ca-pumpitpas.lpca.ohyousweeps.com Open in urlscan Pro
172.66.0.96 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://frstlinksthenleads.com/?a=1850&oc=35091&c=67613&m=7&s1=731341&s2=67316f1443802f0001840cc0
Effective URL:
https://ca-pumpitpas.lpca.ohyousweeps.com/
Submission: On November 13 via api (November 13th 2024, 3:41:23 am UTC) from US — Scanned from DE

Summary HTTP 65 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 11 domains to perform 65 HTTP transactions. The main IP is 172.66.0.96, located in United States and belongs to CLOUDFLARENET, US. The main domain is ca-pumpitpas.lpca.ohyousweeps.com.
TLS certificate: Issued by WE1 on October 17th 2024. Valid for: 3 months.

This is the only time ca-pumpitpas.lpca.ohyousweeps.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.253.66.248 34.253.66.248	16509 (AMAZON-02) (AMAZON-02)
1 2	52.49.22.231 52.49.22.231	16509 (AMAZON-02) (AMAZON-02)
31	172.66.0.96 172.66.0.96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1 5	3.208.53.61 3.208.53.61	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:223... 2600:9000:223d:7600:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
1	172.67.181.103 172.67.181.103	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.32.99.63 13.32.99.63	16509 (AMAZON-02) (AMAZON-02)
2	18.244.18.27 18.244.18.27	16509 (AMAZON-02) (AMAZON-02)
9	139.45.197.253 139.45.197.253	9002 (RETN-AS) (RETN-AS)
4	54.86.47.14 54.86.47.14	14618 (AMAZON-AES) (AMAZON-AES)
1	107.20.102.130 107.20.102.130	14618 (AMAZON-AES) (AMAZON-AES)
3	54.87.200.169 54.87.200.169	14618 (AMAZON-AES) (AMAZON-AES)
65	14

1 34.253.66.248 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-66-248.eu-west-1.compute.amazonaws.com

frstlinksthenleads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.22.231 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-22-231.eu-west-1.compute.amazonaws.com

znqroot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
affslinksfirst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 172.66.0.96 (United States)

ASN13335 (CLOUDFLARENET, US)

ca-pumpitpas.lpca.ohyousweeps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.208.53.61 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-53-61.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:7600:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.181.103 (United States)

ASN13335 (CLOUDFLARENET, US)

im.eu-imageo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

trk-consulatu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.trk-consulatu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-63.fra60.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.244.18.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-27.fra56.r.cloudfront.net

cdn.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 139.45.197.253 (United Kingdom)

ASN9002 (RETN-AS, GB)

notix.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.86.47.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-47-14.compute-1.amazonaws.com

psp.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.20.102.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-102-130.compute-1.amazonaws.com

fpc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.87.200.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-200-169.compute-1.amazonaws.com

trc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	ohyousweeps.com ca-pumpitpas.lpca.ohyousweeps.com	723 KB
12	pushnami.com api.pushnami.com — Cisco Umbrella Rank: 8080 cdn.pushnami.com — Cisco Umbrella Rank: 19537 psp.pushnami.com — Cisco Umbrella Rank: 25939 fpc.pushnami.com — Cisco Umbrella Rank: 210091 trc.pushnami.com — Cisco Umbrella Rank: 8380	370 KB
9	notix.io notix.io — Cisco Umbrella Rank: 50535	45 KB
7	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 27946 cdn.trustedform.com — Cisco Umbrella Rank: 33076	45 KB
4	trk-consulatu.com trk-consulatu.com — Cisco Umbrella Rank: 162324 event.trk-consulatu.com — Cisco Umbrella Rank: 276028	4 KB
1	eu-imageo.com im.eu-imageo.com	163 KB
1	affslinksfirst.com affslinksfirst.com	237 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 55	1021 B
1	znqroot.com 1 redirects znqroot.com	839 B
1	frstlinksthenleads.com 1 redirects frstlinksthenleads.com	306 B
0	Failed function sub() { [native code] }. Failed
65	11

	Domain	Requested by
31	ca-pumpitpas.lpca.ohyousweeps.com	ca-pumpitpas.lpca.ohyousweeps.com
9	notix.io	ca-pumpitpas.lpca.ohyousweeps.com notix.io
5	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
4	psp.pushnami.com	cdn.pushnami.com api.pushnami.com
3	trc.pushnami.com	api.pushnami.com
3	event.trk-consulatu.com	trk-consulatu.com
2	cdn.pushnami.com	api.pushnami.com
2	api.pushnami.com	ca-pumpitpas.lpca.ohyousweeps.com api.pushnami.com
2	cdn.trustedform.com	api.trustedform.com
1	fpc.pushnami.com	api.pushnami.com
1	trk-consulatu.com	ca-pumpitpas.lpca.ohyousweeps.com
1	im.eu-imageo.com
1	affslinksfirst.com	ca-pumpitpas.lpca.ohyousweeps.com
1	fonts.googleapis.com	ca-pumpitpas.lpca.ohyousweeps.com
1	znqroot.com	1 redirects
1	frstlinksthenleads.com	1 redirects
0	truncated Failed
65	17

This site contains links to these domains. Also see Links.

Domain
ohyousweeps.com

Subject Issuer	Validity	Valid
lpca.ohyousweeps.com WE1	`2024-10-17` - `2025-01-15`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.affslinksfirst.com GlobalSign GCC R6 AlphaSSL CA 2023	`2024-02-15` - `2025-03-18`	a year	crt.sh
eu-imageo.com WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
trk-consulatu.com WE1	`2024-10-16` - `2025-01-14`	3 months	crt.sh
*.pushnami.com Amazon RSA 2048 M02	`2024-02-03` - `2025-03-03`	a year	crt.sh
*.trustedform.com Amazon RSA 2048 M02	`2024-07-10` - `2025-08-06`	a year	crt.sh
notix.io E6	`2024-10-25` - `2025-01-23`	3 months	crt.sh
cdn.trustedform.com Amazon RSA 2048 M03	`2024-02-13` - `2025-03-13`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://ca-pumpitpas.lpca.ohyousweeps.com/
Frame ID: 3C942BE5CFD46E76F24C30B38BEC8432
Requests: 57 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: ACDB0827707D134828F60EF569F79D79
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Win a Petro Canada Gift Card worth $500

Page URL History Show full URLs

https://frstlinksthenleads.com/?a=1850&oc=35091&c=67613&m=7&s1=731341&s2=67316f1443802f0001840cc0 HTTP 302
https://znqroot.com/?a=1850&oc=35091&c=67613&m=7&s1=731341&s2=67316f1443802f0001840cc0&ckmguid=c... HTTP 302
https://ca-pumpitpas.lpca.ohyousweeps.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Pushnami (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.pushnami\.com

Page Statistics

65
Requests

98 %
HTTPS

14 %
IPv6

11
Domains

17
Subdomains

14
IPs

5
Countries

1350 kB
Transfer

3050 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://ohyousweeps.com/canada/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://frstlinksthenleads.com/?a=1850&oc=35091&c=67613&m=7&s1=731341&s2=67316f1443802f0001840cc0 HTTP 302
https://znqroot.com/?a=1850&oc=35091&c=67613&m=7&s1=731341&s2=67316f1443802f0001840cc0&ckmguid=c3177fb3-c4bd-479d-8da2-f2c4fe329f66 HTTP 302
https://ca-pumpitpas.lpca.ohyousweeps.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17314692765580.9086178838465213&invert_field_sensitivity=false HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17314692765580.9086178838465213&invert_field_sensitivity=false

65 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
ca-pumpitpas.lpca.ohyousweeps.com/
Redirect Chain

https://frstlinksthenleads.com/?a=1850&oc=35091&c=67613&m=7&s1=731341&s2=67316f1443802f0001840cc0
https://znqroot.com/?a=1850&oc=35091&c=67613&m=7&s1=731341&s2=67316f1443802f0001840cc0&ckmguid=c3177fb3-c4bd-479d-8da2-f2c4fe329f66
https://ca-pumpitpas.lpca.ohyousweeps.com/

50 KB
10 KB

570ms
387ms

Document
text/html

172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-pumpitpas.lpca.ohyousweeps.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Next.js
Resource Hash: 7ddf6a74fe75129146bb3f07b58000981678b998ecc4aa71ad5bbdb8d1883921

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=3600, stale-while-revalidate
cf-cache-status: MISS
cf-ray: 8e1bbebb3bcee50d-TXL
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 13 Nov 2024 03:41:15 GMT
server: cloudflare
vary: Accept-Encoding
x-do-app-origin: 81b1c52e-11dc-4896-be93-6fb0d48ae8c0
x-do-orig-status: 200
x-nextjs-cache: STALE
x-powered-by: Next.js

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 232
Content-Type: text/html; charset=utf-8
Date: Wed, 13 Nov 2024 03:41:14 GMT
Location: https://ca-pumpitpas.lpca.ohyousweeps.com/#/?reqid=2325587314&oid=28980&a=1850&cid=609547&s1=731341
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H3 200 a2dd5b9aede6e6d2.css
ca-pumpitpas.lpca.ohyousweeps.com/_next/static/css/ 122 KB
21 KB 423ms
422ms Stylesheet
text/css 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/css/a2dd5b9aede6e6d2.css
Requested by: Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b3c653f7c6168dc0875113b4efa11458d403099aad659885936a7225b3e719d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: MISS
etag: W/"1e7a6-49773873e8"
x-do-app-origin: 81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray: 8e1bbebdcfb5e50d-TXL
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 03:41:16 GMT
content-type: text/css; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H3 200 webpack-8e9f799007872b30.js Show response
ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/ 6 KB
3 KB 393ms
393ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/webpack-8e9f799007872b30.js
Requested by: Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f26ddc07cf4c6fff8ecdf9039a650fff0e00c8d118fc4215de442241165ffd5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: MISS
etag: W/"194e-49773873e8"
x-do-app-origin: 81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray: 8e1bbebdcfb7e50d-TXL
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 03:41:16 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H3 200 framework-314c182fa7e2bf37.js Show response
ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/ 138 KB
45 KB 504ms
502ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/framework-314c182fa7e2bf37.js
Requested by: Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fff0bdb3f70b85b820a949503a24610fb007cf4582f1e67f4835a14de511d50f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: MISS
etag: W/"226cf-49773873e8"
x-do-app-origin: 81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray: 8e1bbebdefe3e50d-TXL
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 03:41:16 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H3 200 main-407d6493f1476c1f.js Show response
ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/ 124 KB
37 KB 434ms
433ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/main-407d6493f1476c1f.js
Requested by: Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7a5ac9d1fb9e82e28bc45c4c6679978dffcebb48005912ed948342cba2080e9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: MISS
etag: W/"1efab-49773873e8"
x-do-app-origin: 81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray: 8e1bbebdefe5e50d-TXL
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 03:41:16 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H3 200 _app-b95cb12bd39af812.js Show response
ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/pages/ 301 KB
88 KB 500ms
498ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/pages/_app-b95cb12bd39af812.js
Requested by: Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 444c39fad9d22bbcddba96a32df717cf13a1aba504ac2bb50cd55725d7194c45

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: MISS
etag: W/"4b5e4-49773873e8"
x-do-app-origin: 81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray: 8e1bbebdefe6e50d-TXL
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 03:41:16 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H3 200 b637e9a5-af501d1d7b629672.js Show response
ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/ 85 KB
30 KB 478ms
477ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/b637e9a5-af501d1d7b629672.js
Requested by: Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f02f38a92903a74aff3d45e16895c39a63a533aea698c41cf69ce89fa7d2ce5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: MISS
etag: W/"152b2-49773873e8"
x-do-app-origin: 81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray: 8e1bbebdefe7e50d-TXL
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 03:41:16 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H3 200 4870-09253cbb3653b9f3.js Show response
ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/ 358 KB
113 KB 567ms
566ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/4870-09253cbb3653b9f3.js
Requested by: Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ad6bbfa96aa5a10e94f05d4cad856e2dab931e53e079c962f565d8251a90c21

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: MISS
etag: W/"596f5-49773873e8"
x-do-app-origin: 81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray: 8e1bbebdefe8e50d-TXL
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 03:41:16 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H3 200 %5Blandingpage%5D-9d7b10212451537b.js Show response
ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/pages/landingpages/ 129 KB
29 KB 546ms
545ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/pages/landingpages/%5Blandingpage%5D-9d7b10212451537b.js
Requested by: Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fc88b4a19207c400c0aa5c8fd968b57c51bceda902ca3b9301e286a3382ce5f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: MISS
etag: W/"204aa-49773873e8"
x-do-app-origin: 81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray: 8e1bbebdefe9e50d-TXL
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 03:41:16 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H3 200 _buildManifest.js Show response
ca-pumpitpas.lpca.ohyousweeps.com/_next/static/fxFbAClGIFmv93L1Ip8ym/ 649 B
622 B 381ms
380ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/fxFbAClGIFmv93L1Ip8ym/_buildManifest.js
Requested by: Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71fa4416b47ecdf60c5e09d6542a014b39db5ac8797f396a3da08432a4eb7682

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: br
cf-cache-status: MISS
etag: W/"289-49773873e8"
x-do-app-origin: 81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray: 8e1bbebdefeae50d-TXL
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 03:41:16 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H3 200 _ssgManifest.js Show response
ca-pumpitpas.lpca.ohyousweeps.com/_next/static/fxFbAClGIFmv93L1Ip8ym/ 119 B
354 B 316ms
315ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/fxFbAClGIFmv93L1Ip8ym/_ssgManifest.js
Requested by: Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d74bdd6d4a41d352668bd82d267ab63420ecf7e805d0bc55ed885bb26789b72

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: br
cf-cache-status: MISS
etag: W/"77-49773873e8"
x-do-app-origin: 81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray: 8e1bbebdefebe50d-TXL
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 03:41:16 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1021 B 140ms
48ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/css/a2dd5b9aede6e6d2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

77ab64cceae5115ff453740351c36a92b4c72d02e4e5f40d4eba4f8259a7ac7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 13 Nov 2024 03:41:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 03:41:16 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 13 Nov 2024 02:49:19 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 cb1608f2.c1c43c468e7a37db.js Show response
ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/ 633 KB
206 KB 585ms
584ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/cb1608f2.c1c43c468e7a37db.js
Requested by: Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/webpack-8e9f799007872b30.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e71178537b81385c9a38521c1b58bf6f8247065e743f23567e1d7626825a3f1a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: MISS
etag: W/"9e3bb-49773873e8"
x-do-app-origin: 81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray: 8e1bbec27ed3e50d-TXL
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 03:41:17 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H3 200 7814.87a4ee4186a570e3.js Show response
ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/ 42 KB
15 KB 424ms
423ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/7814.87a4ee4186a570e3.js
Requested by: Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/webpack-8e9f799007872b30.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2563c9889ab740821a772b23a8d117ff9a47114fe7dbd4082883e0014449d4c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: MISS
etag: W/"a875-49773873e8"
x-do-app-origin: 81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray: 8e1bbec27ed5e50d-TXL
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 03:41:16 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H3 200 5b641e9bca8c675e.css
ca-pumpitpas.lpca.ohyousweeps.com/_next/static/css/ 2 KB
735 B 353ms
353ms Stylesheet
text/css 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/css/5b641e9bca8c675e.css
Requested by: Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/webpack-8e9f799007872b30.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e24c5ffbef0c1a864af8454cc95ffcb4d406324b4ddca1a6ebfc05e66c2883c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: MISS
etag: W/"64e-49773873e8"
x-do-app-origin: 81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray: 8e1bbec27ed6e50d-TXL
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 03:41:16 GMT
content-type: text/css; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H3 200 4847.66b5ad388c41d182.js Show response
ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/ 13 KB
4 KB 318ms
317ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/4847.66b5ad388c41d182.js
Requested by: Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/webpack-8e9f799007872b30.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7cb6bd3ed37db09fc8058d4cdb4ad60abe65d42f4d07a4dd5dbc9b41027af59

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: MISS
etag: W/"3446-49773873e8"
x-do-app-origin: 81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray: 8e1bbec27ed8e50d-TXL
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 03:41:16 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H/1.1 200
OK p.ashx Show response
affslinksfirst.com/ 2 B
237 B 408ms
285ms Fetch
text/plain 52.49.22.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://affslinksfirst.com/p.ashx?o=28980&en=evt01&t=2325587314&r=2325587314
Requested by: Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/pages/_app-b95cb12bd39af812.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.49.22.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-22-231.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6a4b804705e725b9f4fd4adf6500180b54cc5ddefed460e48d1be724fed155d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

Cache-Control: private
Content-Length: 2
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Wed, 13 Nov 2024 03:41:16 GMT
Content-Type: text/plain; charset=utf-8
Connection: close

GET
H3 404 undefined
ca-pumpitpas.lpca.ohyousweeps.com/ 2 KB
1021 B 315ms
315ms Other
text/html 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-pumpitpas.lpca.ohyousweeps.com/undefined
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Next.js
Resource Hash: 49b0771a0e58cc5a9702637b417e2c3046093fc6a141fa8368fb1254d5c6b28e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
cf-cache-status: MISS
x-do-app-origin: 81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray: 8e1bbec29f02e50d-TXL
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 03:41:16 GMT
content-type: text/html; charset=utf-8
x-powered-by: Next.js
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 404

GET
H3 200 pushNami.js Show response
ca-pumpitpas.lpca.ohyousweeps.com/scripts/ 1 KB
771 B 431ms
430ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-pumpitpas.lpca.ohyousweeps.com/scripts/pushNami.js
Requested by: Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/main-407d6493f1476c1f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 457b799d17a3c96d2bd5d8cea31f1329934862663740f0bc6807b1e4a9997a12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

cache-control: public, max-age=0
content-encoding: gzip
cf-cache-status: MISS
etag: W/"432-49773873e8"
x-do-app-origin: 81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray: 8e1bbec29f11e50d-TXL
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 03:41:16 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17314692765580.9086178838465213&invert_field_sensitivity=false
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17314692765580.9086178838465213&invert_field_sensitivity=false

16 KB
6 KB

330ms
239ms

Script
application/javascript

2600:9000:223d:7600:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17314692765580.9086178838465213&invert_field_sensitivity=false
Protocol: H2
Server: 2600:9000:223d:7600:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 152d57a9293a85d2758de71c07809b0c3d89b3b9d9912567e3be5188a3224efe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

x-amz-cf-pop: FRA56-P3
content-encoding: gzip
x-amz-version-id: Z.oQAZ7l0zbfKPEDMrnY0ROFWsxp5boJ
etag: W/"d5c5b2e94b6772f5b3a92d7dc338ef7c"
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: QlA0bNLKoHpLzLklD7SpMLxdU_FNjNB_n4FGU-lsV0wpbxnv-OBW4g==
date: Wed, 13 Nov 2024 03:41:18 GMT
content-type: application/javascript
vary: Accept-Encoding
server: AmazonS3
last-modified: Mon, 11 Nov 2024 14:05:51 GMT

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17314692765580.9086178838465213&invert_field_sensitivity=false
content-length: 134
date: Wed, 13 Nov 2024 03:41:16 GMT
content-type: text/html
server: awselb/2.0

GET
H3 200 notifyAI.js Show response
ca-pumpitpas.lpca.ohyousweeps.com/scripts/ 532 B
523 B 312ms
311ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-pumpitpas.lpca.ohyousweeps.com/scripts/notifyAI.js
Requested by: Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/main-407d6493f1476c1f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1462e67150facc091d6b0373d7178e59ba1d4acae61fa402a9c49b9d5df03226

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

cache-control: public, max-age=0
content-encoding: br
cf-cache-status: MISS
etag: W/"214-49773873e8"
x-do-app-origin: 81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray: 8e1bbec29f14e50d-TXL
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 03:41:16 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H3 200 1628616645_petro-ca.png
im.eu-imageo.com/upload/ 163 KB
163 KB 152ms
71ms Other
image/png 172.67.181.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://im.eu-imageo.com/upload/1628616645_petro-ca.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 096a904d624bad5fc1f824fa681f6364a49bbed817af3bde801edf729c3f6cef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

cf-cache-status: REVALIDATED
etag: "6112b7c5-28a8b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nd8t6%2B9A9qclP0qLRkWwsFyfPRnyBg6nsOZQHZxuie%2FiFAKl4aj2bu%2BNzj9%2BhGnbhtVZsx0EcnnI3ddplNHLcr54kOi27ce2xH785zJpxf5ZxzG57pnigusX6DKkkPz0PMRW"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37540&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4145&recv_bytes=4335&delivery_rate=84078&cwnd=12000&unsent_bytes=0&cid=ec5409d320af976a&ts=76&x=1", cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 03:41:16 GMT
content-type: image/png
last-modified: Tue, 10 Aug 2021 17:30:45 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8e1bbec3795d361d-FRA
accept-ranges: bytes
content-length: 166539
server: cloudflare

GET
H3 200 z0grz0mex9 Show response
trk-consulatu.com/scripts/push/script/ 8 KB
4 KB 303ms
233ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk-consulatu.com/scripts/push/script/z0grz0mex9?url=ca-pumpitpas.lpca.ohyousweeps.com&alturl=/

Requested by

Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/scripts/notifyAI.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

577a4876a1a082f0b8d6fe9805b002693c159e8ccc669b7d68a472cba87784bb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zC%2FxZo85VN7RZhTPy%2FRqxg7%2Bkqb6IAsxY%2BqH2hwhoMO4bCUC5uBFoBzVwQ3i7vFTGGDj0MNhYrWT8T2PdJCHToETdGmmGa2QoLVibAcbhDySTGhI4zXsGWv96dKX0hWMqQA1mA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=47755&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4172&recv_bytes=4427&delivery_rate=382&cwnd=12000&unsent_bytes=0&cid=8e81ae0b42f4ce32&ts=240&x=1", cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 03:41:17 GMT
content-type: application/javascript;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Wed, 13 Nov 2024 03:41:17 GMT
x-frame-options: SAMEORIGIN
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
cache-control: max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e1bbec52c4b9e45-CDG
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
accept-ranges: bytes
content-length: 2520
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 62a7807cf9e9090013c65cc7 Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 101 KB
21 KB 148ms
46ms Script
application/javascript 13.32.99.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Requested by: Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/scripts/pushNami.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-63.fra60.r.cloudfront.net
Software: /
Resource Hash: 6bd9ef960f284a0987acb1bf0c3923388978922abf60704cb40c008ddbfaf1a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

cache-control: no-cache
content-encoding: gzip
age: 588
via: 1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 1-sqgTqL4ZgkRA55LiRlGsKyb2WwrDchmjsLSq-XGpGJcioC5S7uyQ==
date: Wed, 13 Nov 2024 03:31:29 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding
x-amz-cf-pop: FRA60-P3

GET
H2 200 fcm-v1-module.019781ec7a1c97363e85.bundle.js Show response
cdn.pushnami.com/js/modules/ 46 KB
15 KB 129ms
41ms Script
application/javascript 18.244.18.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushnami.com/js/modules/fcm-v1-module.019781ec7a1c97363e85.bundle.js
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b41d7402cbdab32acba31cfdd479730c74b7527fa7c881b0486098bd1a895607

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

vary: accept-encoding
content-encoding: gzip
etag: W/"09467cbbdfbe0b4f7131476215348a19"
x-amz-version-id: DKNNXfrKVNQFoskvuTtbaAOVbVs0JYVO
age: 905
via: 1.1 5c21b2b6b5e8901cc7633407000764f0.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: FuDg7BinS-dTby8zjQpMzpTVKXALWl95y0spwW_2BjYJ6V-aA0JZNQ==
date: Wed, 13 Nov 2024 03:26:13 GMT
content-type: application/javascript
last-modified: Fri, 10 May 2024 21:23:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256

GET
H2 200 hub
api.pushnami.com/scripts/v1/ Frame ACDB 0
0 112ms
38ms Document
text/html 13.32.99.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushnami.com/scripts/v1/hub

Requested by

Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-63.fra60.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *
X-Content-Security-Policy	default-src 'unsafe-inline' *

Request headers

Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: *
age: 1847
cache-control: no-cache
content-encoding: gzip
content-security-policy: default-src 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Wed, 13 Nov 2024 03:10:30 GMT
vary: accept-encoding
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
x-amz-cf-id: wMRNsuSFHoBsdvyeDej3YJJf4_3p7chEKJAueeBVYoQSqVu49mQcYw==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *

GET
H2 200 psfpv4_client_1.128.0_e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9.js Show response
cdn.pushnami.com/js/exp/ 333 KB
334 KB 49ms
48ms Script
application/javascript 18.244.18.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushnami.com/js/exp/psfpv4_client_1.128.0_e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9.js
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

content-encoding: utf-8
x-amz-version-id: iJVtw0MDnvg5Vkf9zg8GHQyDY6vN4ZdU
etag: "4b9f77845d59f14274d2b8d4b1112ca4"
age: 3554
x-cache: Hit from cloudfront
x-amz-cf-id: myin-vCwdlVy8BHb5Xf6iTnmrHKC2036ngbP60teDJF1BKpYEc3ElA==
date: Wed, 13 Nov 2024 02:42:44 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding
last-modified: Mon, 12 Aug 2024 17:22:56 GMT
via: 1.1 5c21b2b6b5e8901cc7633407000764f0.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 340965
x-amz-cf-pop: FRA56-P11
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 3641.f9cbda900bdd467d.js Show response
ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/ 3 KB
2 KB 326ms
325ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/3641.f9cbda900bdd467d.js
Requested by: Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/webpack-8e9f799007872b30.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cd8ef826e33c8d3f19c9206149045926e77f2256f7a480069bdde8183dcea9f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: MISS
etag: W/"c0a-49773873e8"
x-do-app-origin: 81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray: 8e1bbec76e83e50d-TXL
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 03:41:17 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H3 200 6384.13a7b5f0e3b26e10.js Show response
ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/ 4 KB
2 KB 402ms
401ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/6384.13a7b5f0e3b26e10.js
Requested by: Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/webpack-8e9f799007872b30.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8463942953199c216a5a7cb6ce292267b02b68eee7a0f83aea43dfa16d0dc64

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: MISS
etag: W/"117a-49773873e8"
x-do-app-origin: 81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray: 8e1bbec76e85e50d-TXL
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 03:41:17 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H3 200 3426.11bcb0575531ad0b.js Show response
ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/ 7 KB
3 KB 371ms
370ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/3426.11bcb0575531ad0b.js
Requested by: Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/webpack-8e9f799007872b30.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfdb31409fcb0742975e76d2cfebf8223c2ae2cb0e1227eb223b067c29de4dfb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: MISS
etag: W/"1b80-49773873e8"
x-do-app-origin: 81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray: 8e1bbec76e86e50d-TXL
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 03:41:17 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H3 200 8910.023027ff64c7da19.js Show response
ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/ 1 KB
973 B 357ms
356ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/8910.023027ff64c7da19.js
Requested by: Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/webpack-8e9f799007872b30.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90c3f7d3a0c9ea479426734e372b2a5e26f8d182419905262a82129c39c8f7aa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: MISS
etag: W/"493-49773873e8"
x-do-app-origin: 81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray: 8e1bbec76e87e50d-TXL
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 03:41:17 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H3 200 image
ca-pumpitpas.lpca.ohyousweeps.com/_next/ 15 KB
15 KB 498ms
498ms Image
image/webp 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ca-pumpitpas.lpca.ohyousweeps.com/_next/image?url=https%3A%2F%2Fim.us-imageo.com%2Fupload%2F1561383747_yellow-banner-en.png&w=640&q=100

Requested by

Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/main-407d6493f1476c1f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a53eef8a03ab984b8fbe27f5c85bd0da27c5ab7617d4e1adce24e1bf312710e0

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

cf-cache-status: MISS
etag: pT7vigOrmEuPvif1yFvQ2ifFq3YX1OGtziThvzEnEOA=
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 03:41:17 GMT
content-type: image/webp
vary: Accept, Accept-Encoding
content-disposition: inline; filename="1561383747_yellow-banner-en.webp"
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cache-control: public, max-age=14400, must-revalidate
x-do-app-origin: 81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray: 8e1bbec76e88e50d-TXL
accept-ranges: bytes
content-length: 15320
x-nextjs-cache: STALE
server: cloudflare
x-do-orig-status: 200

GET
H3 200 image
ca-pumpitpas.lpca.ohyousweeps.com/_next/ 55 KB
55 KB 525ms
524ms Image
image/webp 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ca-pumpitpas.lpca.ohyousweeps.com/_next/image?url=https%3A%2F%2Fim.eu-imageo.com%2Fupload%2F1628616645_petro-ca.png&w=640&q=100

Requested by

Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/main-407d6493f1476c1f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1234672c218e49132326095baba7f217c6df8278d644b7a6745532388e72611

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

cf-cache-status: MISS
etag: 8SNGcsIY5JEyMmCVurp-IXxt+CeNZEt6Z0VTI4jnJhE=
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 03:41:17 GMT
content-type: image/webp
vary: Accept, Accept-Encoding
content-disposition: inline; filename="1628616645_petro-ca.webp"
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cache-control: public, max-age=14400, must-revalidate
x-do-app-origin: 81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray: 8e1bbec76e8ae50d-TXL
accept-ranges: bytes
content-length: 56050
x-nextjs-cache: STALE
server: cloudflare
x-do-orig-status: 200

GET
H3 200 eafabf029ad39a43-s.p.woff2
ca-pumpitpas.lpca.ohyousweeps.com/_next/static/media/ 8 KB
8 KB 326ms
325ms Font
font/woff2 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/media/eafabf029ad39a43-s.p.woff2
Requested by: Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/css/5b641e9bca8c675e.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dc5d0c52428fe1696264907a1054ebbaac07f8cbe45832c105f819c2ae397c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ca-pumpitpas.lpca.ohyousweeps.com
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/css/5b641e9bca8c675e.css

Response headers

cache-control: public, max-age=31536000, immutable
cf-cache-status: MISS
etag: W/"1edc-49773873e8"
x-do-app-origin: 81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray: 8e1bbec78e9be50d-TXL
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 7900
date: Wed, 13 Nov 2024 03:41:17 GMT
content-type: font/woff2
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H3 200 notix.js Show response
ca-pumpitpas.lpca.ohyousweeps.com/scripts/ 257 B
436 B 325ms
325ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-pumpitpas.lpca.ohyousweeps.com/scripts/notix.js
Requested by: Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/main-407d6493f1476c1f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec17709236c10eb00355ac73cbcac28ee3bb80d13fba70f817fcd14c4afeea10

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

cache-control: public, max-age=0
content-encoding: br
cf-cache-status: MISS
etag: W/"101-49773873e8"
x-do-app-origin: 81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray: 8e1bbec79ebce50d-TXL
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 03:41:17 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H3 200 b957ea75a84b6ea7-s.p.woff2
ca-pumpitpas.lpca.ohyousweeps.com/_next/static/media/ 8 KB
8 KB 328ms
327ms Font
font/woff2 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/media/b957ea75a84b6ea7-s.p.woff2
Requested by: Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/css/5b641e9bca8c675e.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 197a3cbd7290c242c5c765268cdd69a9a39867fdc80cd13071f243a81c56fb76

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ca-pumpitpas.lpca.ohyousweeps.com
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/css/5b641e9bca8c675e.css

Response headers

cache-control: public, max-age=31536000, immutable
cf-cache-status: MISS
etag: W/"1ea8-49773873e8"
x-do-app-origin: 81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray: 8e1bbec7aed9e50d-TXL
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 7848
date: Wed, 13 Nov 2024 03:41:17 GMT
content-type: font/woff2
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

POST
H2 201 certs Show response
api.trustedform.com/ 474 B
685 B 350ms
117ms XHR
application/json 3.208.53.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17314692765580.9086178838465213&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.208.53.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-53-61.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: ba423909d9037ce37a344c4b151650fe375add0a601e46b2cc16d2e1341f6246

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 474
date: Wed, 13 Nov 2024 03:41:17 GMT
content-type: application/json; charset=utf-8
server: Cowboy

GET
H2 200 enot.min.js Show response
notix.io/ent/current/ 142 KB
43 KB 173ms
44ms Script
application/javascript 139.45.197.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/ent/current/enot.min.js
Requested by: Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/scripts/notix.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6ccf4be26c7c79133eaf94c9c64a2ace27574e72d4c40c3c2011479cadca1f55

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

cache-control: no-cache
content-encoding: gzip
etag: W/"65f18b52-2380d"
pragma: no-cache
access-control-allow-credentials: true
date: Wed, 13 Nov 2024 03:41:17 GMT
content-type: application/javascript
last-modified: Wed, 13 Mar 2024 11:17:38 GMT
server: nginx

GET
H3 200 7569.12ebc157af1231ab.js Show response
ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/ 13 KB
4 KB 361ms
360ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/7569.12ebc157af1231ab.js
Requested by: Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/webpack-8e9f799007872b30.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be8f2d4fcbba5ef62deffd8473c65a02c95fc7b2617e9f4f962f94cc046470d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: MISS
etag: W/"3524-49773873e8"
x-do-app-origin: 81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray: 8e1bbec9d9c5e50d-TXL
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 03:41:18 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H3 200 2273.7a45f4f48f75fc73.js Show response
ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/ 4 KB
2 KB 328ms
327ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/2273.7a45f4f48f75fc73.js
Requested by: Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/webpack-8e9f799007872b30.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d8595aeb3cc8c44e5f4a225e5198a580b21940fb8905a93240a6e5deca1aae6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: MISS
etag: W/"1115-49773873e8"
x-do-app-origin: 81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray: 8e1bbec9d9c7e50d-TXL
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 03:41:18 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

POST
H2 201 data Show response
psp.pushnami.com/psfp/ 61 B
220 B 120ms
119ms Fetch
application/json 54.86.47.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/psfp/data
Requested by: Host: cdn.pushnami.com
URL: https://cdn.pushnami.com/js/exp/psfpv4_client_1.128.0_e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.86.47.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-47-14.compute-1.amazonaws.com
Software: / Express
Resource Hash: 0d7143481678f3bf3fceab721cfb554de756cc6ba5d59615040e45d47dce2699

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/octet-stream
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

access-control-allow-origin: *
content-length: 61
date: Wed, 13 Nov 2024 03:41:18 GMT
etag: W/"3d-bgee6Kgg3Q8pE/BeesUYL//zVTs"
content-type: application/json; charset=utf-8
x-powered-by: Express

OPTIONS
H2 204 data
psp.pushnami.com/psfp/ Frame 0
0 367ms
117ms Preflight 54.86.47.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/psfp/data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.86.47.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-47-14.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ca-pumpitpas.lpca.ohyousweeps.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Wed, 13 Nov 2024 03:41:18 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

GET
H2 200 trustedform-1.9.29.js Show response
cdn.trustedform.com/ 99 KB
37 KB 45ms
45ms Script
application/javascript 2600:9000:223d:7600:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.9.29.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17314692765580.9086178838465213&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:7600:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe6726f829bed6a0d5654d36b50e1d9fc4184666cd5510f1773da8d810909906

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

x-amz-cf-pop: FRA56-P3
content-encoding: gzip
x-amz-version-id: w2ikE3uYON.yI6FxOBBOWYKERFqpArBe
etag: W/"6ec4a7d1c6d89b4b842514b9a92fbbe7"
age: 14
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: bQZUT9FPrlmAK2trJkZnhVmmyYHADcUdPm04YN2uoEM6lJcXBQXh1w==
date: Wed, 13 Nov 2024 03:41:04 GMT
content-type: application/javascript
vary: Accept-Encoding
server: AmazonS3
last-modified: Mon, 11 Nov 2024 14:05:51 GMT

GET
H3 200 image
ca-pumpitpas.lpca.ohyousweeps.com/_next/ 15 KB
16 KB 410ms
410ms Image
image/webp 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ca-pumpitpas.lpca.ohyousweeps.com/_next/image?url=https%3A%2F%2Fim.us-imageo.com%2Fupload%2F1561383747_yellow-banner-en.png&w=1920&q=100

Requested by

Host: ca-pumpitpas.lpca.ohyousweeps.com
URL: https://ca-pumpitpas.lpca.ohyousweeps.com/_next/static/chunks/main-407d6493f1476c1f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a53eef8a03ab984b8fbe27f5c85bd0da27c5ab7617d4e1adce24e1bf312710e0

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

cf-cache-status: MISS
etag: pT7vigOrmEuPvif1yFvQ2ifFq3YX1OGtziThvzEnEOA=
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 03:41:18 GMT
content-type: image/webp
vary: Accept, Accept-Encoding
content-disposition: inline; filename="1561383747_yellow-banner-en.webp"
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cache-control: public, max-age=14400, must-revalidate
x-do-app-origin: 81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray: 8e1bbecb5c63e50d-TXL
accept-ranges: bytes
content-length: 15320
x-nextjs-cache: STALE
server: cloudflare
x-do-orig-status: 200

GET
H2 200 settings Show response
notix.io/ 106 B
372 B 48ms
47ms Fetch
application/json 139.45.197.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/settings?appId=1004e05c0628e2395124a3dabc0d9c0&ver=0.16.4

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

521afc73611a7d8a747dd3690f24d7277d30a51618ebe5faec2ca64a0bfea103

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

strict-transport-security: max-age=1
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://ca-pumpitpas.lpca.ohyousweeps.com
content-length: 106
date: Wed, 13 Nov 2024 03:41:18 GMT
content-type: application/json; charset=utf-8
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

POST
H2 200 event
notix.io/ 15 B
280 B 47ms
44ms Ping
application/json 139.45.197.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/event

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

strict-transport-security: max-age=1
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://ca-pumpitpas.lpca.ohyousweeps.com
content-length: 15
date: Wed, 13 Nov 2024 03:41:18 GMT
content-type: application/json; charset=utf-8
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

OPTIONS
H2 200 event
notix.io/ Frame 0
0 131ms
43ms Preflight
text/plain 139.45.197.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/event
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ca-pumpitpas.lpca.ohyousweeps.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ca-pumpitpas.lpca.ohyousweeps.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Wed, 13 Nov 2024 03:41:18 GMT
server: nginx

GET truncated
/ Frame 0
0

POST
H2 204 snapshot Show response
api.trustedform.com/certs/19c9ef0ea7c2e37f107f7ccce402d435ea3129ab/ 0
159 B 121ms
118ms XHR
text/plain 3.208.53.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/19c9ef0ea7c2e37f107f7ccce402d435ea3129ab/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.29.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.208.53.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-53-61.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

access-control-expose-headers
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
date: Wed, 13 Nov 2024 03:41:18 GMT
server: Cowboy
access-control-allow-credentials: true

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/19c9ef0ea7c2e37f107f7ccce402d435ea3129ab/ 0
159 B 120ms
118ms XHR
text/plain 3.208.53.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/19c9ef0ea7c2e37f107f7ccce402d435ea3129ab/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.29.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.208.53.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-53-61.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

access-control-expose-headers
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
date: Wed, 13 Nov 2024 03:41:18 GMT
server: Cowboy
access-control-allow-credentials: true

POST
H2 200 event
notix.io/ 15 B
280 B 49ms
46ms Ping
application/json 139.45.197.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/event

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

strict-transport-security: max-age=1
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://ca-pumpitpas.lpca.ohyousweeps.com
content-length: 15
date: Wed, 13 Nov 2024 03:41:18 GMT
content-type: application/json; charset=utf-8
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

OPTIONS
H2 200 event
notix.io/ Frame 0
0 54ms
44ms Preflight
text/plain 139.45.197.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/event
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ca-pumpitpas.lpca.ohyousweeps.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ca-pumpitpas.lpca.ohyousweeps.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Wed, 13 Nov 2024 03:41:18 GMT
server: nginx

POST
H2 200 event
notix.io/ 15 B
280 B 47ms
44ms Ping
application/json 139.45.197.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/event

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

strict-transport-security: max-age=1
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://ca-pumpitpas.lpca.ohyousweeps.com
content-length: 15
date: Wed, 13 Nov 2024 03:41:18 GMT
content-type: application/json; charset=utf-8
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

OPTIONS
H2 200 event
notix.io/ Frame 0
0 53ms
44ms Preflight
text/plain 139.45.197.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/event
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ca-pumpitpas.lpca.ohyousweeps.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ca-pumpitpas.lpca.ohyousweeps.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Wed, 13 Nov 2024 03:41:18 GMT
server: nginx

GET
H3 200 image
ca-pumpitpas.lpca.ohyousweeps.com/_next/ 158 B
507 B 329ms
328ms Image
image/webp 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ca-pumpitpas.lpca.ohyousweeps.com/_next/image?url=%2Fimages%2FgreaterThan.png&w=16&q=100

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c3894c673ada266451ff3b5cc75fae43cfa0f1e075a00ed4c09f53dfdfc8703

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

cf-cache-status: MISS
etag: XDiUxnOtomZFH-O1zHX65Dz6Dx4HWgDtTAn1Pf38hwM=
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 03:41:18 GMT
content-type: image/webp
vary: Accept, Accept-Encoding
content-disposition: inline; filename="greaterThan.webp"
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cache-control: public, max-age=60, must-revalidate
x-do-app-origin: 81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray: 8e1bbecc2e0de50d-TXL
accept-ranges: bytes
content-length: 158
x-nextjs-cache: STALE
server: cloudflare
x-do-orig-status: 200

POST
H2 200 psp Show response
psp.pushnami.com/api/ 2 B
152 B 379ms
377ms Fetch
text/html 54.86.47.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.86.47.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-47-14.compute-1.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

key: 62a7807cf9e9090013c65cc7
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept: application/json, text/plain, */*
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
content-length: 2
date: Wed, 13 Nov 2024 03:41:18 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/html; charset=utf-8
x-powered-by: Express

OPTIONS
H2 204 psp
psp.pushnami.com/api/ Frame 0
0 143ms
142ms Preflight 54.86.47.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.86.47.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-47-14.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://ca-pumpitpas.lpca.ohyousweeps.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: key
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Wed, 13 Nov 2024 03:41:18 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

GET
H2 200 check
fpc.pushnami.com/psfp/0142bb96-ee1c-4d10-a60e-f0759bcbefea/ 0
0 376ms
125ms Fetch 107.20.102.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fpc.pushnami.com/psfp/0142bb96-ee1c-4d10-a60e-f0759bcbefea/check?websiteId=62a7807cf9e9090013c65cc6&psfpv4=4e3a230f-6bac-52b8-829b-6629a8051c5e
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.102.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-102-130.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

x-request-id: YxUEdelqCpOzvWqPFp4UToLot5uqLv1k
access-control-allow-origin: *
content-length: 0
date: Wed, 13 Nov 2024 03:41:18 GMT
vary: Origin

OPTIONS
H3 200 57dkwyrvdw
event.trk-consulatu.com/register/event_log/ Frame 0
0 278ms
222ms Preflight 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-consulatu.com/register/event_log/57dkwyrvdw

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ca-pumpitpas.lpca.ohyousweeps.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8e1bbed01e063834-FRA
content-length: 0
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date: Wed, 13 Nov 2024 03:41:18 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6dLOpyQLfTJMyN%2Ba3j%2FYn4KiZ%2BStAxrIKw7lJdJYKG6CJifdyAruzZa9ZQLODr6Ct0OS%2FkwnBtdFEquxuJQBTVKEEljXiwIfMOgTxUaX4pvijZLmpwgATPaKrroiqc%2BKdpf3WYeHWCGDoA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=37380&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4149&recv_bytes=4468&delivery_rate=446&cwnd=12000&unsent_bytes=0&cid=2584a53bd565496c&ts=229&x=1" cfHdrFlush;dur=0
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H3 200 57dkwyrvdw
event.trk-consulatu.com/register/event_log/ 0
0 135ms
134ms Fetch 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-consulatu.com/register/event_log/57dkwyrvdw

Requested by

Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/z0grz0mex9?url=ca-pumpitpas.lpca.ohyousweeps.com&alturl=/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6vghiuYCmB76nkXgFnsXi%2BKg9fS2z%2FY06%2F22jXXfWC%2FrHctU22rtIrQxleEt0%2F%2FpE80hQudERwjW7S8mYRF7LyhVp8FiU4Ldg6Co11YcttTRq%2B6acrb04RyjCEE%2FBnkePXJszeDzWkpuvw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37357&sent=14&recv=13&lost=0&retrans=0&sent_bytes=5422&recv_bytes=5055&delivery_rate=33554&cwnd=12000&unsent_bytes=0&cid=2584a53bd565496c&ts=364&x=1", cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 03:41:19 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: SAMEORIGIN
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
cache-control: no-cache, no-store, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e1bbed17ea43834-FRA
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
x-pushplatformapp-params
access-control-allow-origin: *
content-length: 0
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 204 events Show response
api.trustedform.com/certs/19c9ef0ea7c2e37f107f7ccce402d435ea3129ab/ 0
159 B 120ms
119ms XHR
text/plain 3.208.53.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/19c9ef0ea7c2e37f107f7ccce402d435ea3129ab/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.29.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.208.53.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-53-61.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

access-control-expose-headers
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
date: Wed, 13 Nov 2024 03:41:18 GMT
server: Cowboy
access-control-allow-credentials: true

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 162ms
161ms Fetch
text/html 54.87.200.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.87.200.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-87-200-169.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

key: 62a7807cf9e9090013c65cc7
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept: application/json, text/plain, */*
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
content-length: 2
cache-control: no-cache
date: Wed, 13 Nov 2024 03:41:19 GMT
content-type: text/html; charset=utf-8

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 373ms
134ms Preflight 54.87.200.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.87.200.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-87-200-169.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://ca-pumpitpas.lpca.ohyousweeps.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Wed, 13 Nov 2024 03:41:19 GMT

POST
H2 200 event
notix.io/ 15 B
280 B 46ms
45ms Ping
application/json 139.45.197.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/event

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

strict-transport-security: max-age=1
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://ca-pumpitpas.lpca.ohyousweeps.com
content-length: 15
date: Wed, 13 Nov 2024 03:41:19 GMT
content-type: application/json; charset=utf-8
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

POST
H3 200 57dkwyrvdw
event.trk-consulatu.com/register/event_log/ 0
0 135ms
133ms Fetch 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-consulatu.com/register/event_log/57dkwyrvdw

Requested by

Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/z0grz0mex9?url=ca-pumpitpas.lpca.ohyousweeps.com&alturl=/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/

Response headers

access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YcyRob%2FQucoDaM41VZUXaU49%2BPMF47BeW9SYgfu59PYeoAM%2BlNRry2yr2yfpU1Mr40w1u9342hbmYOkmWHQjw33CcagoNySFGzfCGWMWSr%2FLJzXqFIp6s7sd8F9HIJAlCAr7C07HdT6pLg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37315&sent=18&recv=16&lost=0&retrans=0&sent_bytes=6727&recv_bytes=5675&delivery_rate=9535&cwnd=12000&unsent_bytes=0&cid=2584a53bd565496c&ts=2220&x=1", cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 03:41:20 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: SAMEORIGIN
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
cache-control: no-cache, no-store, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e1bbedd1b2b3834-FRA
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
x-pushplatformapp-params
access-control-allow-origin: *
content-length: 0
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 119ms
117ms Fetch
text/html 54.87.200.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.87.200.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-87-200-169.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

key: 62a7807cf9e9090013c65cc7
Referer: https://ca-pumpitpas.lpca.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept: application/json, text/plain, */*
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
content-length: 2
cache-control: no-cache
date: Wed, 13 Nov 2024 03:41:21 GMT
content-type: text/html; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: truncated
URL: data:truncated

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.znqroot.com/	1969-12-31 23:59:59	Name: sid Value: TI3QPNfiD40KOlj7MTshjPttucSHdZayYp3wh9NHzY8I3fqCnbz+iw==
.znqroot.com/	1970-01-21 10:33:49	Name: trk Value: Y6GTNNvL4+spNvfNoQJM/fttucSHdZayYp3wh9NHzY8I3fqCnbz+iw==
.znqroot.com/	1970-01-21 01:00:42	Name: c28980 Value: TI3QPNfiD42avjg1BPPCMdgQKwY4ys22aWKJJJkaBoBHPbG2aEuKfw==
.ca-pumpitpas.lpca.ohyousweeps.com/	1970-01-21 00:57:51	Name: __cf_bm Value: _NOvpi5pvR2toeEsb9gq5BEQgBF6GszIc6QQyPP_wgw-1731469279-1.0.1.1-cwWfymlv4MFmqYT_sww8KbKGHi85q.xygpzXxeR1j0bBBXlrzLYFlV8kU0XpHyanw3GOrc9R4CYdR6Et0HJ25Q

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ca-pumpitpas.lpca.ohyousweeps.com/undefined Message: Failed to load resource: the server responded with a status of 404 ()
rendering	warning	URL: https://ca-pumpitpas.lpca.ohyousweeps.com/#/?reqid=2325587314&oid=28980&a=1850&cid=609547&s1=731341 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0D01C00D4070000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://ca-pumpitpas.lpca.ohyousweeps.com/#/?reqid=2325587314&oid=28980&a=1850&cid=609547&s1=731341 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0106101D4070000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://ca-pumpitpas.lpca.ohyousweeps.com/#/?reqid=2325587314&oid=28980&a=1850&cid=609547&s1=731341 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0E06001D4070000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://ca-pumpitpas.lpca.ohyousweeps.com/#/?reqid=2325587314&oid=28980&a=1850&cid=609547&s1=731341 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0F08501D4070000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://ca-pumpitpas.lpca.ohyousweeps.com/#/?reqid=2325587314&oid=28980&a=1850&cid=609547&s1=731341 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0C08501D4070000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
other	error	URL: https://ca-pumpitpas.lpca.ohyousweeps.com/#/?reqid=2325587314&oid=28980&a=1850&cid=609547&s1=731341 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other	error	URL: https://ca-pumpitpas.lpca.ohyousweeps.com/#/?reqid=2325587314&oid=28980&a=1850&cid=609547&s1=731341 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

affslinksfirst.com
api.pushnami.com
api.trustedform.com
ca-pumpitpas.lpca.ohyousweeps.com
cdn.pushnami.com
cdn.trustedform.com
event.trk-consulatu.com
fonts.googleapis.com
fpc.pushnami.com
frstlinksthenleads.com
im.eu-imageo.com
notix.io
psp.pushnami.com
trc.pushnami.com
trk-consulatu.com
truncated
znqroot.com
truncated
107.20.102.130
13.32.99.63
139.45.197.253
172.66.0.96
172.67.181.103
18.244.18.27
188.114.97.3
2600:9000:223d:7600:1c:7f1a:6680:93a1
2a00:1450:4001:802::200a
3.208.53.61
34.253.66.248
52.49.22.231
54.86.47.14
54.87.200.169
096a904d624bad5fc1f824fa681f6364a49bbed817af3bde801edf729c3f6cef
0d7143481678f3bf3fceab721cfb554de756cc6ba5d59615040e45d47dce2699
1462e67150facc091d6b0373d7178e59ba1d4acae61fa402a9c49b9d5df03226
152d57a9293a85d2758de71c07809b0c3d89b3b9d9912567e3be5188a3224efe
197a3cbd7290c242c5c765268cdd69a9a39867fdc80cd13071f243a81c56fb76
2563c9889ab740821a772b23a8d117ff9a47114fe7dbd4082883e0014449d4c0
2b3c653f7c6168dc0875113b4efa11458d403099aad659885936a7225b3e719d
2f02f38a92903a74aff3d45e16895c39a63a533aea698c41cf69ce89fa7d2ce5
3ad6bbfa96aa5a10e94f05d4cad856e2dab931e53e079c962f565d8251a90c21
3dc5d0c52428fe1696264907a1054ebbaac07f8cbe45832c105f819c2ae397c0
3fc88b4a19207c400c0aa5c8fd968b57c51bceda902ca3b9301e286a3382ce5f
444c39fad9d22bbcddba96a32df717cf13a1aba504ac2bb50cd55725d7194c45
457b799d17a3c96d2bd5d8cea31f1329934862663740f0bc6807b1e4a9997a12
49b0771a0e58cc5a9702637b417e2c3046093fc6a141fa8368fb1254d5c6b28e
4e24c5ffbef0c1a864af8454cc95ffcb4d406324b4ddca1a6ebfc05e66c2883c
521afc73611a7d8a747dd3690f24d7277d30a51618ebe5faec2ca64a0bfea103
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
577a4876a1a082f0b8d6fe9805b002693c159e8ccc669b7d68a472cba87784bb
5c3894c673ada266451ff3b5cc75fae43cfa0f1e075a00ed4c09f53dfdfc8703
6a4b804705e725b9f4fd4adf6500180b54cc5ddefed460e48d1be724fed155d6
6bd9ef960f284a0987acb1bf0c3923388978922abf60704cb40c008ddbfaf1a3
6ccf4be26c7c79133eaf94c9c64a2ace27574e72d4c40c3c2011479cadca1f55
6f26ddc07cf4c6fff8ecdf9039a650fff0e00c8d118fc4215de442241165ffd5
71fa4416b47ecdf60c5e09d6542a014b39db5ac8797f396a3da08432a4eb7682
77ab64cceae5115ff453740351c36a92b4c72d02e4e5f40d4eba4f8259a7ac7c
7cd8ef826e33c8d3f19c9206149045926e77f2256f7a480069bdde8183dcea9f
7d74bdd6d4a41d352668bd82d267ab63420ecf7e805d0bc55ed885bb26789b72
7ddf6a74fe75129146bb3f07b58000981678b998ecc4aa71ad5bbdb8d1883921
8d8595aeb3cc8c44e5f4a225e5198a580b21940fb8905a93240a6e5deca1aae6
90c3f7d3a0c9ea479426734e372b2a5e26f8d182419905262a82129c39c8f7aa
a53eef8a03ab984b8fbe27f5c85bd0da27c5ab7617d4e1adce24e1bf312710e0
a7a5ac9d1fb9e82e28bc45c4c6679978dffcebb48005912ed948342cba2080e9
a7cb6bd3ed37db09fc8058d4cdb4ad60abe65d42f4d07a4dd5dbc9b41027af59
a8463942953199c216a5a7cb6ce292267b02b68eee7a0f83aea43dfa16d0dc64
b41d7402cbdab32acba31cfdd479730c74b7527fa7c881b0486098bd1a895607
ba423909d9037ce37a344c4b151650fe375add0a601e46b2cc16d2e1341f6246
be8f2d4fcbba5ef62deffd8473c65a02c95fc7b2617e9f4f962f94cc046470d6
bfdb31409fcb0742975e76d2cfebf8223c2ae2cb0e1227eb223b067c29de4dfb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9
e71178537b81385c9a38521c1b58bf6f8247065e743f23567e1d7626825a3f1a
ec17709236c10eb00355ac73cbcac28ee3bb80d13fba70f817fcd14c4afeea10
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
f1234672c218e49132326095baba7f217c6df8278d644b7a6745532388e72611
fe6726f829bed6a0d5654d36b50e1d9fc4184666cd5510f1773da8d810909906
fff0bdb3f70b85b820a949503a24610fb007cf4582f1e67f4835a14de511d50f

ca-pumpitpas.lpca.ohyousweeps.com Open in urlscan Pro 172.66.0.96 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

65 Requests

98 %HTTPS

14 %IPv6

11 Domains

17 Subdomains

14 IPs

5 Countries

1350 kBTransfer

3050 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ca-pumpitpas.lpca.ohyousweeps.com Open in urlscan Pro
172.66.0.96 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

98 %
HTTPS

14 %
IPv6

11
Domains

17
Subdomains

14
IPs

5
Countries

1350 kB
Transfer

3050 kB
Size

4
Cookies

65 HTTP transactions
1 data transactions