3/xBVFGxpdJGiDeWvEnWSmTsitzpQ7vzkXQ/
.rubiconproject.com/	1970-01-21 09:13:52	Name: khaos Value: M2M0J1JD-1T-9WCI
.rubiconproject.com/	1970-01-21 09:13:52	Name: khaos_p Value: M2M0J1JD-1T-9WCI
.rubiconproject.com/	1970-01-21 09:13:52	Name: audit Value: 1\|pZxX9VXXArOeKV9LnsBaJxfp347cBx9Vrylto4WiwG07wCFCn6f3es9r/ZT/Qqu4VVW7CC2aGFYwHTRO1/p4iJLoYn4tEwhGUVHG4ZjHcr0KsPsaXjknFgW8xe5UttdPKSqUTe5de9QwWsoGYYAB/hxguyga3/xBVFGxpdJGiDeWvEnWSmTsitzpQ7vzkXQ/
.rubiconproject.com/	1970-01-21 02:37:52	Name: receive-cookie-deprecation Value: 1
.bing.com/	1970-01-21 09:49:52	Name: MUID Value: 2E4C5922ECA961A420344C03ED25607D
.bat.bing.com/	1970-01-21 00:38:21	Name: MR Value: 0
.paycor.com/	1969-12-31 23:59:59	Name: cebs Value: 1
.paycor.com/	1970-01-21 09:13:52	Name: _biz_pendingA Value: %5B%5D
.paycor.com/	1970-01-21 09:13:52	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22Mkto%22%3A%221%22%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.bing.com/	1970-01-21 09:49:52	Name: MSPTC Value: JK9qQpY4ySPP7jwFzjbLoJQUTj0YduPOtpvPltiQbLg
.paycor.com/	1970-01-21 00:29:42	Name: _uetsid Value: 2631cee0915111efaa177f56bfebe49a
.paycor.com/	1970-01-21 09:49:52	Name: _uetvid Value: 26321180915111efa59a23552e51da4a
.paycor.com/	1970-01-21 09:52:45	Name: __qca Value: P0-234378685-1729696318677
.technologyadvice.com/	1970-01-21 09:13:52	Name: ta-vid Value: 1789f505-a3c9-4090-8195-dcece1c78214
.paycor.com/	1970-01-21 00:29:42	Name: _ce.clock_data Value: 45%2C167.114.209.103%2C1%2Ce70c069864ec1ceef7523c2cc9b41fcd%2CChrome%2CCA
.paycor.com/	1969-12-31 23:59:59	Name: cebsp_ Value: 1
.paycor.com/	1970-01-21 09:13:52	Name: _ce.s Value: v~6c815fb7b874902dcc0097e85d36e982df614db0~lcw~1729696319412~vir~new~lva~1729696319165~vpv~0~as~false~v11.cs~412903~v11.s~2661d920-9151-11ef-8f70-ff43f8f2cf6e~lcw~1729696319414
.mountain.com/	1970-01-21 09:13:52	Name: guid Value: 2673daaf-9151-11ef-bc8e-15590d0e4dd9
.px.mountain.com/	1970-01-21 09:13:52	Name: tt Value: H4sIAAAAAAAAAKtW8guKNzayMDWKNzK3NFayMtBRKlOyMtJRggpaGFsoWRmaG1maWZoZGxkYGQEVILSAZQ1qAWwhKJRGAAAA
.mountain.com/	1970-01-21 09:13:52	Name: rt Value: "MzI4NTI6MTcyOTY5NjMyMA=="
.adsrvr.org/	1970-01-21 09:13:52	Name: TDID Value: f467de59-e4f8-4861-971e-78037a0bfdba
.demdex.net/	1970-01-21 04:47:28	Name: demdex Value: 22469492970273701692760012045822074329
.dpm.demdex.net/	1970-01-21 04:47:28	Name: dpm Value: 22469492970273701692760012045822074329
.adsrvr.org/	1970-01-21 09:13:52	Name: TDCPM Value: CAESEgoDYWFtEgsIhICNueLfuT0QBRgFIAIoAjILCLidoeT437k9EAU4AQ..
go.paycor.com/	1970-01-21 00:28:18	Name: drift_campaign_refresh Value: d417d0fc-0507-4618-a448-3a8b55d42da1
.paycor.com/	1970-01-21 10:04:16	Name: invoca_session Value: %7B%22ttl%22%3A%222024-10-30T15%3A12%3A01.143Z%22%2C%22session%22%3A%7B%22invoca_id%22%3A%22i-2fe5a88b-e019-4642-c8d4-e82366ba1931%22%7D%2C%22config%22%3A%7B%22ce%22%3Atrue%2C%22fv%22%3Afalse%2C%22rn%22%3Afalse%7D%7D
go.paycor.com/	1970-01-21 10:04:16	Name: drift_aid Value: 0863e735-0c47-491c-bc40-d2c531f1c3e6
go.paycor.com/	1970-01-21 10:04:16	Name: driftt_aid Value: 0863e735-0c47-491c-bc40-d2c531f1c3e6
.paycor.com/	1970-01-21 10:04:16	Name: _ga_RL28C8SB39 Value: GS1.1.1729696318.1.0.1729696322.56.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://go.paycor.com/nfl-ticket-sweepstakes.html Message: [GroupMarkerNotSet(crbug.com/242999)!:A0901D0004260000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

003-jww-697.mktoresp.com
9675597.fls.doubleclick.net
ad.doubleclick.net
analytics.google.com
analytics.twitter.com
api.company-target.com
arttrk.com
assets.calendly.com
bat.bing.com
c.amazon-adsystem.com
capig.paycor.com
cdn.bizible.com
cdn.bizibly.com
cdn.jsdelivr.net
cdn.pdst.fm
cdnjs.cloudflare.com
client-registry.mutinycdn.com
code.jquery.com
connect.facebook.net
ct.pinterest.com
d1p0q2ti3pe3kr.cloudfront.net
dpm.demdex.net
dx.mountain.com
go.paycor.com
googleads.g.doubleclick.net
gs.mountain.com
id.rlcdn.com
insight.adsrvr.org
js.driftt.com
ka-f.fontawesome.com
kit.fontawesome.com
link.technologyadvice.com
match.adsrvr.org
munchkin.marketo.net
ob.cheqzone.com
obs.cheqzone.com
okt.to
pixel-ssn.quantserve.com
pixel.quantserve.com
pixels.spotify.com
pnapi.invoca.net
px.ads.linkedin.com
px.mountain.com
px.steelhousemedia.com
px4.ads.linkedin.com
res.cloudinary.com
rules.quantcount.com
s.amazon-adsystem.com
s.company-target.com
s.pinimg.com
script.crazyegg.com
secure.quantserve.com
segments.company-target.com
snap.licdn.com
solutions.invocacdn.com
stackpath.bootstrapcdn.com
static.ads-twitter.com
static.oktopost.com
stats.g.doubleclick.net
t.co
tag-logger.demandbase.com
tag.demandbase.com
tags.srv.stackadapt.com
td.doubleclick.net
tracking.crazyegg.com
tracking.g2crowd.com
tvspix.com
unpkg.com
visitor.technologyadvice.com
ws.zoominfo.com
www.facebook.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
okt.to
104.16.117.43
104.17.25.14
104.17.72.206
104.18.11.207
104.19.148.8
104.244.42.67
108.138.115.149
13.107.42.14
13.226.34.111
13.226.94.12
142.250.64.68
142.250.64.99
142.250.80.102
142.250.81.232
142.251.40.130
142.251.41.2
146.75.28.157
151.101.1.91
151.101.65.91
152.199.2.76
157.240.241.1
172.217.165.134
172.66.0.227
172.67.139.119
18.116.104.186
18.164.124.2
18.173.219.88
18.238.49.70
18.238.55.127
192.184.68.254
192.28.144.124
2001:4860:4802:34::181
23.56.163.34
2600:141b:1c00:2588::523
2600:141b:1c00:6::17df:d10e
2600:1901:1:7c5::
2600:1f16:19a4:102:edbb:8c6b:d27b:1918
2600:1f18:e8a:cd04:9b88:a313:d24d:af44
2600:9000:21dd:6200:6:44e3:f8c0:93a1
2600:9000:21dd:ca00:1f:5843:a6c0:21
2600:9000:2511:5400:1d:8d6d:3b40:93a1
2606:4700:4400::6812:2844
2606:4700:4400::6812:29af
2606:4700::6811:f6cb
2606:4700::6812:1eb0
2607:f8b0:4004:c0b::9a
2607:f8b0:4006:80f::2008
2607:f8b0:4006:824::2002
2620:116:800b:21:c1e8:5385:5098:6bf0
2620:1ec:21::14
2620:1ec:33:2::10
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:200::485
2a04:4e42:400::649
2a04:4e42:400::84
3.168.122.30
3.33.220.150
34.210.202.206
34.96.71.22
35.244.142.80
35.244.154.8
35.81.162.201
35.81.173.170
50.17.167.46
52.2.105.52
52.223.40.198
52.45.216.149
52.7.151.245
52.71.121.170
52.85.61.96
54.245.46.233
54.92.238.32
69.192.29.241
98.82.157.231
0602c4fb1597b7e6e111fe79777e195cacbc73774fcaf233a7835b33372dceae
075040fed49981c136cea722095d5b766881875b5d5a3ca4b11392af03a8db3b
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
09016600a13dd4825b72516765a8da53d1ab896f7582c4619d014e8ee147ea84
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0a9f74959f38176c483816a78c3b4b4c54112f4a42ed493aaf8e72c0db398406
0bf572f97126e4e1871365b297eb9bc7910b490ec7dedfd9b55561660a2285f8
0dc7cfc7ba1b59a31f1e5e6540f7f6ef0abe5e6b24bab356ec510f28b9847ff2
0fd0c5be6344fcce2416b70b0cf3bf1cfd572ca8bcbbc906ebdb2a16b1722844
15ef9082f7e8e7cc7fc3251e2fc8a07cb0d93049f71d33ef09015af80b21db8b
16039d93a15abf7b3a8585cf305b948a25dc918d6564c2c2243a35586ccf4fd7
166f62c7a9aa03e83bd045e8469101d00f6f7dc09549cb4e5f350f128e5a92b8
1746e5c46bfb5a7cfafbb6746a00b34d3e4853c27e071a746e04cced60773357
1785189ae9e7a2caedc7181c14f17fd51fda9b29b0635be7f3099e4aed07a68d
181ce4e83b335254aef5dca885e5e5df6db31d0c2cd52ffa643c5e0ddfecd13b
18585ecbead42a4f77447d13d546e7d371a16f146ee43b715b080f17dddea098
18ed6d9b8f22677990fced560a681264128f473c0544718e6508b8cc2503e6be
1927f317060524a0622e029842ab53fad815b5d108d038db004711ed2973ca27
20133cc700841ec85f087ff9834a922b482b9135e98574a9afebade4c754558c
20d632d7bc7799439a1e73ee45971d708d1feaf8c5dcc7e29a9c1ba9816b8cf8
2290b2491ebe848200904256bfe6c23276c108d725b8106f25a49079fff71986
2416aab63062f398a66af3601e5d32db1cb011bedb7418a701fcaa10341d7a58
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341
2981575b834ca75d51c580d5be9c6b314da5e0fdd5122fb3de5dd5e32b533a52
29d6b32f545f36a29ab83a4be5f92d4ebfb43a6dcc6457f7681a8478e5e8ea6c
29e36cf7062f5e533a9c29a6c045bf68a75c2e9365d8d9da7cd152fcafb7eb50
2aeed5b3c05c979624808226ba200108245d3065417b983d135ab1346a9e6383
2df5e88fde374e579060ce73f49e849dbacc0705b00d22d8673653571480d856
3005a54fc57fc2d8c70cc41e4ca7fcaaed7514b03f28581082c454e6a2d11f3b
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
38ee169294a9603ae39d0712235f8480654c34a2a25bdca33cfca36be9cb8d0f
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3ea2a1c44caddb672fad2f2cf72e8b828cd2e1ddb099f10b7f72f1f93121d945
4246ed1ef7df315f68e9dd4baa08e1fbc8326021af3565f2de2106edc0d3e956
4287001c45173f2be378ba3250ed78c921c4e165d38f2a02fa36aac6ffa25a01
42e2dd427dd9f9d45367c880c68289114b7de56373ff8bdc664ea0fa3ce77880
43dd8d596db1cd1142b9d1c38283455874c6fa4d62059a687812cdbda152f09d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4498e72f4b8b58343fa475208a5e12460f989572785e65a84967809dc1ad34a6
491ac25818a7d740cd3f9a0b6e39509ce307be5b55bee980e93f0edfb43c4cf4
4a633d1e78480ba635f17d5ea6826af8b1d9b80f7e7d626d517be1a8ffac0f18
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da
4ebb87cd2f94f39db9a15001137e53f794088d84a57e539bb6bf8c1b5e262f24
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
53c42422910dbb0335b749c57e38c52af2db78db162fe4b893e45d8d9151f73e
5426b345da7f7eb985c28c3461c02306d9e0fae4d1918021c651c426c6eae700
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa
5a75a26f4dd38fe6f26a171533626d35e2df62b7c94a74c147c49589bac9b427
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61917dc4b13b887a30af978c934892e7db4329ba72bbd655635613b537d760e5
629dea3fc8ca3364508e787cddbe7e6a1e0e72071d9ba2ba4539a2c60c8f1dea
65c5364e2b44f6b90096f49946c988e5fb4c890e580b38175106396a14497cc7
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6763de73150d26e3296cd0154ff12dede3b5d39251c734c0ae4f8af4e437e4cc
68b594d79a955d4237d365555d137be2842068c263d444f583556ee1f9a8cbc1
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
69279bee49c5f3502f7a3f07358da1562cc0a10d57e8a56cfc0f8977d367c99f
693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
72070cec790e67d0a805202517453b8853de2088ba633f8ed75635b39b932adb
73414c95065567e930957ff752384bba697461df50952600e780c55f0080aef3
745c7a224abb99d9337983ace6f8906c0619eaf7b4188db5a5a5b396036c1f71
7671fefe5aa8416b578619d1b005f62f4cd89fe194e9db864b6439d96b52355f
7715b903698c24eace8dd3aa182c3e123756f9c85ed26a619265c717efe3752d
78ea38b557e8d6b7de2441e3eaa054ec2db3fc5ad287cdb0f41bf16b85868838
798496dbab04f947d90c5fc70f55dadb837fc294ade6c10fcc91af59e50b3120
7d1011c3d5e8068ea641a20964537fd633feb949d4beb05d9009ef1d95345f88
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
850b42447426e232e97c525df9bc3ac34a1c18d888c70b771d400306bfa4b954
919293e56b6a814a84a579b014f63a2423b0419c418494da7baa7c0c5893cde1
92f211356f06c6c42c98958af7b473d13278660f2e10e8cc9f38662d59d66bb9
9598e291a1015e2151d3a0a9b0623b1f1e5e614186cb867ffb39dd79ca44385a
97aa9812d19683036ac220ef2826b9635e3f489f5cf8da75e53580f65485943f
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a9d3a26f43dcc3cb89fa0062853e3abc6f2130e1eab2814e0a9d53dd0d872fd
9bf3d8359524efadae00cff06c5b4406acf28bdde2d27e1618b6125c83cfa887
9c1861dda6c9144cd64df5c984f62504a586581e894f7d0ead33980d831c55dd
9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a5f1e29cc96cab38624682668015340219bd25cdb6cfa75af776bbb6edac220e
a9313ebfd90c3c362427d3fab8ae608f94556f7c9d7255871fc24a0f567b2e0b
a9ac6bd66b23bd217fdf334d8ea816d348982e7e68a7d87cb07c6b8f4101acb2
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ac1619cd018fd734b52a030c05f18127a70c698b409a0207d4b71d93ca646690
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ac9fab79ccbe41df5380e71a9e05f3dfa711542f0b3dcf676f8939d469aa620a
ad9e4ae8612a4bc1f3e4f8f2bb7b2d46916d3c65d2cfa28d23c5caad64e6cafa
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b31864324cc1d9b0079f4dbe4c3c0b30e1d063e7081f7378a81741d5377a0d70
b3cad51ca0cfdbeac9d38f7aad54e6564408f0da56a6fd56350e0d03d4f0aef9
b501016faf30130124b195792a33767001cc7de627921aef21ad80eea955473d
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
b741f6354ecdefc1ccb56e03a149827d7b128275f9a055c03a2939589dd223c1
bf06f41bb3a1429115fa2dcfbee9986234d6d319da3597648e4e980340d52027
c10cf21ab41255228edf51a322d3e7ab9c174cf15bd8283cfb5f8580d70dd349
c15cd313c5ecb9116619a7c57f1e43c76e1b0df7a748ae7aa1eae1c1d3a69aa9
c21caabb4273b6f596a86b2a0c44d466efa5840c77d330a813ab6b3b308e5f30
cd36a2fb236fa77d2d4a499c3eeb78d904fab4132cf1d47a6fa7222ae0299623
d3344539a6a3dc6efa15dd2d791ef815dc6e8cb173be46aa4965d72410d0689d
d398f6db2a47e142d69c90d4de72299b08f725a0bda9ca80403a60c2589a585c
d400e0c03ae4d1e6e440230bc576caf1c06a0c9ef9d2c1c7881e2dbad12523d4
d909479887b720688f6be9e77f2dea88b218ce9edb097e728d1d4856fe3b097a
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
e26474ab34af92aa853fbf500ef24f7686f3be953699d92f7295e292205fd836
e2d60cdf4948bf1fcc89d3e1fb4875dbfe0cd45125eced25eb220b5fd72abe73
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e740d16c9a7624cbed2ff505ef8f2fb3114ade3dcabc942638369e719df90557
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e96abb18e70acf14065e3bacb0dbd6942579a85d3d69d9d7551bea9c627ca3a0
e97882de34ffe397cc4ba1c2badef97e1ea68b791224e02bc7d71963a6b029f1
ecf4a6176a23634e19ed80b01b9c30bc7f9b754c55d4f3c220e46fbd3607a3b3
ee557fc05612343f3d5c8588faa304ba5fadced68ed5aad119801c5f73ecef25
ee98439c11ee9f2eaece7971d414049ec4089f484c21bef2c3145533592098ba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715
f778b73ea945fa41e3ee45577832dae9e6e5058f2c96799605c66fd10c5c9f22
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8132340c7be589c4ca35a88d20f6523551542e2cb0611d5bfcea22e71d4023f
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fce461e0fefe1d6d687b3eab8304d3affaf23fb674b18bfb5242ccfc544e1bb7
ffd4a8500bc43a212726e3be57fc96ecf73b71619f9a65d2ddfb851333da6034

go.paycor.com Open in urlscan Pro 104.17.72.206 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

182 Requests

95 %HTTPS

31 %IPv6

55 Domains

75 Subdomains

72 IPs

2 Countries

2027 kBTransfer

5571 kBSize

80 Cookies

7 Outgoing links

Redirected requests

182 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

go.paycor.com Open in urlscan Pro
104.17.72.206 Public Scan

Screenshot
Live screenshot

Full Image

182
Requests

95 %
HTTPS

31 %
IPv6

55
Domains

75
Subdomains

72
IPs

2
Countries

2027 kB
Transfer

5571 kB
Size

80
Cookies

182 HTTP transactions
0 data transactions