sweepstakes.workmoney.org Open in urlscan Pro
2606:4700:10::ac43:1e28  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

• https://13560696.fls.doubleclick.net/activityi;src=13560696;type=pavev0;cat=workm0;ord=9742577976167;npa=1;auiddc=1733922527.1720272180;u1=https%3A%2F%2Fsweepstakes.workmoney.org%2F;ps=1;pcor=525495613;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730v9153343598z8831084863za201zb831084863;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsweepstakes.workmoney.org%2F HTTP 302
• https://13560696.fls.doubleclick.net/activityi;dc_pre=CJre6qHBkocDFdsu-QAdXuUMtw;src=13560696;type=pavev0;cat=workm0;ord=9742577976167;npa=1;auiddc=1733922527.1720272180;u1=https%3A%2F%2Fsweepstakes.workmoney.org%2F;ps=1;pcor=525495613;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730v9153343598z8831084863za201zb831084863;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsweepstakes.workmoney.org%2F

Request Chain 44

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4083108&time=1720272180293&url=https%3A%2F%2Fsweepstakes.workmoney.org%2F&tm=gtmv2 HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4083108&time=1720272180293&url=https%3A%2F%2Fsweepstakes.workmoney.org%2F&tm=gtmv2&e_ipv6=AQJylP8raVrYfAAAAZCINlTDuWRVpWFKw-0-JabVJRYBOc_WVAkFf_3kTf7rsTm5ZRt80k0n263Ypw

Request Chain 63

• https://c.clarity.ms/c.gif HTTP 302
• https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=74F4F09249C14EF4960D095AF43F0C78&RedC=c.clarity.ms&MXFR=2A1F397D4380627632C02DC947806C1D HTTP 302
• https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=74F4F09249C14EF4960D095AF43F0C78&MUID=231769E9F57963AA200D7D5DF41262F3

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response sweepstakes.workmoney.org/	3 KB 1 KB	334ms 270ms	Document text/html	2606:4700:10::ac43:1e28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sweepstakes.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1e28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2bed3870102a9c7fd57b199cbfef542239d79d6c759416603eb71bf452c44b1e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers age 0 cache-control public,max-age=0,must-revalidate cache-status "Netlify Edge"; fwd=miss cf-cache-status DYNAMIC cf-ray 89efe81e6b571905-FRA content-encoding br content-type text/html; charset=UTF-8 date Sat, 06 Jul 2024 13:22:59 GMT netlify-vary cookie=__next_preview_data:presence|__prerender_bypass:presence server cloudflare strict-transport-security max-age=31536000 vary Accept-Encoding x-nf-request-id 01J243CKW33ST3JQXJ78MNP97H
GET H2	200	optimize.js Show response www.googleoptimize.com/	178 KB 65 KB	110ms 53ms	Script application/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleoptimize.com/optimize.js?id=OPT-K7D6LJW Requested by Host: sweepstakes.workmoney.org URL: https://sweepstakes.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash eddfb462a24be9b9f321714f5015dac5ddc327dc29f552e80f927a57200ef1f1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 06 Jul 2024 13:22:59 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66002 x-xss-protection 0 last-modified Sat, 06 Jul 2024 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 06 Jul 2024 13:22:59 GMT
GET H2	200	b41d3718263e1549.css sweepstakes.workmoney.org/_next/static/css/	12 KB 4 KB	346ms 346ms	Stylesheet text/css	2606:4700:10::ac43:1e28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sweepstakes.workmoney.org/_next/static/css/b41d3718263e1549.css Requested by Host: sweepstakes.workmoney.org URL: https://sweepstakes.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1e28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 10905c6297591afc67a95dd3a892ba4ff55f6446a839ccbca1072d57db05f1d5 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01J243CMCZH0Y3VGDQXB75K4WG date Sat, 06 Jul 2024 13:22:59 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status MISS netlify-vary cookie=__next_preview_data:presence|__prerender_bypass:presence server cloudflare cache-status "Netlify Edge"; fwd=miss etag W/"b753839949d71005d231e976011f3a6f-ssl-df" vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public,max-age=0,must-revalidate cf-ray 89efe821cf7b1905-FRA
GET H2	200	webpack-5752944655d749a0.js Show response sweepstakes.workmoney.org/_next/static/chunks/	2 KB 964 B	258ms 257ms	Script application/javascript	2606:4700:10::ac43:1e28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sweepstakes.workmoney.org/_next/static/chunks/webpack-5752944655d749a0.js Requested by Host: sweepstakes.workmoney.org URL: https://sweepstakes.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1e28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f084f40ddabbf16c59e0d2e8c13f2b2c927121892f452bdd87395df212e93635 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01J243CMD0QF74C7VVQ9EJPYQH date Sat, 06 Jul 2024 13:22:59 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status MISS netlify-vary cookie=__next_preview_data:presence|__prerender_bypass:presence server cloudflare cache-status "Netlify Edge"; fwd=miss etag W/"c8a18606880ade0d26472d94c364726d-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate cf-ray 89efe821df9c1905-FRA
GET H2	200	framework-5f4595e5518b5600.js Show response sweepstakes.workmoney.org/_next/static/chunks/	127 KB 42 KB	285ms 283ms	Script application/javascript	2606:4700:10::ac43:1e28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sweepstakes.workmoney.org/_next/static/chunks/framework-5f4595e5518b5600.js Requested by Host: sweepstakes.workmoney.org URL: https://sweepstakes.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1e28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01J243CM9Y3CMP74EHMFTS2QGT date Sat, 06 Jul 2024 13:22:59 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status MISS netlify-vary cookie=__next_preview_data:presence|__prerender_bypass:presence server cloudflare cache-status "Netlify Edge"; fwd=miss etag W/"af3f2059afa1698882c96400fe2e154e-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate cf-ray 89efe821dfa01905-FRA
GET H2	200	main-202733b50b7a281d.js Show response sweepstakes.workmoney.org/_next/static/chunks/	104 KB 31 KB	397ms 396ms	Script application/javascript	2606:4700:10::ac43:1e28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sweepstakes.workmoney.org/_next/static/chunks/main-202733b50b7a281d.js Requested by Host: sweepstakes.workmoney.org URL: https://sweepstakes.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1e28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 73bcb7508c99bac0a77bb54596cde75c37dfd8f8981ae9d8171453bfce706429 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01J243CMD0NNS6WZHB30A0P5F2 date Sat, 06 Jul 2024 13:22:59 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status EXPIRED netlify-vary cookie=__next_preview_data:presence|__prerender_bypass:presence server cloudflare cache-status "Netlify Edge"; fwd=miss etag W/"abe75db43dd8d6cfaaf28d07e3c673b1-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate cf-ray 89efe821dfa21905-FRA
GET H2	200	_app-3b72858a7198f3d1.js Show response sweepstakes.workmoney.org/_next/static/chunks/pages/	6 KB 3 KB	344ms 343ms	Script application/javascript	2606:4700:10::ac43:1e28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sweepstakes.workmoney.org/_next/static/chunks/pages/_app-3b72858a7198f3d1.js Requested by Host: sweepstakes.workmoney.org URL: https://sweepstakes.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1e28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 162fc699340f8de074ee18011bfcfd8207149566529043d974ee8c4ea8cebb50 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01J243CMDQFVZJ5V8Y85AA14HS date Sat, 06 Jul 2024 13:22:59 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status EXPIRED netlify-vary cookie=__next_preview_data:presence|__prerender_bypass:presence server cloudflare cache-status "Netlify Edge"; fwd=miss etag W/"8e845c5d90d28857dfd0364381010d87-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate cf-ray 89efe821dfa31905-FRA
GET H2	200	988-0fa2255148903607.js Show response sweepstakes.workmoney.org/_next/static/chunks/	10 KB 4 KB	346ms 345ms	Script application/javascript	2606:4700:10::ac43:1e28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sweepstakes.workmoney.org/_next/static/chunks/988-0fa2255148903607.js Requested by Host: sweepstakes.workmoney.org URL: https://sweepstakes.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1e28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 00e43065012ad92dc8246a374fa6154615ca4262697a3992f973b3be3fed771f Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01J243CMDRT1XP0N8GCH4C97Q6 date Sat, 06 Jul 2024 13:22:59 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status MISS netlify-vary cookie=__next_preview_data:presence|__prerender_bypass:presence server cloudflare cache-status "Netlify Edge"; fwd=miss etag W/"d07af9195e2dac6d51a498df2b6861f9-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate cf-ray 89efe821dfa41905-FRA
GET H2	200	index-145aa40df574db7f.js Show response sweepstakes.workmoney.org/_next/static/chunks/pages/	2 KB 730 B	330ms 329ms	Script application/javascript	2606:4700:10::ac43:1e28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sweepstakes.workmoney.org/_next/static/chunks/pages/index-145aa40df574db7f.js Requested by Host: sweepstakes.workmoney.org URL: https://sweepstakes.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1e28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0587171ca0780870553dde88e8ec04fc7e7b25bb2c9c27163912f3e36a1f99aa Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01J243CMD0NP1Q0WPWNRFYSVJB date Sat, 06 Jul 2024 13:22:59 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status MISS netlify-vary cookie=__next_preview_data:presence|__prerender_bypass:presence server cloudflare cache-status "Netlify Edge"; fwd=miss etag W/"09dec14bc8b754090436b0e5d02299ef-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate cf-ray 89efe821dfa61905-FRA
GET H2	200	_buildManifest.js Show response sweepstakes.workmoney.org/_next/static/eB1odCquGDRhjCsgHjd2M/	491 B 395 B	232ms 231ms	Script application/javascript	2606:4700:10::ac43:1e28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sweepstakes.workmoney.org/_next/static/eB1odCquGDRhjCsgHjd2M/_buildManifest.js Requested by Host: sweepstakes.workmoney.org URL: https://sweepstakes.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1e28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 994c8f3f05fd1fe3e2164a4fca70bb70d573ef3ca2b6ac0bd4172221afb34d7f Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01J243CMA0HRMYWWPR8G6BVPSF date Sat, 06 Jul 2024 13:22:59 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status MISS netlify-vary cookie=__next_preview_data:presence|__prerender_bypass:presence server cloudflare cache-status "Netlify Edge"; fwd=miss etag W/"dd41c117357c6f60b662d1101512f1ce-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate cf-ray 89efe821dfa91905-FRA
GET H2	200	_ssgManifest.js Show response sweepstakes.workmoney.org/_next/static/eB1odCquGDRhjCsgHjd2M/	94 B 229 B	69ms 68ms	Script application/javascript	2606:4700:10::ac43:1e28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sweepstakes.workmoney.org/_next/static/eB1odCquGDRhjCsgHjd2M/_ssgManifest.js Requested by Host: sweepstakes.workmoney.org URL: https://sweepstakes.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1e28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b09cd39250d527da92fa394249f2774644f9ebf0152a35068ddc4aedef446f3c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01J243CMABDY63YATECF9Q5SGY date Sat, 06 Jul 2024 13:22:59 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status MISS netlify-vary cookie=__next_preview_data:presence|__prerender_bypass:presence server cloudflare cache-status "Netlify Edge"; hit etag W/"39ad108a7be1067c84bfa013d2f62a69-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate cf-ray 89efe821dfac1905-FRA
GET H2	200	logo.svg sweepstakes.workmoney.org/images/	8 KB 4 KB	172ms 171ms	Image image/svg+xml	2606:4700:10::ac43:1e28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sweepstakes.workmoney.org/images/logo.svg Requested by Host: sweepstakes.workmoney.org URL: https://sweepstakes.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1e28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fabdf294f66cf630f62e0dcc1dd65d270cc6918ce505ec966e1fe860fe03c87b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01J243CMA3GV4S88KBE31BPHT8 date Sat, 06 Jul 2024 13:22:59 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status MISS netlify-vary cookie=__next_preview_data:presence|__prerender_bypass:presence server cloudflare cache-status "Netlify Edge"; fwd=miss etag W/"18bceb802a7eb671f71b490e5cf60d42-ssl-df" vary Accept-Encoding content-type image/svg+xml cache-control public,max-age=0,must-revalidate cf-ray 89efe821dfad1905-FRA
GET H2	200	facebook.svg sweepstakes.workmoney.org/images/	653 B 486 B	258ms 257ms	Image image/svg+xml	2606:4700:10::ac43:1e28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sweepstakes.workmoney.org/images/facebook.svg Requested by Host: sweepstakes.workmoney.org URL: https://sweepstakes.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1e28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 50596ac4342f310c8c5534bb2c4a6702888fb1378290db697ce11a4919dff2df Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01J243CMCZTFCFB60GY5346N5X date Sat, 06 Jul 2024 13:22:59 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status MISS netlify-vary cookie=__next_preview_data:presence|__prerender_bypass:presence server cloudflare cache-status "Netlify Edge"; fwd=miss etag W/"82cf62ded1a04adb228312be81d7c763-ssl" vary Accept-Encoding content-type image/svg+xml cache-control public,max-age=0,must-revalidate cf-ray 89efe821ffc01905-FRA
GET H2	200	instagram.svg sweepstakes.workmoney.org/images/	3 KB 1 KB	341ms 340ms	Image image/svg+xml	2606:4700:10::ac43:1e28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sweepstakes.workmoney.org/images/instagram.svg Requested by Host: sweepstakes.workmoney.org URL: https://sweepstakes.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1e28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3020511cecb8978cb5334d68c09bf215d85ccdefac1409397b0c3ef863bfcbab Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01J243CMDR67R4FCQ1PV55R9E2 date Sat, 06 Jul 2024 13:22:59 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status MISS netlify-vary cookie=__next_preview_data:presence|__prerender_bypass:presence server cloudflare cache-status "Netlify Edge"; fwd=miss etag W/"cb9544e0554385ad63e91c8f8c7a3464-ssl-df" vary Accept-Encoding content-type image/svg+xml cache-control public,max-age=0,must-revalidate cf-ray 89efe821ffc11905-FRA
GET H2	200	css2 fonts.googleapis.com/	2 KB 851 B	77ms 27ms	Stylesheet text/css	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap Requested by Host: sweepstakes.workmoney.org URL: https://sweepstakes.workmoney.org/_next/static/css/b41d3718263e1549.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 51f5b1e8bf23c87b2ab7d5a8de0205944338068a34b06c1c74a79930e26f18a3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Sat, 06 Jul 2024 13:22:59 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 06 Jul 2024 11:33:00 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 06 Jul 2024 13:22:59 GMT
GET H2	200	pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v21/	8 KB 8 KB	70ms 23ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://sweepstakes.workmoney.org Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 18:57:16 GMT x-content-type-options nosniff age 152743 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7816 x-xss-protection 0 last-modified Fri, 22 Mar 2024 00:00:32 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jul 2025 18:57:16 GMT
GET H2	200	pxiEyp8kv8JHgFVrJJfecg.woff2 fonts.gstatic.com/s/poppins/v21/	8 KB 8 KB	73ms 26ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://sweepstakes.workmoney.org Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 16:21:03 GMT x-content-type-options nosniff age 162116 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7884 x-xss-protection 0 last-modified Fri, 22 Mar 2024 00:00:38 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jul 2025 16:21:03 GMT
GET H2	200	pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v21/	8 KB 8 KB	68ms 21ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://sweepstakes.workmoney.org Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 03:04:16 GMT x-content-type-options nosniff age 209923 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8000 x-xss-protection 0 last-modified Fri, 22 Mar 2024 00:00:59 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jul 2025 03:04:16 GMT
GET H2	200	klaviyo.js Show response static.klaviyo.com/onsite/js/	2 KB 1 KB	105ms 29ms	Script application/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Vcq7JM Requested by Host: sweepstakes.workmoney.org URL: https://sweepstakes.workmoney.org/_next/static/chunks/main-202733b50b7a281d.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 8b98ef015a30543c6ca1619af1c0d820a2b3ffea49ff924d34114762436e3c8d Security Headers Name Value Content-Security-Policy object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/ Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/ content-encoding br via 1.1 varnish, 1.1 varnish date Sat, 06 Jul 2024 13:23:00 GMT age 47898 x-cache HIT, HIT content-length 813 x-served-by cache-lga21954-LGA, cache-fra-etou8220073-FRA server nginx x-timer S1720272180.017074,VS0,VE1 etag "44aa8e25b48b7b99d8fe0e71b7c08521" allow GET, OPTIONS access-control-max-age 86400 access-control-allow-methods GET access-control-allow-origin * content-language en-us cache-control max-age=1, stale-while-revalidate=10800 access-control-allow-credentials true content-type application/javascript vary Accept-Encoding accept-ranges bytes access-control-allow-headers x-cache-hits 66, 0
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 30 KB	70ms 20ms	Script application/javascript	2a04:4e42::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js Requested by Host: sweepstakes.workmoney.org URL: https://sweepstakes.workmoney.org/_next/static/chunks/main-202733b50b7a281d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 06 Jul 2024 13:22:59 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 1676751 x-cache HIT, HIT content-length 30875 x-served-by cache-lga21931-LGA, cache-fra-etou8220139-FRA last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1720272180.980736,VS0,VE0 etag W/"28feccc0-15d9d" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 17, 780234
GET H2	200	gtm.js Show response www.googletagmanager.com/	505 KB 135 KB	106ms 60ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-PKDNJ65&gtm_auth=&gtm_preview=&gtm_cookies_win=x Requested by Host: sweepstakes.workmoney.org URL: https://sweepstakes.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e224157f35ebfb4eeb9b32c013d2313832d04f813b34cb4f03e28ef6c6a0a180 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 06 Jul 2024 13:23:00 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 138224 x-xss-protection 0 last-modified Sat, 06 Jul 2024 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 06 Jul 2024 13:23:00 GMT
GET H2	200	fender_analytics.f692ee00c71150d7db91.js Show response static-tracking.klaviyo.com/onsite/js/	31 KB 13 KB	105ms 30ms	Script application/javascript	151.101.66.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static-tracking.klaviyo.com/onsite/js/fender_analytics.f692ee00c71150d7db91.js?cb=1 Requested by Host: static.klaviyo.com URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Vcq7JM Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 182aed8bfe77643efd0464370a017e39fe115bc115962dede8fea94ac9191c56 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Origin https://sweepstakes.workmoney.org Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id 5WJy..Lo4mK2jnII0rHa1l5haINArMgZ content-encoding br via 1.1 varnish, 1.1 varnish date Sat, 06 Jul 2024 13:23:00 GMT x-amz-request-id 41Y2RTP149KA3F25 age 47898 x-amz-server-side-encryption AES256 x-cache HIT, HIT x-amz-meta-surrogate-control max-age=31536000 x-amz-meta-surrogate-key fender-asset content-length 12748 x-amz-id-2 mKL1xWMRGO3xerTYlPL0yRvVbZ5DZgnzOEYw7UzT/IairFK8mTlaNUFMOeD5za6kjnB4D8Fzjtw= x-served-by cache-lga21947-LGA, cache-fra-etou8220140-FRA last-modified Thu, 11 Apr 2024 15:48:20 GMT server AmazonS3 etag "cb6418619f08d5e582cf68f2d2432438" vary Accept-Encoding x-amz-meta-entrypoints-hash f762585ddd3a013913c4e420e75aa2819d1084f2 content-type application/javascript access-control-allow-origin * cache-control max-age=2592000,stale-while-revalidate=10800 accept-ranges bytes x-cache-hits 10, 14526
GET H2	200	static.500134348b1f0969ffe3.js Show response static-tracking.klaviyo.com/onsite/js/	2 KB 2 KB	104ms 30ms	Script application/javascript	151.101.66.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static-tracking.klaviyo.com/onsite/js/static.500134348b1f0969ffe3.js?cb=1 Requested by Host: static.klaviyo.com URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Vcq7JM Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Origin https://sweepstakes.workmoney.org Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id 2L_.X11dgB5ItJdIxOLpsdUl7RuAaHwi via 1.1 varnish, 1.1 varnish content-encoding br date Sat, 06 Jul 2024 13:23:00 GMT x-amz-request-id F82JVRQFRQE0D0ND age 47898 x-amz-server-side-encryption AES256 x-cache HIT, HIT x-amz-meta-surrogate-control max-age=31536000 x-amz-meta-surrogate-key fender-asset content-length 1029 x-amz-id-2 XmO+iStmg5njyuMH7vXkQdM03SQBJDOIcVKuFvHQmczFeeUes7JtthO+XbG+RcAUTnJlfLyP1tUWCT8PTcmHv+9kgXg+SY0S x-served-by cache-lga21976-LGA, cache-fra-etou8220140-FRA last-modified Wed, 27 Mar 2024 10:30:34 GMT server AmazonS3 etag "64de10774c3382fe4adddab07ea17f0d" vary Accept-Encoding x-amz-meta-entrypoints-hash 2825b63e6933b08d1be25eea4d99ad73625b8faa content-type application/javascript access-control-allow-origin * cache-control max-age=2592000,stale-while-revalidate=10800 accept-ranges bytes x-cache-hits 3169, 14779
GET H2	200	runtime.30e5687eaeaa954c2570.js Show response static.klaviyo.com/onsite/js/	20 KB 8 KB	106ms 39ms	Script application/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.klaviyo.com/onsite/js/runtime.30e5687eaeaa954c2570.js?cb=1 Requested by Host: static.klaviyo.com URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Vcq7JM Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash a634e87ad0f9207b0303dda3940072f69f9bf3a064dad7200df99d06057c142a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Origin https://sweepstakes.workmoney.org Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id ISKqjFmD0Eb989D62DjrUxAsDdurOz.f content-encoding br via 1.1 varnish, 1.1 varnish date Sat, 06 Jul 2024 13:23:00 GMT x-amz-request-id PVW2E9WX6PS2FWDS age 47898 x-amz-server-side-encryption AES256 x-cache HIT, HIT x-amz-meta-surrogate-control max-age=31536000 x-amz-meta-surrogate-key fender-asset content-length 7701 x-amz-id-2 JT1WFn2w4+GFxgFoQwMyjLgveSHN4+XThuS4HVS6ChX0ByuS++Zk4i2aCVReDXOmuRLo7AgQ4JE= x-served-by cache-lga21981-LGA, cache-fra-etou8220159-FRA last-modified Fri, 05 Jul 2024 19:07:48 GMT server AmazonS3 etag "a2a4d223b8293a91e5c19cca88fc09db" vary Accept-Encoding x-amz-meta-entrypoints-hash 67abca9c10c76527f105265634a9985f7cdc288a content-type application/javascript access-control-allow-origin * cache-control max-age=2592000,stale-while-revalidate=10800 accept-ranges bytes x-cache-hits 38, 16916
GET H2	200	sharedUtils.58c71a5d906c1c27c8e6.js Show response static.klaviyo.com/onsite/js/	48 KB 18 KB	99ms 33ms	Script application/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.klaviyo.com/onsite/js/sharedUtils.58c71a5d906c1c27c8e6.js?cb=1 Requested by Host: static.klaviyo.com URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Vcq7JM Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 43f84fc07ca84521ccdd33195be1d62cbe8b43720aecc3e26d859b15061c3b30 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Origin https://sweepstakes.workmoney.org Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id ITWaxvCLmiXAceusM0.5yRJFy.eMUuuz content-encoding br via 1.1 varnish, 1.1 varnish date Sat, 06 Jul 2024 13:23:00 GMT x-amz-request-id FY7ATG7XXCNQ66H2 age 47898 x-amz-server-side-encryption AES256 x-cache HIT, HIT x-amz-meta-surrogate-control max-age=31536000 x-amz-meta-surrogate-key fender-asset content-length 17916 x-amz-id-2 dnsW8FA9YHOznUgcBOOipeCChPutGh4+MstMRwg50IZcDj4sMsAEPm03Ts6wH4QAP830M5Y+miU= x-served-by cache-lga21941-LGA, cache-fra-etou8220159-FRA last-modified Thu, 27 Jun 2024 09:36:48 GMT server AmazonS3 etag "6cc01be3baf017cfa85878bcac0f9e8f" vary Accept-Encoding x-amz-meta-entrypoints-hash 912e2bb7dd18552828727b3c1954397389e047e7 content-type application/javascript access-control-allow-origin * cache-control max-age=2592000,stale-while-revalidate=10800 accept-ranges bytes x-cache-hits 425464, 15799
GET H2	200	js Show response www.googletagmanager.com/gtag/	344 KB 109 KB	54ms 53ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-NSRYKVYF8Z&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKDNJ65&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 28dcbc4e79cd0888a6f0806c0a300a477b5480a93bca3a3ffc8e2b65ac73b793 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 06 Jul 2024 13:23:00 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 111076 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 06 Jul 2024 13:23:00 GMT
GET H2	200	/ Show response geolocation-db.com/json/	146 B 257 B	89ms 42ms	XHR text/html	159.89.102.253 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://geolocation-db.com/json/ Requested by Host: sweepstakes.workmoney.org URL: https://sweepstakes.workmoney.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.89.102.253 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 085bdd540553d5b6478e8f7f151cde40a6e3886b73df9a6924b3a872d51bf743 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Sat, 06 Jul 2024 13:23:00 GMT content-encoding gzip server nginx/1.14.0 (Ubuntu) content-type text/html; charset=UTF-8
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	222 KB 59 KB	67ms 21ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: sweepstakes.workmoney.org URL: https://sweepstakes.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sat, 06 Jul 2024 13:23:00 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58293 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=19, rtx=0, c=12, mss=1297, tbw=2787, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug irWbPNY/8bLp7H7gb0w3UYT7K754nix4C8FKzgn52rcOVzZ9kouVozewAp9HJCqUCW6dq3lH6WHfcyOao61FPA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	tfa.js Show response cdn.taboola.com/libtrc/unip/1301021/	70 KB 22 KB	197ms 131ms	Script application/javascript	151.101.129.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/unip/1301021/tfa.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKDNJ65&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash d850b3a2462bf95fbdb0a4d2ede4ee4f7244028670dff0b62c5b65091b82b851 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id 4PnB5VkKSIlWvCljaPaPuIukcbsRDhQn content-encoding gzip via 1.1 varnish date Sat, 06 Jul 2024 13:23:00 GMT x-amz-request-id N977SRPM5YM21K8Q age 0 x-amz-server-side-encryption AES256 x-cache HIT x-amz-replication-status COMPLETED content-length 21715 x-amz-id-2 gOqaTJidfC0cLwm+ldXB+8/PhdlREZPWITsfwOROnzq4DQuFYRM1/0eLhBJ9vEiD6TGlz2Pbqic= x-served-by cache-fra-etou8220026-FRA last-modified Sun, 30 Jun 2024 11:26:10 GMT server AmazonS3 x-timer S1720272180.203202,VS0,VE101 etag "0d46c651139a9bf21ba577bc2fe57f88" vary Accept-Encoding content-type application/javascript; charset=utf-8 abp 33 access-control-allow-origin * cache-control private,max-age=14401 accept-ranges bytes x-cache-hits 0
GET		scevent.min.js sc-static.net/	0 0
GET H2	200	bat.js Show response bat.bing.com/	45 KB 13 KB	125ms 45ms	Script application/javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKDNJ65&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Sat, 06 Jul 2024 13:22:59 GMT last-modified Thu, 29 Feb 2024 19:58:06 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: BA20CBB3349F48F3A53986086846E7CF Ref B: FRAEDGE1513 Ref C: 2024-07-06T13:23:00Z etag "01b4e9c496bda1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 13261
GET H2	200	pixel.js Show response www.redditstatic.com/ads/	42 KB 13 KB	77ms 19ms	Script application/javascript	2a04:4e42:600::396 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/ads/pixel.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKDNJ65&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash 6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 06 Jul 2024 13:23:00 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish last-modified Thu, 20 Jun 2024 19:23:03 GMT server snooserv nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02} etag "71b328aff914ada8b774bfa8fff542c4" x-amz-server-side-encryption AES256 vary Accept-Encoding,Origin report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} content-type application/javascript cache-control public, max-age=60 accept-ranges bytes content-length 12116
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	38 KB 14 KB	135ms 43ms	Script application/javascript	2a02:26f0:3500:10::210:a9a AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKDNJ65&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 06 Jul 2024 13:23:00 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 18 Jun 2024 16:46:52 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=34738 accept-ranges bytes content-length 14004
GET H2	200	destination Show response www.googletagmanager.com/gtag/	216 KB 78 KB	55ms 55ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=DC-13560696&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKDNJ65&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 81da8c7df1e9475ecafdd8e580c2e271d06163a077fa24fc7fd92ff81ac4da2a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 06 Jul 2024 13:23:00 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 79314 x-xss-protection 0 last-modified Sat, 06 Jul 2024 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 06 Jul 2024 13:23:00 GMT
GET H2	200	config Show response pixel-config.reddit.com/pixels/t2_p9hxq0oa/	3 B 124 B	102ms 34ms	XHR application/json	151.101.193.140 FASTLY
General Check archive.org Show headers Download Go to Full URL https://pixel-config.reddit.com/pixels/t2_p9hxq0oa/config Requested by Host: www.redditstatic.com URL: https://www.redditstatic.com/ads/pixel.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 06 Jul 2024 13:23:00 GMT content-encoding gzip via 1.1 varnish content-type application/json access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes content-length 27
GET H2	200	t2_p9hxq0oa_telemetry Show response www.redditstatic.com/ads/conversions-config/v1/pixel/config/	86 B 699 B	72ms 32ms	XHR application/json	2a04:4e42:600::396 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_p9hxq0oa_telemetry Requested by Host: www.redditstatic.com URL: https://www.redditstatic.com/ads/pixel.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash 45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 06 Jul 2024 13:23:00 GMT content-encoding gzip via 1.1 varnish nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02} server snooserv vary Accept-Encoding,Origin report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} content-type application/json access-control-allow-origin * cache-control max-age=300 accept-ranges bytes content-length 97
GET H2	200	rp.gif alb.reddit.com/	42 B 637 B	98ms 30ms	Image image/gif	151.101.129.140 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://alb.reddit.com/rp.gif?ts=1720272180205&id=t2_p9hxq0oa&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=8e119823-9be6-4077-a546-d0aafcb6923b&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc= Requested by Host: sweepstakes.workmoney.org URL: https://sweepstakes.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 06 Jul 2024 13:23:00 GMT via 1.1 varnish nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3} server Varnish report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} content-type image/gif cross-origin-resource-policy cross-origin accept-ranges bytes content-length 42 retry-after 0
GET H2	200	activityi;dc_pre=CJre6qHBkocDFdsu-QAdXuUMtw;src=13560696;type=pavev0;cat=workm0;ord=9742577976167;npa=1;auiddc=1733922527.1720272180;u1=https%3A%2F%2Fsweepstakes.workmoney.org%2F;ps=1;pcor=52549561... 13560696.fls.doubleclick.net/ Frame CC73 Redirect Chain https://13560696.fls.doubleclick.net/activityi;src=13560696;type=pavev0;cat=workm0;ord=9742577976167;npa=1;auiddc=1733922527.1720272180;u1=https%3A%2F%2Fsweepstakes.workmoney.org%2F;ps=1;pcor=52549... https://13560696.fls.doubleclick.net/activityi;dc_pre=CJre6qHBkocDFdsu-QAdXuUMtw;src=13560696;type=pavev0;cat=workm0;ord=9742577976167;npa=1;auiddc=1733922527.1720272180;u1=https%3A%2F%2Fsweepstake...	0 0	273ms 272ms	Document text/html	142.250.186.166 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://13560696.fls.doubleclick.net/activityi;dc_pre=CJre6qHBkocDFdsu-QAdXuUMtw;src=13560696;type=pavev0;cat=workm0;ord=9742577976167;npa=1;auiddc=1733922527.1720272180;u1=https%3A%2F%2Fsweepstakes.workmoney.org%2F;ps=1;pcor=525495613;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730v9153343598z8831084863za201zb831084863;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsweepstakes.workmoney.org%2F? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=DC-13560696&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://sweepstakes.workmoney.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 427 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 06 Jul 2024 13:23:00 GMT expires Sat, 06 Jul 2024 13:23:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 06 Jul 2024 13:23:00 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://13560696.fls.doubleclick.net/activityi;dc_pre=CJre6qHBkocDFdsu-QAdXuUMtw;src=13560696;type=pavev0;cat=workm0;ord=9742577976167;npa=1;auiddc=1733922527.1720272180;u1=https%3A%2F%2Fsweepstakes.workmoney.org%2F;ps=1;pcor=525495613;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730v9153343598z8831084863za201zb831084863;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsweepstakes.workmoney.org%2F? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	activity;register_conversion=1;src=13560696;type=pavev0;cat=workm0;ord=9742577976167;npa=1;auiddc=1733922527.1720272180;u1=https%3A%2F%2Fsweepstakes.workmoney.org%2F;ps=1;pcor=525495613;uaa=x86;uab... ad.doubleclick.net/	0 23 B	214ms 172ms	Image image/png	142.250.74.198 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/activity;register_conversion=1;src=13560696;type=pavev0;cat=workm0;ord=9742577976167;npa=1;auiddc=1733922527.1720272180;u1=https%3A%2F%2Fsweepstakes.workmoney.org%2F;ps=1;pcor=525495613;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730v9153343598z8831084863za201zb831084863;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsweepstakes.workmoney.org%2F? Requested by Host: sweepstakes.workmoney.org URL: https://sweepstakes.workmoney.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.74.198 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f6.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 06 Jul 2024 13:23:00 GMT attribution-reporting-register-trigger {"aggregatable_deduplication_keys":[{"deduplication_key":"6335517360375441570"}],"aggregatable_trigger_data":[{"filters":[{"14":["16194362"]}],"key_piece":"0x20a1cf80fb3b8a3f","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xa4d60d50956e8671","not_filters":{"14":["16194362"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"5944747647317164432","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"6335517360375441570","filters":[{"14":["16194362"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"6335517360375441570","filters":[{"14":["16194362"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"6335517360375441570","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"6335517360375441570","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["13560696"]}} x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type image/png access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 0	81ms 27ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-NSRYKVYF8Z&gtm=45je4730v877626850z8831084863za200zb831084863&_p=1720272179924&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=137431244.1720272180&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fsweepstakes.workmoney.org%2F&dr=&dp=%2F&dt=Welcome%20To%20WorkMoney&sid=1720272180&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_group=&tfd=1392&_z=fetch Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-NSRYKVYF8Z&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 06 Jul 2024 13:23:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://sweepstakes.workmoney.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 261 B	88ms 28ms	Ping text/plain	2a00:1450:400c:c00::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NSRYKVYF8Z&cid=137431244.1720272180&gtm=45je4730v877626850z8831084863za200zb831084863&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-NSRYKVYF8Z&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 06 Jul 2024 13:23:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://sweepstakes.workmoney.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	78ms 47ms	Image image/gif	142.250.185.99 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NSRYKVYF8Z&cid=137431244.1720272180&gtm=45je4730v877626850z8831084863za200zb831084863&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=78836414 Requested by Host: sweepstakes.workmoney.org URL: https://sweepstakes.workmoney.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 06 Jul 2024 13:23:00 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	996986220718083 Show response connect.facebook.net/signals/config/	61 KB 13 KB	174ms 173ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/996986220718083?v=2.9.160&r=stable&domain=sweepstakes.workmoney.org&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 61bb0f4dfcd6a6eb6d761ef0d7c82784362bbff4f07060aa4860de7a84a2a788 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sat, 06 Jul 2024 13:23:00 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=24, rtx=0, c=65, mss=1297, tbw=63834, tp=-1, tpl=-1, uplat=153, ullat=1 pragma public x-fb-debug jzUBWQn3GBUllY/lbfjkopVGnsTnclPAxkoG+ISK9uT7GPdlTPunNca0uaZVaHA88WojN7saS0y6C1pOiU1hJg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 625 B	266ms 205ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Accept * Referer https://sweepstakes.workmoney.org/ sec-ch-ua-platform "Win32" Response headers date Sat, 06 Jul 2024 13:23:00 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: C2EF8A26F5A84958BD97E7AB707D0209 Ref B: FRAEDGE1714 Ref C: 2024-07-06T13:23:00Z linkedin-action 1 vary Origin x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 access-control-allow-origin https://sweepstakes.workmoney.org x-li-proto http/2 access-control-allow-credentials true x-li-uuid AAYclBQ7d9tJLJPVqA6ZeA==
GET H2	200	attribution_trigger Show response px.ads.linkedin.com/	2 B 814 B	236ms 172ms	XHR application/json	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/attribution_trigger?pid=4083108&time=1720272180293&url=https%3A%2F%2Fsweepstakes.workmoney.org%2F&tm=gtmv2 Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept * Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 06 Jul 2024 13:22:59 GMT content-encoding gzip x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: CAE3553A00634E6EBB18B6565D0438EA Ref B: FRAEDGE1409 Ref C: 2024-07-06T13:23:00Z access-control-allow-methods GET, OPTIONS x-li-fabric prod-ltx1 access-control-allow-origin * x-cache CONFIG_NOCACHE content-type application/json x-li-proto http/2 x-restli-protocol-version 1.0.0 access-control-allow-headers * x-li-uuid AAYclBQ7SW00bNSaNjK6Bw== x-fs-uuid 00061c94143b496d346cd49a3632ba07
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4083108&time=1720272180293&url=https%3A%2F%2Fsweepstakes.workmoney.org%2F&tm=gtmv2 https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4083108&time=1720272180293&url=https%3A%2F%2Fsweepstakes.workmoney.org%2F&tm=gtmv2&e_ipv6=AQJylP8raVrYfAAAAZCINlTDuWRVpWFKw-0-JabVJRYBOc_WVAkFf_3...	0 265 B	226ms 149ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4083108&time=1720272180293&url=https%3A%2F%2Fsweepstakes.workmoney.org%2F&tm=gtmv2&e_ipv6=AQJylP8raVrYfAAAAZCINlTDuWRVpWFKw-0-JabVJRYBOc_WVAkFf_3kTf7rsTm5ZRt80k0n263Ypw Requested by Host: sweepstakes.workmoney.org URL: https://sweepstakes.workmoney.org/ Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://sweepstakes.workmoney.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 06 Jul 2024 13:23:00 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 6EB1B7B0BB224D0398BAC089CB32EF65 Ref B: FRAEDGE1509 Ref C: 2024-07-06T13:23:00Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-lva1 x-li-proto http/2 content-length 0 x-li-uuid AAYclBQ+UdkAevzWV3wkNQ== Redirect headers date Sat, 06 Jul 2024 13:23:00 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 2C3E3B674AC4478E93A01E56BD72502E Ref B: FRAEDGE1714 Ref C: 2024-07-06T13:23:00Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4083108&time=1720272180293&url=https%3A%2F%2Fsweepstakes.workmoney.org%2F&tm=gtmv2&e_ipv6=AQJylP8raVrYfAAAAZCINlTDuWRVpWFKw-0-JabVJRYBOc_WVAkFf_3kTf7rsTm5ZRt80k0n263Ypw x-li-proto http/2 content-length 0 x-li-uuid AAYclBQ6/CxjsgareiEUJA==
GET H2	200	148004749.js Show response bat.bing.com/p/action/	4 KB 2 KB	44ms 44ms	Script application/javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/148004749.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash cc4ceb3c553d6382e138885937e9148df21fe4f468e00047dfcf723db8f2bfec Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br date Sat, 06 Jul 2024 13:22:59 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: A741111CD745445F9EF2C9F441A9E76E Ref B: FRAEDGE1513 Ref C: 2024-07-06T13:23:00Z vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript; charset=utf-8 cache-control private,max-age=60
GET H2	204	0 bat.bing.com/action/	0 285 B	60ms 60ms	Image text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=148004749&tm=gtm002&Ver=2&mid=7b53bce7-afad-424b-bc95-de5383572c00&sid=ddbd9fd03b9a11ef907e0587adceb92a&vid=ddbd94503b9a11efbb9001b5a77c84e3&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Welcome%20To%20WorkMoney&p=https%3A%2F%2Fsweepstakes.workmoney.org%2F&r=&lt=1046&evt=pageLoad&sv=1&rn=913146 Requested by Host: sweepstakes.workmoney.org URL: https://sweepstakes.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Sat, 06 Jul 2024 13:22:59 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: A815C4E0F7E5431C9E33A7802657910E Ref B: FRAEDGE1513 Ref C: 2024-07-06T13:23:00Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	topics_api Show response psb.taboola.com/	65 B 284 B	92ms 29ms	Fetch text/html	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://psb.taboola.com/topics_api Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/unip/1301021/tfa.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-served-by cache-fra-etou8220141-FRA date Sat, 06 Jul 2024 13:23:00 GMT via 1.1 varnish server Varnish observe-browsing-topics ?1 x-timer S1720272180.403028,VS0,VE0 x-cache HIT content-type text/html; charset=utf-8 access-control-allow-origin * cache-control private, max-age=2592000 accept-ranges bytes content-length 65 retry-after 0 x-cache-hits 0
GET H2	200	json Show response trc.taboola.com/1301021/trc/3/	2 KB 2 KB	55ms 48ms	Script application/javascript	151.101.129.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://trc.taboola.com/1301021/trc/3/json?tim=1720272180332&data=%7B%22id%22%3A839%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1720272180323%2C%22cv%22%3A%2220240626-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsweepstakes.workmoney.org%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dzeevgoichman-workmoney-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1720272180331%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fsweepstakes.workmoney.org%2F%22%2C%22tos%22%3A7%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/unip/1301021/tfa.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 194f70fa3811b9a55ddc812aa294549b1db9a902a70c9259810cf0890add5d5a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-vcl-time-ms 20 date Sat, 06 Jul 2024 13:23:00 GMT content-encoding gzip via 1.1 varnish cpu 0.16799999999999998 x-fastly-to-nlb-rtt 7345 x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" x-service-version v1 x-served-by cache-fra-etou8220026-FRA x-log-content-encoding gzip server nginx x-timer S1720272180.357174,VS0,VE20 vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	200	148004749 Show response www.clarity.ms/tag/uet/	816 B 1 KB	213ms 114ms	Script application/x-javascript	2620:1ec:bdf::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/tag/uet/148004749 Requested by Host: bat.bing.com URL: https://bat.bing.com/p/action/148004749.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 227e2f6ec08fd418bf26c45f8252fdf64edc58ad58227bd554a5b6c779f9399f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires -1 date Sat, 06 Jul 2024 13:23:00 GMT x-azure-ref 20240706T132300Z-17cf9458cfb8hvx611wxqra2rw00000003ag00000001qa2p x-cache CONFIG_NOCACHE content-type application/x-javascript cache-control no-cache, no-store accept-ranges bytes content-length 816 request-context appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
GET H2	200	/ www.facebook.com/tr/	0 274 B	79ms 25ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=996986220718083&ev=PageView&dl=https%3A%2F%2Fsweepstakes.workmoney.org%2F&rl=&if=false&ts=1720272180459&cd[dataSource]=EX&sw=1600&sh=1200&ud[uid]=_lya5n1cjsvs8o7bad&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720272180458.382421376226674546&ler=empty&cdl=API_unavailable&it=1720272180270&coo=false&eid=1720272868938_17202731374222&rqm=GET Requested by Host: sweepstakes.workmoney.org URL: https://sweepstakes.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=23, rtx=0, c=10, mss=1297, tbw=2912, tp=-1, tpl=-1, uplat=1, ullat=1 strict-transport-security max-age=31536000; includeSubDomains date Sat, 06 Jul 2024 13:23:00 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 1 KB	259ms 206ms	Image image/png	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=996986220718083&ev=PageView&dl=https%3A%2F%2Fsweepstakes.workmoney.org%2F&rl=&if=false&ts=1720272180459&cd[dataSource]=EX&sw=1600&sh=1200&ud[uid]=_lya5n1cjsvs8o7bad&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720272180458.382421376226674546&ler=empty&cdl=API_unavailable&it=1720272180270&coo=false&eid=1720272868938_17202731374222&rqm=FGET Requested by Host: sweepstakes.workmoney.org URL: https://sweepstakes.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x2f00e06c0aabf441","source_keys":["1","2"]},{"key_piece":"0x45aa0a2c2c10b389","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Sat, 06 Jul 2024 13:23:00 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7388512754406922524", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=22, rtx=0, c=21, mss=1297, tbw=6803, tp=-1, tpl=-1, uplat=182, ullat=0 pragma no-cache x-fb-debug WvC0G2D861RKax2fFL0tGWNLy759PqvrhGMBhzTdOmmxz4i97Io+78AeV3hRB4Hcw25ZojQh5YQ7zZgoZPqLkw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7388512754406922524"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 32 B	79ms 25ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=996986220718083&ev=UserProperties&dl=https%3A%2F%2Fsweepstakes.workmoney.org%2F&rl=&if=false&ts=1720272180460&cd[%24country]=DE&sw=1600&sh=1200&ud[uid]=_lya5n1cjsvs8o7bad&v=2.9.160&r=stable&ec=1&o=4126&fbp=fb.1.1720272180458.382421376226674546&ler=empty&cdl=API_unavailable&it=1720272180270&coo=false&es=user_properties&tm=3&rqm=GET Requested by Host: sweepstakes.workmoney.org URL: https://sweepstakes.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=23, rtx=0, c=10, mss=1297, tbw=3199, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Sat, 06 Jul 2024 13:23:00 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 3 KB	258ms 204ms	Image image/png	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=996986220718083&ev=UserProperties&dl=https%3A%2F%2Fsweepstakes.workmoney.org%2F&rl=&if=false&ts=1720272180460&cd[%24country]=DE&sw=1600&sh=1200&ud[uid]=_lya5n1cjsvs8o7bad&v=2.9.160&r=stable&ec=1&o=4126&fbp=fb.1.1720272180458.382421376226674546&ler=empty&cdl=API_unavailable&it=1720272180270&coo=false&es=user_properties&tm=3&rqm=FGET Requested by Host: sweepstakes.workmoney.org URL: https://sweepstakes.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x35183497ea00fd9d","source_keys":["1","2"]},{"key_piece":"0xd5aeaa03fe04d0d9","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Sat, 06 Jul 2024 13:23:00 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7388512754888679186", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=22, rtx=0, c=21, mss=1297, tbw=3603, tp=-1, tpl=-1, uplat=179, ullat=0 pragma no-cache x-fb-debug 9pGD+kaxhjmPe7VN6ypkz0xMQ8CJahJ0pckFT43k8C6i65ClDZZeM1/DgEfS/NuOyac7LGaD9wPVqZCCFG/0Cw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7388512754888679186"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 103 B	78ms 25ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=996986220718083&ev=UserProperties&dl=https%3A%2F%2Fsweepstakes.workmoney.org%2F&rl=&if=false&ts=1720272180461&sw=1600&sh=1200&ud[uid]=_lya5n1cjsvs8o7bad&v=2.9.160&r=stable&ec=2&o=4126&fbp=fb.1.1720272180458.382421376226674546&ler=empty&cdl=API_unavailable&it=1720272180270&coo=false&es=user_properties&tm=3&rqm=GET Requested by Host: sweepstakes.workmoney.org URL: https://sweepstakes.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=23, rtx=0, c=10, mss=1297, tbw=3199, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Sat, 06 Jul 2024 13:23:00 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 1018 B	519ms 466ms	Image image/png	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=996986220718083&ev=UserProperties&dl=https%3A%2F%2Fsweepstakes.workmoney.org%2F&rl=&if=false&ts=1720272180461&sw=1600&sh=1200&ud[uid]=_lya5n1cjsvs8o7bad&v=2.9.160&r=stable&ec=2&o=4126&fbp=fb.1.1720272180458.382421376226674546&ler=empty&cdl=API_unavailable&it=1720272180270&coo=false&es=user_properties&tm=3&rqm=FGET Requested by Host: sweepstakes.workmoney.org URL: https://sweepstakes.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x35183497ea00fd9d","source_keys":["1","2"]},{"key_piece":"0xd5aeaa03fe04d0d9","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Sat, 06 Jul 2024 13:23:00 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7388512755218847311", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=26, rtx=0, c=21, mss=1297, tbw=9083, tp=-1, tpl=-1, uplat=442, ullat=1 pragma no-cache x-fb-debug aGfxdF9gTUOLCoo6p8bbSjsVCSEy9G6YjE/HQQbbtkghHjKRvL97OQmQDLMJkBrczAuxIoCFk5VtmW0/7rTVdg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7388512755218847311"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 102 B	25ms 25ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=996986220718083&ev=UserProperties&dl=https%3A%2F%2Fsweepstakes.workmoney.org%2F&rl=&if=false&ts=1720272180461&sw=1600&sh=1200&ud[uid]=_lya5n1cjsvs8o7bad&v=2.9.160&r=stable&ec=3&o=4126&fbp=fb.1.1720272180458.382421376226674546&ler=empty&cdl=API_unavailable&it=1720272180270&coo=false&es=user_properties&tm=3&rqm=GET Requested by Host: sweepstakes.workmoney.org URL: https://sweepstakes.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=23, rtx=0, c=10, mss=1297, tbw=3457, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Sat, 06 Jul 2024 13:23:00 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 1020 B	197ms 197ms	Image image/png	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=996986220718083&ev=UserProperties&dl=https%3A%2F%2Fsweepstakes.workmoney.org%2F&rl=&if=false&ts=1720272180461&sw=1600&sh=1200&ud[uid]=_lya5n1cjsvs8o7bad&v=2.9.160&r=stable&ec=3&o=4126&fbp=fb.1.1720272180458.382421376226674546&ler=empty&cdl=API_unavailable&it=1720272180270&coo=false&es=user_properties&tm=3&rqm=FGET Requested by Host: sweepstakes.workmoney.org URL: https://sweepstakes.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x35183497ea00fd9d","source_keys":["1","2"]},{"key_piece":"0xd5aeaa03fe04d0d9","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Sat, 06 Jul 2024 13:23:00 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7388512755464592603", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=22, rtx=0, c=21, mss=1297, tbw=8041, tp=-1, tpl=-1, uplat=178, ullat=0 pragma no-cache x-fb-debug np6Q33aDlj1H9sOX49NQ6RHPPA7AW49jhPgfd9jFlRZfhEM4JG0ibfsSDFtjHFHoY4NAYLni1QCCyoHLnyHlNA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7388512755464592603"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	clarity.js Show response www.clarity.ms/s/0.7.32/	61 KB 26 KB	49ms 48ms	Script application/javascript	2620:1ec:bdf::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/s/0.7.32/clarity.js Requested by Host: www.clarity.ms URL: https://www.clarity.ms/tag/uet/148004749 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 06 Jul 2024 13:23:00 GMT content-encoding br last-modified Fri, 10 May 2024 17:30:20 GMT etag W/"0x8DC7116DE09E645" vary Accept-Encoding x-azure-ref 20240706T132300Z-17cf9458cfb8hvx611wxqra2rw00000003ag00000001qa33 content-type application/javascript;charset=utf-8 access-control-allow-origin * x-ms-request-id dddcbc75-801e-0015-19e4-cd3968000000 cache-control public, max-age=86400 x-cache TCP_HIT x-ms-version 2018-03-28 x-fd-int-roxy-purgeid 51562430
POST H/1.1	204 No Content	collect Show response y.clarity.ms/	0 289 B	378ms 127ms	XHR text/plain	104.211.35.148 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://y.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.32/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.211.35.148 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept application/x-clarity-gzip Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Access-Control-Allow-Origin https://sweepstakes.workmoney.org Date Sat, 06 Jul 2024 13:23:01 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive Vary Origin Request-Context appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
OPTIONS H2	200	unip trc-events.taboola.com/1301021/log/3/ Frame	0 0	145ms 38ms	Preflight	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Full URL https://trc-events.taboola.com/1301021/log/3/unip?en=pre_d_eng_tb&tos=1557&scd=0&ssd=1&est=1720272180325&ver=36&isls=true&src=i&invt=1500&msa=70&rv=1&tim=1720272181882&vi=1720272180323&ri=a2a642399258f35e21f6dcf66c9c253e&ref=null&cv=20240626-2-RELEASE&item-url=https%3A%2F%2Fsweepstakes.workmoney.org%2F Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://sweepstakes.workmoney.org Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-origin https://sweepstakes.workmoney.org allow GET, HEAD, POST, TRACE, OPTIONS content-length 0 date Sat, 06 Jul 2024 13:23:02 GMT p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" server nginx
GET H2	204	unip Show response trc-events.taboola.com/1301021/log/3/	0 254 B	114ms 40ms	XHR text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Full URL https://trc-events.taboola.com/1301021/log/3/unip?en=pre_d_eng_tb&tos=1557&scd=0&ssd=1&est=1720272180325&ver=36&isls=true&src=i&invt=1500&msa=70&rv=1&tim=1720272181882&vi=1720272180323&ri=a2a642399258f35e21f6dcf66c9c253e&ref=null&cv=20240626-2-RELEASE&item-url=https%3A%2F%2Fsweepstakes.workmoney.org%2F Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/unip/1301021/tfa.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Attribution-Reporting-Eligible trigger Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin https://sweepstakes.workmoney.org pragma no-cache date Sat, 06 Jul 2024 13:23:02 GMT cache-control no-cache access-control-allow-credentials true server nginx p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
POST H/1.1	204 No Content	collect Show response y.clarity.ms/	0 289 B	118ms 118ms	XHR text/plain	104.211.35.148 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://y.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.32/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.211.35.148 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept application/x-clarity-gzip Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Access-Control-Allow-Origin https://sweepstakes.workmoney.org Date Sat, 06 Jul 2024 13:23:02 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive Vary Origin Request-Context appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
GET H2	200	c.gif c.clarity.ms/ Redirect Chain https://c.clarity.ms/c.gif https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=74F4F09249C14EF4960D095AF43F0C78&RedC=c.clarity.ms&MXFR=2A1F397D4380627632C02DC947806C1D https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=74F4F09249C14EF4960D095AF43F0C78&MUID=231769E9F57963AA200D7D5DF41262F3	42 B 442 B	54ms 54ms	Image image/gif	13.74.129.1 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=74F4F09249C14EF4960D095AF43F0C78&MUID=231769E9F57963AA200D7D5DF41262F3 Protocol H2 Server 13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://sweepstakes.workmoney.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Sat, 06 Jul 2024 13:23:03 GMT last-modified Tue, 25 Jun 2024 19:30:12 GMT server Microsoft-IIS/10.0 etag "7473f1936c7da1:0" x-powered-by ASP.NET content-type image/gif p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control private, no-cache, proxy-revalidate, no-store accept-ranges bytes content-length 42 Redirect headers pragma no-cache date Sat, 06 Jul 2024 13:23:03 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: DB1BA2F20A7B4BC7B266F57F6F3BCA2D Ref B: FRAEDGE1513 Ref C: 2024-07-06T13:23:04Z x-powered-by ASP.NET x-cache CONFIG_NOCACHE p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" location https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=74F4F09249C14EF4960D095AF43F0C78&MUID=231769E9F57963AA200D7D5DF41262F3 cache-control private, no-cache, proxy-revalidate, no-store content-length 0
GET H2	200	favicon.ico sweepstakes.workmoney.org/images/	1 KB 1 KB	180ms 180ms	Other image/vnd.microsoft.icon	2606:4700:10::ac43:1e28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sweepstakes.workmoney.org/images/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1e28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fddba9d9e2269a901d54bb50ae984d93477e5c72bf522601ddb2896ab3334962 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sweepstakes.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01J243CS0NM1QRY7JDXMA9ZE3F date Sat, 06 Jul 2024 13:23:04 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status MISS netlify-vary cookie=__next_preview_data:presence|__prerender_bypass:presence server cloudflare cache-status "Netlify Edge"; fwd=miss etag W/"73a4e460bb2eb3213a8ec4cdcb3a2e5d-ssl" vary Accept-Encoding content-type image/vnd.microsoft.icon cache-control public,max-age=0,must-revalidate cf-ray 89efe83ffe6c1905-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

sc-static.net

URL

https://sc-static.net/scevent.min.js