ocsp.starfieldtech.com/
192.124.249.23 2.1 kB IP 192.124.249.23:0
Hash 26a88dda8fe8463fefa5854a1871ab3f
6d6f1d7be884bfa638982395753a38c36f82648f
37c061314e81aab0e31acadda08ce3b9113a216a1f0da1f8fff2a47449c21e1d
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 26 Nov 2023 20:05:00 GMT
Content-Type: application/ocsp-response
Content-Length: 2148
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 26 Nov 2023 07:30:02 GMT
Expires: Mon, 27 Nov 2023 07:30:02 GMT
ETag: "6d6f1d7be884bfa638982395753a38c36f82648f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.sprkcvr.com/2H9TBTBD7/2LMZLS6/
35.186.247.135302 Found 230 B URL User Request GET HTTP/2 www.sprkcvr.com/2H9TBTBD7/2LMZLS6/
IP 35.186.247.135:443
Certificate IssuerStarfield Technologies, Inc.
Subjectsprkcvr.com
Fingerprint9B:7C:C4:E0:8B:E1:BE:9A:87:D8:65:02:CC:93:7E:43:63:6C:3C:52
ValiditySun, 12 Feb 2023 19:04:25 GMT - Fri, 15 Mar 2024 19:04:25 GMT
File type HTML document, ASCII text
Hash fcc57c5131f1409cc8a70492fdef520f
75f2646b946ce4dbc1fff486157668c2f7093458
b761abd49ee04516a765e13fb42d75bf73adc45d2e24cbc99c8ca5b96ec25681
GET /2H9TBTBD7/2LMZLS6/ HTTP/1.1
Host: www.sprkcvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Sun, 26 Nov 2023 20:05:00 GMT
content-type: text/html; charset=utf-8
content-length: 230
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
location: https://www.sprkcvr.com/2H9TBTBD7/2N1GGNK/?__rpt=0&__po=921&__ptid=0746d68f7b7f4e6db5ce7dfc18308d7b&__rpa=0&__rc=1&sub1=&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=3
set-cookie: uniqueClick_2LMZLS6=61378def-3f29-4890-b4b7-c6f0294c073f:1701029100; Path=/; Expires=Tue, 26 Dec 2023 20:05:00 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: c4f7f103-9a6d-4994-9fff-84143ec52ca7
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.sprkcvr.com/2H9TBTBD7/2N1GGNK/?__rpt=0&__po=921&__ptid=0746d68f7b7f4e6db5ce7dfc18308d7b&__rpa=0&__rc=1&sub1=&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=3
35.186.247.135302 Found 367 B URL User Request GET HTTP/2 www.sprkcvr.com/2H9TBTBD7/2N1GGNK/?__rpt=0&__po=921&__ptid=0746d68f7b7f4e6db5ce7dfc18308d7b&__rpa=0&__rc=1&sub1=&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=3
IP 35.186.247.135:443
Certificate IssuerStarfield Technologies, Inc.
Subjectsprkcvr.com
Fingerprint9B:7C:C4:E0:8B:E1:BE:9A:87:D8:65:02:CC:93:7E:43:63:6C:3C:52
ValiditySun, 12 Feb 2023 19:04:25 GMT - Fri, 15 Mar 2024 19:04:25 GMT
File type HTML document, ASCII text, with very long lines (365)
Hash 91045106d51a895df43560fbf2a5d0c5
4742914e0035798679e70d57f6f3009ed2895668
23c24ece533fe20b2859e2ca4b6f6c8b9b9c82306247998a98c62340729bcca5
GET /2H9TBTBD7/2N1GGNK/?__rpt=0&__po=921&__ptid=0746d68f7b7f4e6db5ce7dfc18308d7b&__rpa=0&__rc=1&sub1=&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=3 HTTP/1.1
Host: www.sprkcvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: uniqueClick_2LMZLS6=61378def-3f29-4890-b4b7-c6f0294c073f:1701029100
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sun, 26 Nov 2023 20:05:00 GMT
content-type: text/html; charset=utf-8
content-length: 367
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
location: https://www.sweepswinner.com/Lander.aspx?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
set-cookie: uniqueClick_2N1GGNK=1d26c277-6f24-4ef3-9c42-8d8ff004b3da:1701029100; Path=/; Expires=Mon, 27 Nov 2023 20:05:00 GMT; Secure; SameSite=None
transaction_id=f8424a00fad1482aaea5550de6fd5f41; Path=/; Expires=Sat, 24 Feb 2024 20:05:00 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: 4fbd6a51-a434-48ec-a8f8-ff2048f0ff06
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.24 2.1 kB IP 192.124.249.24:0
Hash 26a88dda8fe8463fefa5854a1871ab3f
6d6f1d7be884bfa638982395753a38c36f82648f
37c061314e81aab0e31acadda08ce3b9113a216a1f0da1f8fff2a47449c21e1d
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 26 Nov 2023 20:05:00 GMT
Content-Type: application/ocsp-response
Content-Length: 2148
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 26 Nov 2023 07:30:02 GMT
Expires: Mon, 27 Nov 2023 07:30:02 GMT
ETag: "6d6f1d7be884bfa638982395753a38c36f82648f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.sweepswinner.com/Lander.aspx?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
13.82.93.245301 Moved Permanently 428 B URL User Request GET HTTP/2 www.sweepswinner.com/Lander.aspx?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
IP 13.82.93.245:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerGoDaddy.com, Inc.
Subjectsweepswinner.com
Fingerprint00:F3:65:91:D3:30:47:31:07:B9:04:FC:D1:DC:BA:9E:A2:4D:05:7E
ValidityMon, 06 Nov 2023 23:07:39 GMT - Thu, 05 Dec 2024 21:18:38 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (356), with CRLF line terminators
Hash 3ce79307ea0aeb0b998afcab396d8179
e051419778d55bb03906b0b30aaebbba1c94e762
733082e04f528e8c1755be8cfb27989d9ed7936f0c7a4bc95b571234250092f2
GET /Lander.aspx?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear= HTTP/1.1
Host: www.sweepswinner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
content-type: text/html; charset=utf-8
date: Sun, 26 Nov 2023 20:05:00 GMT
server: Microsoft-IIS/10.0
location: /Lander?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
set-cookie: ARRAffinity=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36;Path=/;HttpOnly;Secure;Domain=www.sweepswinner.com
ARRAffinitySameSite=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36;Path=/;HttpOnly;SameSite=None;Secure;Domain=www.sweepswinner.com
content-length: 428
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
www.sweepswinner.com/Lander?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
13.82.93.245302 Found 456 B URL User Request GET HTTP/2 www.sweepswinner.com/Lander?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
IP 13.82.93.245:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerGoDaddy.com, Inc.
Subjectsweepswinner.com
Fingerprint00:F3:65:91:D3:30:47:31:07:B9:04:FC:D1:DC:BA:9E:A2:4D:05:7E
ValidityMon, 06 Nov 2023 23:07:39 GMT - Thu, 05 Dec 2024 21:18:38 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384), with CRLF line terminators
Hash 5366cdbc77dc3bf3db3338105241a3e2
771d4af423a7c6b4350d5d300ca984cd24abddb6
9d43bc3042a96273a95034c681c8553632568db6fa22a7fd8bf2e98aec438176
GET /Lander?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear= HTTP/1.1
Host: www.sweepswinner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ARRAffinity=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36; ARRAffinitySameSite=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=utf-8
date: Sun, 26 Nov 2023 20:05:00 GMT
server: Microsoft-IIS/10.0
access-control-expose-headers: Request-Context
cache-control: private
location: /Sweepstakes/ApplyStepOneEmail.aspx?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
set-cookie: ASP.NET_SessionId=bvknvvaweqf351dgr5paacrj; path=/; HttpOnly; SameSite=Lax
content-length: 456
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:56af07da-1eda-4488-8386-8decf21ad8e3
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail.aspx?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
13.82.93.245301 Moved Permanently 451 B URL User Request GET HTTP/2 www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail.aspx?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
IP 13.82.93.245:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerGoDaddy.com, Inc.
Subjectsweepswinner.com
Fingerprint00:F3:65:91:D3:30:47:31:07:B9:04:FC:D1:DC:BA:9E:A2:4D:05:7E
ValidityMon, 06 Nov 2023 23:07:39 GMT - Thu, 05 Dec 2024 21:18:38 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (379), with CRLF line terminators
Hash 3caf86af8d197584a6bd1a2659b60c13
dbbceec178470af8311fc576227a044738a36fc1
2a75274e7a61af987fd3513654cd26b3c27b4d63ef5ca70a61ef6f3095621a6a
GET /Sweepstakes/ApplyStepOneEmail.aspx?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear= HTTP/1.1
Host: www.sweepswinner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ARRAffinity=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36; ARRAffinitySameSite=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36; ASP.NET_SessionId=bvknvvaweqf351dgr5paacrj
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
content-type: text/html; charset=utf-8
date: Sun, 26 Nov 2023 20:05:00 GMT
server: Microsoft-IIS/10.0
location: /Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
content-length: 451
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
13.82.93.245200 OK 16 kB URL User Request GET HTTP/2 www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
IP 13.82.93.245:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerGoDaddy.com, Inc.
Subjectsweepswinner.com
Fingerprint00:F3:65:91:D3:30:47:31:07:B9:04:FC:D1:DC:BA:9E:A2:4D:05:7E
ValidityMon, 06 Nov 2023 23:07:39 GMT - Thu, 05 Dec 2024 21:18:38 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10176), with CRLF, LF line terminators
Hash e8b1148af943cfe281c1b472fb15e783
792658873da70f82aaa8fb41b82445de42cd474b
7ad3a62c69bc72ede01f09b333054d898143a29fab5e6998d528f8ea62c7bf94
GET /Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear= HTTP/1.1
Host: www.sweepswinner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ARRAffinity=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36; ARRAffinitySameSite=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36; ASP.NET_SessionId=bvknvvaweqf351dgr5paacrj
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Sun, 26 Nov 2023 20:05:01 GMT
server: Microsoft-IIS/10.0
access-control-expose-headers: Request-Context
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
content-length: 15722
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:56af07da-1eda-4488-8386-8decf21ad8e3
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/foundation/6.3.1/js/foundation.min.js
104.17.24.14200 OK 24 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/foundation/6.3.1/js/foundation.min.js
IP 104.17.24.14:443
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (32024)
Hash 7ed39eb42c8c450b59a24bab9cfa7fae
7fdd3fee90709f703fac533b6061864fcd7ec206
35ddb1ce73a4ac4f4792b00c8b8c56cbf857910ada5e2a0183d898b01adc16bb
GET /ajax/libs/foundation/6.3.1/js/foundation.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 26 Nov 2023 20:05:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 24181
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e64-1e276"
last-modified: Mon, 04 May 2020 16:10:12 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 235711
expires: Fri, 15 Nov 2024 20:05:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXv1MHMk2xwmMc68SSRuWw%2Bzx8BW4KYRG7qg6l00Ui4USKpPpdfPjv5XeunFWcmAIo93zrrpoymLe8God3cYlJaii1SHdXsvFr7s6waMbbK%2FRMm%2FmZev4RqAjJT6avjQI6TcQYEl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 82c4be729931b4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
104.17.24.14200 OK 27 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
IP 104.17.24.14:443
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (32025)
Hash 4a356126b9573eb7bd1e9a7494737410
8258d046f17dd3c15a5d3984e1868b7b5d1db329
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
GET /ajax/libs/jquery/2.1.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 26 Nov 2023 20:05:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 26646
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1499c"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 307558
expires: Fri, 15 Nov 2024 20:05:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ytDaeYFRDDTYMKYBp7gobaPtG2N4%2Fv1NMeB2nW373cILzqGOn%2FLBF%2FD3rYu8PAkbPfWnb8CZrmqPFSsisvdGV24%2FRA3YKGyMC1lK1%2Bbld%2FnHtI3ZsUh%2BiO5HnCKlABeEo4w1edav"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 82c4be72a938b4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.sweepswinner.com/Sweepstakes/css/user-styles.css
13.82.93.245200 OK 2.6 kB URL GET HTTP/2 www.sweepswinner.com/Sweepstakes/css/user-styles.css
IP 13.82.93.245:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerGoDaddy.com, Inc.
Subjectsweepswinner.com
Fingerprint00:F3:65:91:D3:30:47:31:07:B9:04:FC:D1:DC:BA:9E:A2:4D:05:7E
ValidityMon, 06 Nov 2023 23:07:39 GMT - Thu, 05 Dec 2024 21:18:38 GMT
File type ASCII text, with CRLF line terminators
Hash a6fd006a699a751cbd8d44427cb95a66
386fa8ae63b97d87ee2d865d93965b6b779ad850
36e0e0b8222e724d8dabe8d161374fef13632680f0d4ea34c547a53e54a321bc
GET /Sweepstakes/css/user-styles.css HTTP/1.1
Host: www.sweepswinner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Cookie: ARRAffinity=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36; ARRAffinitySameSite=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36; ASP.NET_SessionId=bvknvvaweqf351dgr5paacrj
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Sun, 26 Nov 2023 20:05:01 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "084534f8aeda1:0"
last-modified: Fri, 03 Nov 2023 19:16:56 GMT
vary: Accept-Encoding
content-length: 2637
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
www.sweepswinner.com/Web/Resources/Scripts/Azure/appinsights.js
13.82.93.245200 OK 2.2 kB URL GET HTTP/2 www.sweepswinner.com/Web/Resources/Scripts/Azure/appinsights.js
IP 13.82.93.245:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerGoDaddy.com, Inc.
Subjectsweepswinner.com
Fingerprint00:F3:65:91:D3:30:47:31:07:B9:04:FC:D1:DC:BA:9E:A2:4D:05:7E
ValidityMon, 06 Nov 2023 23:07:39 GMT - Thu, 05 Dec 2024 21:18:38 GMT
File type Unicode text, UTF-8 (with BOM) text, with very long lines (4078), with CRLF line terminators
Hash 1b368f5f40f56c3a7afd3a60c26fbbb6
04038c4c05867c7af2c0369baeb49e8d66025e39
2e5721c07a38d5f77f44a6383b05b29cdd4ab47f8abfcb61f44f938f4c5f05b3
GET /Web/Resources/Scripts/Azure/appinsights.js HTTP/1.1
Host: www.sweepswinner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Cookie: ARRAffinity=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36; ARRAffinitySameSite=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36; ASP.NET_SessionId=bvknvvaweqf351dgr5paacrj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
date: Sun, 26 Nov 2023 20:05:01 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "084534f8aeda1:0"
last-modified: Fri, 03 Nov 2023 19:16:56 GMT
vary: Accept-Encoding
content-length: 2240
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
www.sweepswinner.com/WebResource.axd?d=QrKDZSYIEyrPfJPlfELKoezqtxWQU-pVPe_jdB4r5u9nYD66_HbOQjkw3tvtbI-bpjjEt3a2HJBE2KOIV7EqVc7DMoHkAv85LrJmgbGFgegoFNDeJ8PWSwjdSSpUJV5VQnbU-8IKweaTyrDIjcRtgcEDDnsRtyyVg6QT_e-1fAU1&t=638322022800000000
13.82.93.245200 OK 1.2 kB URL GET HTTP/2 www.sweepswinner.com/WebResource.axd?d=QrKDZSYIEyrPfJPlfELKoezqtxWQU-pVPe_jdB4r5u9nYD66_HbOQjkw3tvtbI-bpjjEt3a2HJBE2KOIV7EqVc7DMoHkAv85LrJmgbGFgegoFNDeJ8PWSwjdSSpUJV5VQnbU-8IKweaTyrDIjcRtgcEDDnsRtyyVg6QT_e-1fAU1&t=638322022800000000
IP 13.82.93.245:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerGoDaddy.com, Inc.
Subjectsweepswinner.com
Fingerprint00:F3:65:91:D3:30:47:31:07:B9:04:FC:D1:DC:BA:9E:A2:4D:05:7E
ValidityMon, 06 Nov 2023 23:07:39 GMT - Thu, 05 Dec 2024 21:18:38 GMT
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash c4b141805fb8b6dad8229ebbfb3c34ac
04a3ce89232623c8d78c3a7b972888adad01b43c
51ac77987144b303044ba899381ec108fb1af3ffc814b05fbc28cc6262dc8fce
GET /WebResource.axd?d=QrKDZSYIEyrPfJPlfELKoezqtxWQU-pVPe_jdB4r5u9nYD66_HbOQjkw3tvtbI-bpjjEt3a2HJBE2KOIV7EqVc7DMoHkAv85LrJmgbGFgegoFNDeJ8PWSwjdSSpUJV5VQnbU-8IKweaTyrDIjcRtgcEDDnsRtyyVg6QT_e-1fAU1&t=638322022800000000 HTTP/1.1
Host: www.sweepswinner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Cookie: ARRAffinity=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36; ARRAffinitySameSite=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36; ASP.NET_SessionId=bvknvvaweqf351dgr5paacrj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
date: Sun, 26 Nov 2023 20:05:01 GMT
server: Microsoft-IIS/10.0
cache-control: public
content-encoding: gzip
expires: Mon, 25 Nov 2024 19:17:08 GMT
last-modified: Fri, 06 Oct 2023 15:18:00 GMT
vary: Accept-Encoding
content-length: 1155
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-499133920
142.250.74.168200 OK 72 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=AW-499133920
IP 142.250.74.168:443
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (3026)
Hash 26d34f315519e17328d7e6fca243bf76
4890ea584d50a0837e89e37c6401dcc327ccdd65
49b3c60a911184df399e32d009c80a1a79d2554d79be43d93b5d591b4062dfd7
GET /gtag/js?id=AW-499133920 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 26 Nov 2023 20:05:02 GMT
expires: Sun, 26 Nov 2023 20:05:02 GMT
cache-control: private, max-age=900
last-modified: Sun, 26 Nov 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72253
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.sweepswinner.com/scripts/sparkjqv.parsley.hfields.core.1.4.min.js
13.82.93.245200 OK 47 kB URL GET HTTP/2 www.sweepswinner.com/scripts/sparkjqv.parsley.hfields.core.1.4.min.js
IP 13.82.93.245:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerGoDaddy.com, Inc.
Subjectsweepswinner.com
Fingerprint00:F3:65:91:D3:30:47:31:07:B9:04:FC:D1:DC:BA:9E:A2:4D:05:7E
ValidityMon, 06 Nov 2023 23:07:39 GMT - Thu, 05 Dec 2024 21:18:38 GMT
File type HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (34038), with CRLF line terminators
Hash 6b5c3952d5f523b783784cfd0b2d7a1b
9265cda576e56cab70cfc6ecd844d1843be64117
99089200f7478d52116ef18480f941904383d9c03b0da33998257e72d25e06f2
GET /scripts/sparkjqv.parsley.hfields.core.1.4.min.js HTTP/1.1
Host: www.sweepswinner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Cookie: ARRAffinity=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36; ARRAffinitySameSite=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36; ASP.NET_SessionId=bvknvvaweqf351dgr5paacrj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
date: Sun, 26 Nov 2023 20:05:01 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "084534f8aeda1:0"
last-modified: Fri, 03 Nov 2023 19:16:56 GMT
vary: Accept-Encoding
content-length: 47258
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
www.sweepswinner.com/Scripts/sparklib.core.1.1.js
13.82.93.245200 OK 44 kB URL GET HTTP/2 www.sweepswinner.com/Scripts/sparklib.core.1.1.js
IP 13.82.93.245:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerGoDaddy.com, Inc.
Subjectsweepswinner.com
Fingerprint00:F3:65:91:D3:30:47:31:07:B9:04:FC:D1:DC:BA:9E:A2:4D:05:7E
ValidityMon, 06 Nov 2023 23:07:39 GMT - Thu, 05 Dec 2024 21:18:38 GMT
File type HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (34038), with CRLF line terminators
Hash ee8f195e82a5ee3505a191946cabc1ad
b5cfafe2ee41b5282e37237885134e3aa712557a
e5d69d2bf3937307446cdaea2eac3df419ba7f7f0de889cd29b01974d61206fa
GET /Scripts/sparklib.core.1.1.js HTTP/1.1
Host: www.sweepswinner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Cookie: ARRAffinity=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36; ARRAffinitySameSite=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36; ASP.NET_SessionId=bvknvvaweqf351dgr5paacrj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
date: Sun, 26 Nov 2023 20:05:01 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "084534f8aeda1:0"
last-modified: Fri, 03 Nov 2023 19:16:56 GMT
vary: Accept-Encoding
content-length: 44176
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
sweepswinner.azureedge.net/Sweepstakes/img/main-bg-small.png
13.107.246.53200 OK 67 kB URL GET HTTP/2 sweepswinner.azureedge.net/Sweepstakes/img/main-bg-small.png
IP 13.107.246.53:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint05:FC:82:4E:BB:AC:BF:9E:BD:A4:C5:50:C4:8C:40:76:EC:F8:FD:A6
ValiditySun, 08 Oct 2023 04:19:55 GMT - Wed, 02 Oct 2024 04:19:55 GMT
File type PNG image data, 320 x 123, 8-bit/color RGBA, non-interlaced\012- data
Hash 10a23b2a43edc98b969e7056462bdc54
29b7022d0f220a08e7b8be08234a7fb3605dac8b
ea860ff9ca5e60d0f6ca6b8d400361861d7cbac444dd4e84c2d01cdf002d75ad
GET /Sweepstakes/img/main-bg-small.png HTTP/1.1
Host: sweepswinner.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 67115
content-type: image/png
last-modified: Fri, 03 Nov 2023 19:16:56 GMT
accept-ranges: bytes
etag: "084534f8aeda1:0"
x-cache: TCP_REMOTE_HIT
x-powered-by: ASP.NET
x-azure-ref-originshield: 07qRjZQAAAAB5LYGIYY+NRr+vCmmlJNHWQU1TMDRFREdFMTgxMQAyOWM0MTYyZS0xMjJmLTRkZmItYmMxMy01ZjgxYjhhYTdjM2Q=
x-azure-ref: 07qRjZQAAAADSKh3PFSkTSahR5ui0jojWU1ZHMjBFREdFMDYwOAAyOWM0MTYyZS0xMjJmLTRkZmItYmMxMy01ZjgxYjhhYTdjM2Q=
date: Sun, 26 Nov 2023 20:05:02 GMT
X-Firefox-Spdy: h2
sweepswinner.azureedge.net/Sweepstakes/img/headline-1000-large.png
13.107.246.53200 OK 88 kB URL GET HTTP/2 sweepswinner.azureedge.net/Sweepstakes/img/headline-1000-large.png
IP 13.107.246.53:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint05:FC:82:4E:BB:AC:BF:9E:BD:A4:C5:50:C4:8C:40:76:EC:F8:FD:A6
ValiditySun, 08 Oct 2023 04:19:55 GMT - Wed, 02 Oct 2024 04:19:55 GMT
File type PNG image data, 721 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash effe6d75ee23823c62bd2b71af0a1b3e
266b665ac9f176505b7fa5be1e86a73b7a6821e1
b1e7faf7a2570c388e51bb72462c943c59516c1a38dbc7686c0f2363dfa3433b
GET /Sweepstakes/img/headline-1000-large.png HTTP/1.1
Host: sweepswinner.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 87452
content-type: image/png
last-modified: Fri, 03 Nov 2023 19:16:56 GMT
accept-ranges: bytes
etag: "084534f8aeda1:0"
x-cache: TCP_REMOTE_HIT
x-powered-by: ASP.NET
x-azure-ref-originshield: 07qRjZQAAAAB028qKoKyPSYJ0BARxsP7yQU1TMDRFREdFMTgxNgAyOWM0MTYyZS0xMjJmLTRkZmItYmMxMy01ZjgxYjhhYTdjM2Q=
x-azure-ref: 07qRjZQAAAABCBcpGyptPRYzdWSvM76IfU1ZHMjBFREdFMDYwOAAyOWM0MTYyZS0xMjJmLTRkZmItYmMxMy01ZjgxYjhhYTdjM2Q=
date: Sun, 26 Nov 2023 20:05:02 GMT
X-Firefox-Spdy: h2
sweepswinner.azureedge.net/Sweepstakes/img/car.svg
13.107.246.53200 OK 2.4 kB URL GET HTTP/2 sweepswinner.azureedge.net/Sweepstakes/img/car.svg
IP 13.107.246.53:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint05:FC:82:4E:BB:AC:BF:9E:BD:A4:C5:50:C4:8C:40:76:EC:F8:FD:A6
ValiditySun, 08 Oct 2023 04:19:55 GMT - Wed, 02 Oct 2024 04:19:55 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with CRLF line terminators
Hash d62dbd385422ac60568c462a72f8f6a5
6de814a82998118410517b015a013e252c7d0fcb
985e44856672d41e287c2aea21b6a99c7e8b0ae08b023584a4cbe09f12355057
GET /Sweepstakes/img/car.svg HTTP/1.1
Host: sweepswinner.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 2384
content-type: image/svg+xml
content-encoding: gzip
last-modified: Fri, 03 Nov 2023 19:16:56 GMT
accept-ranges: bytes
etag: "084534f8aeda1:0"
vary: Accept-Encoding
x-cache: TCP_MISS
x-powered-by: ASP.NET
x-azure-ref-originshield: 07qRjZQAAAACHOiBqEaSaSYWX0bijeRdKQU1TMDRFREdFMTgxOAAyOWM0MTYyZS0xMjJmLTRkZmItYmMxMy01ZjgxYjhhYTdjM2Q=
x-azure-ref: 07qRjZQAAAACRKM7BeSRPRpQUIM/OCkIoU1ZHMjBFREdFMDYwOAAyOWM0MTYyZS0xMjJmLTRkZmItYmMxMy01ZjgxYjhhYTdjM2Q=
date: Sun, 26 Nov 2023 20:05:02 GMT
X-Firefox-Spdy: h2
sweepswinner.azureedge.net/Sweepstakes/css/animate.css
13.107.246.53200 OK 8.2 kB URL GET HTTP/2 sweepswinner.azureedge.net/Sweepstakes/css/animate.css
IP 13.107.246.53:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint05:FC:82:4E:BB:AC:BF:9E:BD:A4:C5:50:C4:8C:40:76:EC:F8:FD:A6
ValiditySun, 08 Oct 2023 04:19:55 GMT - Wed, 02 Oct 2024 04:19:55 GMT
File type ASCII text, with CRLF line terminators
Hash 1aaa8beecce19062646761f002462694
682ae6b92a88b8e1424f72070422772030f1030a
213e86422cd9a5571a335fcbfe6222340615bd912b3207f07b07f51865971bf2
GET /Sweepstakes/css/animate.css HTTP/1.1
Host: sweepswinner.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 8179
content-type: text/css
content-encoding: gzip
last-modified: Fri, 03 Nov 2023 19:16:56 GMT
accept-ranges: bytes
etag: "084534f8aeda1:0"
vary: Accept-Encoding
x-cache: TCP_MISS
x-powered-by: ASP.NET
x-azure-ref-originshield: 07qRjZQAAAAAKAJRszGSNSrkQOH+VV8hzQU1TMDRFREdFMTkxOAAyOWM0MTYyZS0xMjJmLTRkZmItYmMxMy01ZjgxYjhhYTdjM2Q=
x-azure-ref: 07qRjZQAAAACD3Z9di1eoT7yG8jpeDQabU1ZHMjBFREdFMDYwOAAyOWM0MTYyZS0xMjJmLTRkZmItYmMxMy01ZjgxYjhhYTdjM2Q=
date: Sun, 26 Nov 2023 20:05:02 GMT
X-Firefox-Spdy: h2
sweepswinner.azureedge.net/Sweepstakes/img/arrow-top.png
13.107.246.53200 OK 2.7 kB URL GET HTTP/2 sweepswinner.azureedge.net/Sweepstakes/img/arrow-top.png
IP 13.107.246.53:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint05:FC:82:4E:BB:AC:BF:9E:BD:A4:C5:50:C4:8C:40:76:EC:F8:FD:A6
ValiditySun, 08 Oct 2023 04:19:55 GMT - Wed, 02 Oct 2024 04:19:55 GMT
File type PNG image data, 55 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 5f0a15ade6d231e346a166d5ae532d41
396f8d150fb040ca35b781690d3c06a9e26095da
5c4d4aec46f1c2999513a3d2e78d21145a95abf4f44fc6376cc91fea0c84d5eb
GET /Sweepstakes/img/arrow-top.png HTTP/1.1
Host: sweepswinner.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 2654
content-type: image/png
last-modified: Fri, 03 Nov 2023 19:16:56 GMT
accept-ranges: bytes
etag: "084534f8aeda1:0"
x-cache: TCP_MISS
x-powered-by: ASP.NET
x-azure-ref-originshield: 07qRjZQAAAABmaY48IXwITZrzK3dR3wdXQU1TMDRFREdFMTkxMQAyOWM0MTYyZS0xMjJmLTRkZmItYmMxMy01ZjgxYjhhYTdjM2Q=
x-azure-ref: 07qRjZQAAAAB0wmVaWrecS7XAvm5dIUvqU1ZHMjBFREdFMDYwOAAyOWM0MTYyZS0xMjJmLTRkZmItYmMxMy01ZjgxYjhhYTdjM2Q=
date: Sun, 26 Nov 2023 20:05:02 GMT
X-Firefox-Spdy: h2
sweepswinner.azureedge.net/Sweepstakes/img/shopping.svg
13.107.246.53200 OK 791 B URL GET HTTP/2 sweepswinner.azureedge.net/Sweepstakes/img/shopping.svg
IP 13.107.246.53:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint05:FC:82:4E:BB:AC:BF:9E:BD:A4:C5:50:C4:8C:40:76:EC:F8:FD:A6
ValiditySun, 08 Oct 2023 04:19:55 GMT - Wed, 02 Oct 2024 04:19:55 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 0a30a3c1fe26b378a1837aa5238ef9cd
1a41eb90bb74f8b9b92ac063892f59c70c224e2f
ca800c9cf34b86873d4fa5018ace562a8202e7c8a2d7ce23ed29bc3124867b5c
GET /Sweepstakes/img/shopping.svg HTTP/1.1
Host: sweepswinner.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 791
content-type: image/svg+xml
last-modified: Fri, 03 Nov 2023 19:16:56 GMT
accept-ranges: bytes
etag: "084534f8aeda1:0"
x-cache: TCP_MISS
x-powered-by: ASP.NET
x-azure-ref-originshield: 07qRjZQAAAAAECOpw80ZmQrIvaQxdAF6DQU1TMDRFREdFMTkyMgAyOWM0MTYyZS0xMjJmLTRkZmItYmMxMy01ZjgxYjhhYTdjM2Q=
x-azure-ref: 07qRjZQAAAAB5+5raXU+4RKMzfsTY1MTsU1ZHMjBFREdFMDYwOAAyOWM0MTYyZS0xMjJmLTRkZmItYmMxMy01ZjgxYjhhYTdjM2Q=
date: Sun, 26 Nov 2023 20:05:02 GMT
X-Firefox-Spdy: h2
www.proadprovider.net/Content/nitropopover.css
23.96.13.243200 OK 326 B URL GET HTTP/1.1 www.proadprovider.net/Content/nitropopover.css
IP 23.96.13.243:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerGoDaddy.com, Inc.
Subjectproadprovider.net
Fingerprint58:BD:BF:C7:94:DE:EA:F6:03:01:89:C3:D2:A8:C9:F7:70:64:22:66
ValidityTue, 08 Aug 2023 19:10:42 GMT - Sun, 08 Sep 2024 19:10:42 GMT
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash e3536e13dabc8db0943278cc26a4a4c6
0e7a285466dbc9f8f5c6a6c3ac60dc7cdfe38172
9da72ece743bdab25f8034aed8f57944cc8dcdaf0327ff95698e8c27840f09f5
GET /Content/nitropopover.css HTTP/1.1
Host: www.proadprovider.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 326
Content-Type: text/css
Date: Sun, 26 Nov 2023 20:05:02 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "3f92aad12732d71:0"
Last-Modified: Thu, 15 Apr 2021 18:47:43 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
www.proadprovider.net/Scripts/nitro-popoverscript.js
23.96.13.243200 OK 1.8 kB URL GET HTTP/1.1 www.proadprovider.net/Scripts/nitro-popoverscript.js
IP 23.96.13.243:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerGoDaddy.com, Inc.
Subjectproadprovider.net
Fingerprint58:BD:BF:C7:94:DE:EA:F6:03:01:89:C3:D2:A8:C9:F7:70:64:22:66
ValidityTue, 08 Aug 2023 19:10:42 GMT - Sun, 08 Sep 2024 19:10:42 GMT
File type Unicode text, UTF-8 (with BOM) text
Hash f40d8fdbc7437f1a0f0f6300b8b47c67
8568c9b88d5080236b5ca3dbb5ab4a1f4f88887d
32a447bab702bab2b8e92a81a5f05ceb9aaa77ff9364c634eb2de476435008c9
GET /Scripts/nitro-popoverscript.js HTTP/1.1
Host: www.proadprovider.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 1848
Content-Type: application/x-javascript
Date: Sun, 26 Nov 2023 20:05:02 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "08d80c9e313da1:0"
Last-Modified: Fri, 10 Nov 2023 14:40:02 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
sweepswinner.azureedge.net/Sweepstakes/css/foundation.css
13.107.246.53200 OK 37 kB URL GET HTTP/2 sweepswinner.azureedge.net/Sweepstakes/css/foundation.css
IP 13.107.246.53:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint05:FC:82:4E:BB:AC:BF:9E:BD:A4:C5:50:C4:8C:40:76:EC:F8:FD:A6
ValiditySun, 08 Oct 2023 04:19:55 GMT - Wed, 02 Oct 2024 04:19:55 GMT
File type ASCII text, with very long lines (344), with CRLF line terminators
Hash 99a9a56395fbc06a4f47b1ba3bc90cfc
576f37a0882c6d1b17c1d4c3e870c80002caa4ff
a4d41008cd6fc3658830e3a1c785c5705b5ffde5fd3c6100463903b1e0113342
GET /Sweepstakes/css/foundation.css HTTP/1.1
Host: sweepswinner.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 36687
content-type: text/css
content-encoding: gzip
last-modified: Fri, 03 Nov 2023 19:16:56 GMT
accept-ranges: bytes
etag: "084534f8aeda1:0"
vary: Accept-Encoding
x-cache: TCP_MISS
x-powered-by: ASP.NET
x-azure-ref-originshield: 07qRjZQAAAABOrgSmhOWjQqBbIrZp83cnQU1TMDRFREdFMTgwOQAyOWM0MTYyZS0xMjJmLTRkZmItYmMxMy01ZjgxYjhhYTdjM2Q=
x-azure-ref: 07qRjZQAAAADQsGxWAWUcQI+A1Srn2N9yU1ZHMjBFREdFMDYwOAAyOWM0MTYyZS0xMjJmLTRkZmItYmMxMy01ZjgxYjhhYTdjM2Q=
date: Sun, 26 Nov 2023 20:05:02 GMT
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
216.58.207.227200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 216.58.207.227:443
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 48208, version 1.0\012- data
Hash c49b7c3643f781d71645c5a40a78b5bf
e71138026b38afc443fb60da5ffc2244c4f5eb11
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
GET /s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.sweepswinner.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48208
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 23:21:56 GMT
expires: Fri, 22 Nov 2024 23:21:56 GMT
cache-control: public, max-age=31536000
age: 247387
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
216.58.207.227200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 216.58.207.227:443
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 48208, version 1.0\012- data
Hash c49b7c3643f781d71645c5a40a78b5bf
e71138026b38afc443fb60da5ffc2244c4f5eb11
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
GET /s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.sweepswinner.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48208
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 23:21:56 GMT
expires: Fri, 22 Nov 2024 23:21:56 GMT
cache-control: public, max-age=31536000
age: 247387
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
216.58.207.227200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 216.58.207.227:443
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 48208, version 1.0\012- data
Hash c49b7c3643f781d71645c5a40a78b5bf
e71138026b38afc443fb60da5ffc2244c4f5eb11
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
GET /s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.sweepswinner.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48208
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 23:21:56 GMT
expires: Fri, 22 Nov 2024 23:21:56 GMT
cache-control: public, max-age=31536000
age: 247387
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.sweepswinner.com/Sweepstakes/img/main-bg-large.jpg
13.82.93.245200 OK 140 kB URL GET HTTP/2 www.sweepswinner.com/Sweepstakes/img/main-bg-large.jpg
IP 13.82.93.245:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerGoDaddy.com, Inc.
Subjectsweepswinner.com
Fingerprint00:F3:65:91:D3:30:47:31:07:B9:04:FC:D1:DC:BA:9E:A2:4D:05:7E
ValidityMon, 06 Nov 2023 23:07:39 GMT - Thu, 05 Dec 2024 21:18:38 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2200x900, components 3\012- data
Size 140 kB (139804 bytes)
Hash f5c673c7674edc4041bbf7c1c59a496d
c062702d1f812c308c92936480e2491d9b0984c2
5bb285db3cc658bf789bfdceff6812232c6a255dad676835d4e22ecc1b7274c2
GET /Sweepstakes/img/main-bg-large.jpg HTTP/1.1
Host: www.sweepswinner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/Sweepstakes/css/user-styles.css
Cookie: ARRAffinity=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36; ARRAffinitySameSite=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36; ASP.NET_SessionId=bvknvvaweqf351dgr5paacrj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
date: Sun, 26 Nov 2023 20:05:03 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "084534f8aeda1:0"
last-modified: Fri, 03 Nov 2023 19:16:56 GMT
content-length: 139804
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
www.sweepswinner.com/Scripts/ValidTopLevelDomains.json
13.82.93.245200 OK 4.5 kB URL GET HTTP/2 www.sweepswinner.com/Scripts/ValidTopLevelDomains.json
IP 13.82.93.245:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerGoDaddy.com, Inc.
Subjectsweepswinner.com
Fingerprint00:F3:65:91:D3:30:47:31:07:B9:04:FC:D1:DC:BA:9E:A2:4D:05:7E
ValidityMon, 06 Nov 2023 23:07:39 GMT - Thu, 05 Dec 2024 21:18:38 GMT
File type JSON data\012- , ASCII text, with CRLF line terminators
Hash 299fe2a339c61b5c9a6f9890f45cfadd
1dbc5cf38f05381b61e5de908a71083960b5b609
623c807f69acfba94b996299c6dc4545775b826d9cb7d3cff9fc1bd27b979d9d
GET /Scripts/ValidTopLevelDomains.json HTTP/1.1
Host: www.sweepswinner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Cookie: ARRAffinity=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36; ARRAffinitySameSite=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36; ASP.NET_SessionId=bvknvvaweqf351dgr5paacrj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Sun, 26 Nov 2023 20:05:03 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "084534f8aeda1:0"
last-modified: Fri, 03 Nov 2023 19:16:56 GMT
vary: Accept-Encoding
content-length: 4465
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
216.58.207.227200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 216.58.207.227:443
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 48208, version 1.0\012- data
Hash c49b7c3643f781d71645c5a40a78b5bf
e71138026b38afc443fb60da5ffc2244c4f5eb11
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
GET /s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.sweepswinner.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48208
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 23:21:56 GMT
expires: Fri, 22 Nov 2024 23:21:56 GMT
cache-control: public, max-age=31536000
age: 247387
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
script.anura.io/request.js?instance=169568588&source=730762&campaign=948%7C&variable=anuraResponse&763525404364
3.8.68.32200 OK 24 kB URL GET HTTP/2 script.anura.io/request.js?instance=169568588&source=730762&campaign=948%7C&variable=anuraResponse&763525404364
IP 3.8.68.32:443
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerAmazon
Subjectscript.anura.io
Fingerprint83:CF:23:67:0B:B9:DB:BB:65:3F:31:44:AD:06:8B:B2:7E:B4:E1:20
ValidityMon, 16 Oct 2023 00:00:00 GMT - Wed, 13 Nov 2024 23:59:59 GMT
File type ASCII text, with very long lines (1912), with CRLF, LF line terminators
Hash 8c351fd3c2048c2a2c19d49dbdf8d6da
2164c16a53b375d7543da10be7a180bf6a995b31
cd938a1a6ef38d987ff2fcdf86a7f786e9e7e0002f51506fcab38861a289c6a4
GET /request.js?instance=169568588&source=730762&campaign=948%7C&variable=anuraResponse&763525404364 HTTP/1.1
Host: script.anura.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 26 Nov 2023 20:05:03 GMT
content-type: application/javascript; charset=utf-8
server: nginx
vary: Accept-Encoding
expires: Sun, 28 Dec 1980 18:57:00 EST
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
pushomnicdn.azureedge.net/jslibs/subscribe.js
13.107.246.53421 Misdirected Request 14 kB URL GET HTTP/2 pushomnicdn.azureedge.net/jslibs/subscribe.js
IP 13.107.246.53:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint05:FC:82:4E:BB:AC:BF:9E:BD:A4:C5:50:C4:8C:40:76:EC:F8:FD:A6
ValiditySun, 08 Oct 2023 04:19:55 GMT - Wed, 02 Oct 2024 04:19:55 GMT
File type gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Hash 32d2e1d123b7606e9c6f47e1404b2c71
13a2f8a42f9fe2ebd33190a7151d5743f885845f
b86de00ff298d991a3524d282761feae33dcd226341809ace1102735d09f9ef3
GET /jslibs/subscribe.js HTTP/1.1
Host: pushomnicdn.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 421 Misdirected Request
x-azure-ref: 076RjZQAAAADJxDtGDLzyRrxz6kfjeSfAU1ZHMjBFREdFMDYwOABlODhhYmY1Yi1iYTFmLTQxMzctOTI3MC0wM2IwYjRjYzc2Zjg=
date: Sun, 26 Nov 2023 20:05:02 GMT
X-Firefox-Spdy: h2
docs.corepassage.com/JSLibraries/SparkJQValidation/sparkjqv.parsley.css
13.82.93.245200 OK 1.7 kB URL GET HTTP/2 docs.corepassage.com/JSLibraries/SparkJQValidation/sparkjqv.parsley.css
IP 13.82.93.245:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerGoDaddy.com, Inc.
Subjectdocs.corepassage.com
FingerprintC6:98:EF:F5:DA:F4:A1:63:1D:BA:66:DA:10:36:17:99:B4:67:0A:C9
ValidityFri, 01 Sep 2023 15:51:08 GMT - Wed, 11 Sep 2024 21:34:01 GMT
File type ASCII text, with very long lines (6495), with CRLF line terminators
Hash 935f6f0f1a67c7529a1f096e1a89515a
9ea7b80895a494a4f7217a484199cbded5185722
fe50a3a30c09c5fa387429dab07630becb4a38254a3944271bd12a429a730601
GET /JSLibraries/SparkJQValidation/sparkjqv.parsley.css HTTP/1.1
Host: docs.corepassage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
date: Sun, 26 Nov 2023 20:05:04 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "0cdfbe600da1:0"
last-modified: Mon, 16 Oct 2023 18:44:08 GMT
vary: Accept-Encoding
content-length: 1731
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
docs.corepassage.com/JSLibraries/OptOutOverlay/close.png
13.82.93.245200 OK 2.0 kB URL GET HTTP/2 docs.corepassage.com/JSLibraries/OptOutOverlay/close.png
IP 13.82.93.245:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerGoDaddy.com, Inc.
Subjectdocs.corepassage.com
FingerprintC6:98:EF:F5:DA:F4:A1:63:1D:BA:66:DA:10:36:17:99:B4:67:0A:C9
ValidityFri, 01 Sep 2023 15:51:08 GMT - Wed, 11 Sep 2024 21:34:01 GMT
File type PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 503423fe92f69111e7c5b64739a5074b
61cfbbc08de7e34c4a8ee5e5e8066de10a3c73af
2351d2386177b19ecbbfbffb30e3030d9cd3a9adf1eb30ba64eebd745490f723
GET /JSLibraries/OptOutOverlay/close.png HTTP/1.1
Host: docs.corepassage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
date: Sun, 26 Nov 2023 20:05:04 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "0cdfbe600da1:0"
last-modified: Mon, 16 Oct 2023 18:44:08 GMT
content-length: 1996
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
tracking.proadprovider.net/NitroChannels/GetDelayInMilliseconds?channelId=581&AffId=40078
23.96.13.243200 OK 746 B URL GET HTTP/1.1 tracking.proadprovider.net/NitroChannels/GetDelayInMilliseconds?channelId=581&AffId=40078
IP 23.96.13.243:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerGoDaddy.com, Inc.
Subjecttracking.proadprovider.net
FingerprintB7:CB:76:CC:61:25:6B:5C:1C:20:3A:43:59:6F:64:5F:7E:6F:4C:9A
ValidityTue, 19 Sep 2023 13:32:31 GMT - Sun, 20 Oct 2024 13:32:31 GMT
File type JSON data\012- , ASCII text, with very long lines (992), with no line terminators
Hash 29a72b1aa318f2955ae8485e20abcfc2
25981cd86935a4c105e1e65312d2ddb29e51d1e2
c7aa79509b708c3b9978190d7daa81ba966f6c7102b0256ab252e49f7fe19a01
GET /NitroChannels/GetDelayInMilliseconds?channelId=581&AffId=40078 HTTP/1.1
Host: tracking.proadprovider.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.sweepswinner.com
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 746
Content-Type: application/json; charset=utf-8
Date: Sun, 26 Nov 2023 20:05:03 GMT
Server: Microsoft-IIS/10.0
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Encoding: gzip
Vary: Accept-Encoding
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
docs.britebox.io/JSLibraries/SparkJQValidation/sparkjqv.parsley.css
104.214.64.238200 OK 1.7 kB URL GET HTTP/1.1 docs.britebox.io/JSLibraries/SparkJQValidation/sparkjqv.parsley.css
IP 104.214.64.238:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerDigiCert, Inc.
Subjectdocs.britebox.io
Fingerprint48:64:1D:68:06:E8:4E:61:5C:9B:86:A9:E2:06:37:09:1E:18:3D:31
ValidityTue, 12 Sep 2023 00:00:00 GMT - Tue, 12 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (6495), with CRLF line terminators
Hash 935f6f0f1a67c7529a1f096e1a89515a
9ea7b80895a494a4f7217a484199cbded5185722
fe50a3a30c09c5fa387429dab07630becb4a38254a3944271bd12a429a730601
GET /JSLibraries/SparkJQValidation/sparkjqv.parsley.css HTTP/1.1
Host: docs.britebox.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 1731
Content-Type: text/css
Date: Sun, 26 Nov 2023 20:05:03 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "0c194d660da1:0"
Last-Modified: Mon, 16 Oct 2023 19:23:54 GMT
Set-Cookie: ARRAffinity=fdc7d01ba77124143f2abb7a519902f451a3c5edf28da525b2ec8cdada4adeff;Path=/;HttpOnly;Secure;Domain=docs.britebox.io
ARRAffinitySameSite=fdc7d01ba77124143f2abb7a519902f451a3c5edf28da525b2ec8cdada4adeff;Path=/;HttpOnly;SameSite=None;Secure;Domain=docs.britebox.io
Vary: Accept-Encoding
X-Powered-By: ASP.NET
docs.britebox.io/JSLibraries/OptOutOverlay/close.png
104.214.64.238200 OK 2.0 kB URL GET HTTP/1.1 docs.britebox.io/JSLibraries/OptOutOverlay/close.png
IP 104.214.64.238:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerDigiCert, Inc.
Subjectdocs.britebox.io
Fingerprint48:64:1D:68:06:E8:4E:61:5C:9B:86:A9:E2:06:37:09:1E:18:3D:31
ValidityTue, 12 Sep 2023 00:00:00 GMT - Tue, 12 Mar 2024 23:59:59 GMT
File type PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 503423fe92f69111e7c5b64739a5074b
61cfbbc08de7e34c4a8ee5e5e8066de10a3c73af
2351d2386177b19ecbbfbffb30e3030d9cd3a9adf1eb30ba64eebd745490f723
GET /JSLibraries/OptOutOverlay/close.png HTTP/1.1
Host: docs.britebox.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 1996
Content-Type: image/png
Date: Sun, 26 Nov 2023 20:05:04 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "0c194d660da1:0"
Last-Modified: Mon, 16 Oct 2023 19:23:54 GMT
Set-Cookie: ARRAffinity=e14a5debb054a3136b33fe277a88e99465ec2208cf16c1533c882e47bbbf83fa;Path=/;HttpOnly;Secure;Domain=docs.britebox.io
ARRAffinitySameSite=e14a5debb054a3136b33fe277a88e99465ec2208cf16c1533c882e47bbbf83fa;Path=/;HttpOnly;SameSite=None;Secure;Domain=docs.britebox.io
X-Powered-By: ASP.NET
script.anura.io/response.json
3.8.68.32200 OK 71 B URL POST HTTP/2 script.anura.io/response.json
IP 3.8.68.32:443
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerAmazon
Subjectscript.anura.io
Fingerprint83:CF:23:67:0B:B9:DB:BB:65:3F:31:44:AD:06:8B:B2:7E:B4:E1:20
ValidityMon, 16 Oct 2023 00:00:00 GMT - Wed, 13 Nov 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d8a41bde912953660d6ff8821080611a
c0d9fa5637ce0031349b8f1ec9450081ee73f091
f14baa4b11137f9db6eb6a21cb200403ea36078f8a2412f4c6f5057944fdf129
POST /response.json HTTP/1.1
Host: script.anura.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 5572
Origin: https://www.sweepswinner.com
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 26 Nov 2023 20:05:04 GMT
content-type: application/json; charset=utf-8
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: POST
expires: Sun, 28 Dec 1980 18:57:00 EST
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
216.58.207.226200 OK 0 B URL HEAD HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 216.58.207.226:443
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint6C:2A:75:F2:3F:EF:4F:43:B1:8D:C3:B7:E9:2E:4A:EF:40:6A:FC:92
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.sweepswinner.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 26 Nov 2023 20:05:04 GMT
expires: Sun, 26 Nov 2023 20:05:04 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 880063352728115154
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 52700
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.sweepswinner.com/AnuraAjaxHandler.aspx?anuraid=2188674068.2dbbf8931c2ff6191d9c498e4b851a35&utid=347539821&tid=f8424a00-fad1-482a-aea5-550de6fd5f41&ssid=bvknvvaweqf351dgr5paacrj
13.82.93.245301 Moved Permanently 284 B URL GET HTTP/2 www.sweepswinner.com/AnuraAjaxHandler.aspx?anuraid=2188674068.2dbbf8931c2ff6191d9c498e4b851a35&utid=347539821&tid=f8424a00-fad1-482a-aea5-550de6fd5f41&ssid=bvknvvaweqf351dgr5paacrj
IP 13.82.93.245:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerGoDaddy.com, Inc.
Subjectsweepswinner.com
Fingerprint00:F3:65:91:D3:30:47:31:07:B9:04:FC:D1:DC:BA:9E:A2:4D:05:7E
ValidityMon, 06 Nov 2023 23:07:39 GMT - Thu, 05 Dec 2024 21:18:38 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash a8114e7cf7e8a4976eb553fbcd7eea2e
66a2e78c0dd8d11b2af3541cbde520947df65d93
65780a9ba31f4e8de1dc983d8bc2202ba03f2f5e355e265f429e2a4975374abf
GET /AnuraAjaxHandler.aspx?anuraid=2188674068.2dbbf8931c2ff6191d9c498e4b851a35&utid=347539821&tid=f8424a00-fad1-482a-aea5-550de6fd5f41&ssid=bvknvvaweqf351dgr5paacrj HTTP/1.1
Host: www.sweepswinner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Request-Id: |0218600ac6a44346bbbc1461e28dd862.9a0be90ced954ca0
traceparent: 00-0218600ac6a44346bbbc1461e28dd862-9a0be90ced954ca0-01
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Cookie: ARRAffinity=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36; ARRAffinitySameSite=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36; ASP.NET_SessionId=bvknvvaweqf351dgr5paacrj; _gcl_au=1.1.1287988149.1701029107; ai_user=J7SvirqiqS6uXOXvpEBdVc|2023-11-26T20:05:07.632Z; ai_session=cpgB0kb+zhUDVMeCn+uy7O|1701029108183|1701029108183
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
content-type: text/html; charset=utf-8
date: Sun, 26 Nov 2023 20:05:04 GMT
server: Microsoft-IIS/10.0
location: /AnuraAjaxHandler?anuraid=2188674068.2dbbf8931c2ff6191d9c498e4b851a35&utid=347539821&tid=f8424a00-fad1-482a-aea5-550de6fd5f41&ssid=bvknvvaweqf351dgr5paacrj
content-length: 284
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
js.monitor.azure.com/scripts/b/ai.2.min.js
13.107.213.53200 OK 46 kB URL GET HTTP/2 js.monitor.azure.com/scripts/b/ai.2.min.js
IP 13.107.213.53:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerMicrosoft Corporation
Subjectjs.monitor.azure.com
FingerprintFF:8C:AA:D5:CE:B8:1C:2B:92:4E:2E:4C:30:25:29:9E:54:57:FC:73
ValidityWed, 20 Sep 2023 05:47:48 GMT - Sat, 14 Sep 2024 05:47:48 GMT
File type ASCII text, with very long lines (65409)
Hash 393625d2cd565323f9ad9f264e6bdbc8
0587dfce0dca45b29b882c0a8219ab74f880073d
6c14d731b13bcdec4325028eb0d8d2cb0190b3b1e65e0fcb52907fe6f55c2707
GET /scripts/b/ai.2.min.js HTTP/1.1
Host: js.monitor.azure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.sweepswinner.com
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=1800, immutable, no-transform
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: OTYl0s1WUyP5rZ8mTmvbyA==
last-modified: Wed, 20 Sep 2023 16:12:29 GMT
etag: 0x8DBB9F46341BD96
x-cache: TCP_HIT
x-ms-request-id: 2603eb78-701e-002d-7ea2-20d6a3000000
x-ms-version: 2009-09-19
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.16.min.js
x-ms-meta-aijssdkver: 2.8.16
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0HKJjZQAAAABKLmN/Xgr/Q7KseMe9EI8LQU1TMDRFREdFMTgxNwBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
x-azure-ref: 08KRjZQAAAABOAtfiott5RLHXk3D6LrfCU1ZHMjBFREdFMDYyMQBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
date: Sun, 26 Nov 2023 20:05:03 GMT
X-Firefox-Spdy: h2
dc.services.visualstudio.com/v2/track
13.69.106.208200 OK 0 B URL OPTIONS HTTP/2 dc.services.visualstudio.com/v2/track
IP 13.69.106.208:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerMicrosoft Corporation
Subjectin.applicationinsights.azure.com
FingerprintEE:5C:C0:84:76:A9:FF:E2:23:71:FD:C5:EE:89:1B:7D:37:67:36:DA
ValiditySat, 02 Sep 2023 07:21:44 GMT - Tue, 27 Aug 2024 07:21:44 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v2/track HTTP/1.1
Host: dc.services.visualstudio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Referer: https://www.sweepswinner.com/
Origin: https://www.sweepswinner.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Sun, 26 Nov 2023 20:05:04 GMT
content-length: 0
X-Firefox-Spdy: h2
www.sweepswinner.com/AjaxHandler.aspx?ba=0&sw=1280&dw=1280&im=0
13.82.93.245301 Moved Permanently 167 B URL GET HTTP/2 www.sweepswinner.com/AjaxHandler.aspx?ba=0&sw=1280&dw=1280&im=0
IP 13.82.93.245:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerGoDaddy.com, Inc.
Subjectsweepswinner.com
Fingerprint00:F3:65:91:D3:30:47:31:07:B9:04:FC:D1:DC:BA:9E:A2:4D:05:7E
ValidityMon, 06 Nov 2023 23:07:39 GMT - Thu, 05 Dec 2024 21:18:38 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 17d3c8c743128d1af5609cc8defb5eb6
2449995a13211e3c1e95017bc017dcad235d3c70
78d27f84e32b514a7d514c57cd9c9afa2b7dfbd7e7921cf93d97a271285298e9
GET /AjaxHandler.aspx?ba=0&sw=1280&dw=1280&im=0 HTTP/1.1
Host: www.sweepswinner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Request-Id: |0218600ac6a44346bbbc1461e28dd862.7cb1f914ed154171
traceparent: 00-0218600ac6a44346bbbc1461e28dd862-7cb1f914ed154171-01
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Cookie: ARRAffinity=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36; ARRAffinitySameSite=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36; ASP.NET_SessionId=bvknvvaweqf351dgr5paacrj; _gcl_au=1.1.1287988149.1701029107; ai_user=J7SvirqiqS6uXOXvpEBdVc|2023-11-26T20:05:07.632Z; ai_session=cpgB0kb+zhUDVMeCn+uy7O|1701029108183|1701029108183
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
content-type: text/html; charset=utf-8
date: Sun, 26 Nov 2023 20:05:04 GMT
server: Microsoft-IIS/10.0
location: /AjaxHandler?ba=0&sw=1280&dw=1280&im=0
content-length: 167
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
www.sweepswinner.com/AjaxHandler.aspx?ba=0&sw=1280&dw=1280&im=0
13.82.93.245301 Moved Permanently 167 B URL GET HTTP/2 www.sweepswinner.com/AjaxHandler.aspx?ba=0&sw=1280&dw=1280&im=0
IP 13.82.93.245:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerGoDaddy.com, Inc.
Subjectsweepswinner.com
Fingerprint00:F3:65:91:D3:30:47:31:07:B9:04:FC:D1:DC:BA:9E:A2:4D:05:7E
ValidityMon, 06 Nov 2023 23:07:39 GMT - Thu, 05 Dec 2024 21:18:38 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 17d3c8c743128d1af5609cc8defb5eb6
2449995a13211e3c1e95017bc017dcad235d3c70
78d27f84e32b514a7d514c57cd9c9afa2b7dfbd7e7921cf93d97a271285298e9
GET /AjaxHandler.aspx?ba=0&sw=1280&dw=1280&im=0 HTTP/1.1
Host: www.sweepswinner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Request-Id: |0218600ac6a44346bbbc1461e28dd862.312cc7e9bc944ab6
traceparent: 00-0218600ac6a44346bbbc1461e28dd862-312cc7e9bc944ab6-01
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Cookie: ARRAffinity=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36; ARRAffinitySameSite=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36; ASP.NET_SessionId=bvknvvaweqf351dgr5paacrj; _gcl_au=1.1.1287988149.1701029107; ai_user=J7SvirqiqS6uXOXvpEBdVc|2023-11-26T20:05:07.632Z; ai_session=cpgB0kb+zhUDVMeCn+uy7O|1701029108183|1701029108183
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
content-type: text/html; charset=utf-8
date: Sun, 26 Nov 2023 20:05:04 GMT
server: Microsoft-IIS/10.0
location: /AjaxHandler?ba=0&sw=1280&dw=1280&im=0
content-length: 167
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
dc.services.visualstudio.com/v2/track
13.69.106.208200 OK 96 B URL OPTIONS HTTP/2 dc.services.visualstudio.com/v2/track
IP 13.69.106.208:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerMicrosoft Corporation
Subjectin.applicationinsights.azure.com
FingerprintEE:5C:C0:84:76:A9:FF:E2:23:71:FD:C5:EE:89:1B:7D:37:67:36:DA
ValiditySat, 02 Sep 2023 07:21:44 GMT - Tue, 27 Aug 2024 07:21:44 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash fda395fe001d581866e503737ad66cc9
bc46578758d4f69bc501a0e30bfd24a60486218b
0794112affa0c61e0374c7661ee8baedf56a9545c7eb2280d829b10b1361612c
POST /v2/track HTTP/1.1
Host: dc.services.visualstudio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Sdk-Context: appId
Content-Length: 2883
Origin: https://www.sweepswinner.com
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
x-ms-session-id: 99B16486-F2F1-4948-A987-68545190AF06
strict-transport-security: max-age=31536000
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Sun, 26 Nov 2023 20:05:04 GMT
content-length: 96
X-Firefox-Spdy: h2
sweepswinner.azureedge.net/Sweepstakes/favicon.ico
13.107.213.53200 OK 2.3 kB URL GET HTTP/2 sweepswinner.azureedge.net/Sweepstakes/favicon.ico
IP 13.107.213.53:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint05:FC:82:4E:BB:AC:BF:9E:BD:A4:C5:50:C4:8C:40:76:EC:F8:FD:A6
ValiditySun, 08 Oct 2023 04:19:55 GMT - Wed, 02 Oct 2024 04:19:55 GMT
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 8e6b1699a25708d2a91eddf35d808648
a243923e4e01ea18a85e60c7079efaa6c0766421
a70ea33d60733cca3890ab84ebe1e9f280d2430d07e0a72ae081e35b5a63b112
GET /Sweepstakes/favicon.ico HTTP/1.1
Host: sweepswinner.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 2336
content-type: image/x-icon
last-modified: Fri, 03 Nov 2023 19:16:56 GMT
accept-ranges: bytes
etag: "084534f8aeda1:0"
x-cache: TCP_MISS
x-powered-by: ASP.NET
x-azure-ref-originshield: 08KRjZQAAAAD667MetLKJTpmSZp/f8wywQU1TMDRFREdFMTgwOQAyOWM0MTYyZS0xMjJmLTRkZmItYmMxMy01ZjgxYjhhYTdjM2Q=
x-azure-ref: 08KRjZQAAAAAFlVELpEsZSbDEyuyA6wimU1ZHMjBFREdFMDYyMQAyOWM0MTYyZS0xMjJmLTRkZmItYmMxMy01ZjgxYjhhYTdjM2Q=
date: Sun, 26 Nov 2023 20:05:04 GMT
X-Firefox-Spdy: h2
www.sweepswinner.com/AnuraAjaxHandler?anuraid=2188674068.2dbbf8931c2ff6191d9c498e4b851a35&utid=347539821&tid=f8424a00-fad1-482a-aea5-550de6fd5f41&ssid=bvknvvaweqf351dgr5paacrj
13.82.93.245200 OK 0 B URL GET HTTP/2 www.sweepswinner.com/AnuraAjaxHandler?anuraid=2188674068.2dbbf8931c2ff6191d9c498e4b851a35&utid=347539821&tid=f8424a00-fad1-482a-aea5-550de6fd5f41&ssid=bvknvvaweqf351dgr5paacrj
IP 13.82.93.245:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerGoDaddy.com, Inc.
Subjectsweepswinner.com
Fingerprint00:F3:65:91:D3:30:47:31:07:B9:04:FC:D1:DC:BA:9E:A2:4D:05:7E
ValidityMon, 06 Nov 2023 23:07:39 GMT - Thu, 05 Dec 2024 21:18:38 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AnuraAjaxHandler?anuraid=2188674068.2dbbf8931c2ff6191d9c498e4b851a35&utid=347539821&tid=f8424a00-fad1-482a-aea5-550de6fd5f41&ssid=bvknvvaweqf351dgr5paacrj HTTP/1.1
Host: www.sweepswinner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Request-Id: |0218600ac6a44346bbbc1461e28dd862.9a0be90ced954ca0
traceparent: 00-0218600ac6a44346bbbc1461e28dd862-9a0be90ced954ca0-01
Referer: https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
DNT: 1
Connection: keep-alive
Cookie: ARRAffinity=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36; ARRAffinitySameSite=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36; ASP.NET_SessionId=bvknvvaweqf351dgr5paacrj; _gcl_au=1.1.1287988149.1701029107; ai_user=J7SvirqiqS6uXOXvpEBdVc|2023-11-26T20:05:07.632Z; ai_session=cpgB0kb+zhUDVMeCn+uy7O|1701029108183|1701029108183
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
date: Sun, 26 Nov 2023 20:05:05 GMT
server: Microsoft-IIS/10.0
access-control-expose-headers: Request-Context
cache-control: private
content-length: 0
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:56af07da-1eda-4488-8386-8decf21ad8e3
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
www.sweepswinner.com/AjaxHandler?ba=0&sw=1280&dw=1280&im=0
13.82.93.245200 OK 0 B URL GET HTTP/2 www.sweepswinner.com/AjaxHandler?ba=0&sw=1280&dw=1280&im=0
IP 13.82.93.245:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerGoDaddy.com, Inc.
Subjectsweepswinner.com
Fingerprint00:F3:65:91:D3:30:47:31:07:B9:04:FC:D1:DC:BA:9E:A2:4D:05:7E
ValidityMon, 06 Nov 2023 23:07:39 GMT - Thu, 05 Dec 2024 21:18:38 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AjaxHandler?ba=0&sw=1280&dw=1280&im=0 HTTP/1.1
Host: www.sweepswinner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Request-Id: |0218600ac6a44346bbbc1461e28dd862.312cc7e9bc944ab6
traceparent: 00-0218600ac6a44346bbbc1461e28dd862-312cc7e9bc944ab6-01
Referer: https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
DNT: 1
Connection: keep-alive
Cookie: ARRAffinity=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36; ARRAffinitySameSite=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36; ASP.NET_SessionId=bvknvvaweqf351dgr5paacrj; _gcl_au=1.1.1287988149.1701029107; ai_user=J7SvirqiqS6uXOXvpEBdVc|2023-11-26T20:05:07.632Z; ai_session=cpgB0kb+zhUDVMeCn+uy7O|1701029108183|1701029108183
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
date: Sun, 26 Nov 2023 20:05:05 GMT
server: Microsoft-IIS/10.0
access-control-expose-headers: Request-Context
cache-control: private
content-length: 0
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:56af07da-1eda-4488-8386-8decf21ad8e3
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
www.sweepswinner.com/AjaxHandler?ba=0&sw=1280&dw=1280&im=0
13.82.93.245200 OK 0 B URL GET HTTP/2 www.sweepswinner.com/AjaxHandler?ba=0&sw=1280&dw=1280&im=0
IP 13.82.93.245:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerGoDaddy.com, Inc.
Subjectsweepswinner.com
Fingerprint00:F3:65:91:D3:30:47:31:07:B9:04:FC:D1:DC:BA:9E:A2:4D:05:7E
ValidityMon, 06 Nov 2023 23:07:39 GMT - Thu, 05 Dec 2024 21:18:38 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AjaxHandler?ba=0&sw=1280&dw=1280&im=0 HTTP/1.1
Host: www.sweepswinner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Request-Id: |0218600ac6a44346bbbc1461e28dd862.7cb1f914ed154171
traceparent: 00-0218600ac6a44346bbbc1461e28dd862-7cb1f914ed154171-01
Referer: https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
DNT: 1
Connection: keep-alive
Cookie: ARRAffinity=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36; ARRAffinitySameSite=c76f87737e6f0a9dc26d0c8905f376f2ceb924f816ea774e4a53c8bb1775ac36; ASP.NET_SessionId=bvknvvaweqf351dgr5paacrj; _gcl_au=1.1.1287988149.1701029107; ai_user=J7SvirqiqS6uXOXvpEBdVc|2023-11-26T20:05:07.632Z; ai_session=cpgB0kb+zhUDVMeCn+uy7O|1701029108183|1701029108183
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
date: Sun, 26 Nov 2023 20:05:06 GMT
server: Microsoft-IIS/10.0
access-control-expose-headers: Request-Context
cache-control: private
content-length: 0
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:56af07da-1eda-4488-8386-8decf21ad8e3
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
sweepswinner.azureedge.net/Sweepstakes/img/sw-logo.svg
13.107.246.53200 OK 7.1 kB URL GET HTTP/2 sweepswinner.azureedge.net/Sweepstakes/img/sw-logo.svg
IP 13.107.246.53:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint05:FC:82:4E:BB:AC:BF:9E:BD:A4:C5:50:C4:8C:40:76:EC:F8:FD:A6
ValiditySun, 08 Oct 2023 04:19:55 GMT - Wed, 02 Oct 2024 04:19:55 GMT
File type SVG Scalable Vector Graphics image\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7400), with no line terminators
Hash 4c974ced14836ac84b42855810a16f1c
c618474fde672c110ed9e403e0976e41d4e392b8
cc7102e4d3eeeaf8355ea9ffa3ed623b25643e8d94e02aa1ab2dcf567cd9463d
GET /Sweepstakes/img/sw-logo.svg HTTP/1.1
Host: sweepswinner.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/svg+xml
content-encoding: br
last-modified: Fri, 03 Nov 2023 19:16:56 GMT
accept-ranges: bytes
etag: "084534f8aeda1:0"
x-cache: TCP_MISS
x-powered-by: ASP.NET
x-azure-ref-originshield: 07qRjZQAAAABwEKUZMd6VQ7PqNG+7RZEBQU1TMDRFREdFMTgxMwAyOWM0MTYyZS0xMjJmLTRkZmItYmMxMy01ZjgxYjhhYTdjM2Q=
x-azure-ref: 07qRjZQAAAAAla6ngYATNRrtwPZzQDJyOU1ZHMjBFREdFMDYwOAAyOWM0MTYyZS0xMjJmLTRkZmItYmMxMy01ZjgxYjhhYTdjM2Q=
date: Sun, 26 Nov 2023 20:05:02 GMT
X-Firefox-Spdy: h2
sweepswinner.azureedge.net/Sweepstakes/img/vacation.svg
13.107.246.53200 OK 2.7 kB URL GET HTTP/2 sweepswinner.azureedge.net/Sweepstakes/img/vacation.svg
IP 13.107.246.53:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint05:FC:82:4E:BB:AC:BF:9E:BD:A4:C5:50:C4:8C:40:76:EC:F8:FD:A6
ValiditySun, 08 Oct 2023 04:19:55 GMT - Wed, 02 Oct 2024 04:19:55 GMT
File type SVG Scalable Vector Graphics image\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2794), with no line terminators
Hash d86fa17851c84b16875dbeae961ea8f1
7c3cfa2201de5efe7893875d9382598f9a61d1cf
8fa9d20819c3f315871608895d66493b70510bb38b2cc0bfe852457cb98115c0
GET /Sweepstakes/img/vacation.svg HTTP/1.1
Host: sweepswinner.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/svg+xml
content-encoding: br
last-modified: Fri, 03 Nov 2023 19:16:56 GMT
accept-ranges: bytes
etag: "084534f8aeda1:0"
x-cache: TCP_REMOTE_HIT
x-powered-by: ASP.NET
x-azure-ref-originshield: 07qRjZQAAAABVD0oR0lqcSLIBoLkTzpafQU1TMDRFREdFMTkxMwAyOWM0MTYyZS0xMjJmLTRkZmItYmMxMy01ZjgxYjhhYTdjM2Q=
x-azure-ref: 07qRjZQAAAAA2cMDWz+iPSqFzvuZrGzjzU1ZHMjBFREdFMDYwOAAyOWM0MTYyZS0xMjJmLTRkZmItYmMxMy01ZjgxYjhhYTdjM2Q=
date: Sun, 26 Nov 2023 20:05:02 GMT
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Raleway:300,400,600,800
142.250.74.106200 OK 6.7 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Raleway:300,400,600,800
IP 142.250.74.106:443
Requested by https://www.sweepswinner.com/Sweepstakes/ApplyStepOneEmail?sfid=30&ns=wax-2&cdn=1&isrevc=0&nscpa=1&crp=rh&oid=948&tid=f8424a00fad1482aaea5550de6fd5f41&aid=730762&c1=&c2=&c3=&isrxmg=0&email=&first=&last=&address=&zip=&hphone1=&hphone2=&hphone3=&dobday=&dobmonth=&dobyear=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (6840), with no line terminators
Hash 125f0894deefd82d23e72279d3d38b91
d45407e1148216ce0e37748826fd84af3abc8fff
6c3b9f521e76cb04257a6b5d54d122d92e03255d943a2f834961162c9e2b45cb
GET /css?family=Raleway:300,400,600,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.sweepswinner.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 26 Nov 2023 20:05:02 GMT
date: Sun, 26 Nov 2023 20:05:02 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2