Submitted URL: http://frstafflinks.com/?a=1313&oc=30336&c=61212&m=7&s1=250806&s3=sweeps&s2=1528057815&s4=19103
Effective URL: https://us-nicdonalds-tp.yousweeps.com/
Submission: On June 22 via api from US — Scanned from DE

Summary

This website contacted 15 IPs in 3 countries across 11 domains to perform 58 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is us-nicdonalds-tp.yousweeps.com.
TLS certificate: Issued by WE1 on June 15th 2024. Valid for: 3 months.
This is the only time us-nicdonalds-tp.yousweeps.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 3 34.252.193.177 16509 (AMAZON-02)
30 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 5 54.226.230.157 14618 (AMAZON-AES)
2 2600:9000:26d... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 18.173.187.93 16509 (AMAZON-02)
2 18.244.18.36 16509 (AMAZON-02)
1 18.173.187.20 16509 (AMAZON-02)
4 54.173.117.0 14618 (AMAZON-AES)
4 18.233.149.30 14618 (AMAZON-AES)
1 13.32.23.225 16509 (AMAZON-02)
1 34.193.209.42 14618 (AMAZON-AES)
4 3.226.49.66 14618 (AMAZON-AES)
58 15
Apex Domain
Subdomains
Transfer
27 yousweeps.com
us-nicdonalds-tp.yousweeps.com
519 KB
13 pushnami.com
api.pushnami.com — Cisco Umbrella Rank: 6938
cdn.pushnami.com — Cisco Umbrella Rank: 15883
psp.pushnami.com — Cisco Umbrella Rank: 23242
fpc.pushnami.com — Cisco Umbrella Rank: 463906
trc.pushnami.com — Cisco Umbrella Rank: 6710
369 KB
7 trustedform.com
api.trustedform.com — Cisco Umbrella Rank: 24046
cdn.trustedform.com — Cisco Umbrella Rank: 29437
43 KB
4 leadid.com
create.leadid.com — Cisco Umbrella Rank: 13933
2 KB
3 d-promo.com
lpapi.d-promo.com
234 KB
2 us-imageo.com
im.us-imageo.com
462 KB
2 frstafflinks.com
frstafflinks.com
846 B
1 cloudfront.net
d2m2wsoho8qq12.cloudfront.net
1 lidstatic.com
create.lidstatic.com — Cisco Umbrella Rank: 21704
39 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
964 B
1 znqroot.com
znqroot.com
836 B
58 11
Domain Requested by
27 us-nicdonalds-tp.yousweeps.com us-nicdonalds-tp.yousweeps.com
5 api.trustedform.com 1 redirects api.trustedform.com
cdn.trustedform.com
4 trc.pushnami.com api.pushnami.com
4 psp.pushnami.com cdn.pushnami.com
api.pushnami.com
4 create.leadid.com create.lidstatic.com
3 lpapi.d-promo.com us-nicdonalds-tp.yousweeps.com
2 cdn.pushnami.com api.pushnami.com
2 api.pushnami.com us-nicdonalds-tp.yousweeps.com
api.pushnami.com
2 im.us-imageo.com
2 cdn.trustedform.com api.trustedform.com
2 frstafflinks.com 2 redirects
1 fpc.pushnami.com api.pushnami.com
1 d2m2wsoho8qq12.cloudfront.net create.lidstatic.com
1 create.lidstatic.com us-nicdonalds-tp.yousweeps.com
1 fonts.googleapis.com us-nicdonalds-tp.yousweeps.com
1 znqroot.com 1 redirects
58 16

This site contains links to these domains. Also see Links.

Domain
yousweeps.com
customercare.today
Subject Issuer Validity Valid
yousweeps.com
WE1
2024-06-15 -
2024-09-13
3 months crt.sh
upload.video.google.com
WR2
2024-06-03 -
2024-08-26
3 months crt.sh
d-promo.com
WE1
2024-06-22 -
2024-09-20
3 months crt.sh
lidstatic.com
E1
2024-05-25 -
2024-08-23
3 months crt.sh
us-imageo.com
E1
2024-05-08 -
2024-08-06
3 months crt.sh
*.pushnami.com
Amazon RSA 2048 M02
2024-02-03 -
2025-03-03
a year crt.sh
create.leadid.com
Amazon RSA 2048 M02
2023-08-21 -
2024-09-17
a year crt.sh
*.trustedform.com
Amazon RSA 2048 M03
2023-08-11 -
2024-09-07
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh
cdn.trustedform.com
Amazon RSA 2048 M03
2024-02-13 -
2025-03-13
a year crt.sh

This page contains 3 frames:

Primary Page: https://us-nicdonalds-tp.yousweeps.com/
Frame ID: 4E963402DE6319BFC7CF66ADEA1FF4D8
Requests: 53 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 1241011B631555EE50639857FEEFE4D4
Requests: 1 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=2AA3ED76-9C89-5662-9C66-B9AC4BDCA8D6&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593
Frame ID: C5A23CB01E9D442FDBF178B0CE183940
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Win a $100 McDonalds Gift Card

Page URL History Show full URLs

  1. http://frstafflinks.com/?a=1313&oc=30336&c=61212&m=7&s1=250806&s3=sweeps&s2=1528057815&s4=19103 HTTP 307
    https://frstafflinks.com/?a=1313&oc=30336&c=61212&m=7&s1=250806&s3=sweeps&s2=1528057815&s4=19103 HTTP 302
    https://frstafflinks.com/?a=1313&oc=30336&c=61212&m=7&s1=250806&s3=sweeps&s2=1528057815&s4=19103&ch-r... HTTP 302
    https://znqroot.com/?a=1313&oc=30336&c=61212&m=7&s1=250806&s3=sweeps&s2=1528057815&s4=19103&ch-r... HTTP 302
    https://us-nicdonalds-tp.yousweeps.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • api\.pushnami\.com

Page Statistics

58
Requests

98 %
HTTPS

33 %
IPv6

11
Domains

16
Subdomains

15
IPs

3
Countries

1679 kB
Transfer

3539 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://frstafflinks.com/?a=1313&oc=30336&c=61212&m=7&s1=250806&s3=sweeps&s2=1528057815&s4=19103 HTTP 307
    https://frstafflinks.com/?a=1313&oc=30336&c=61212&m=7&s1=250806&s3=sweeps&s2=1528057815&s4=19103 HTTP 302
    https://frstafflinks.com/?a=1313&oc=30336&c=61212&m=7&s1=250806&s3=sweeps&s2=1528057815&s4=19103&ch-redir=1&ckmxid=cprifi5r00006k07pnl0 HTTP 302
    https://znqroot.com/?a=1313&oc=30336&c=61212&m=7&s1=250806&s3=sweeps&s2=1528057815&s4=19103&ch-redir=1&ckmxid=cprifi5r00006k07pnl0&ckmguid=dbf14443-9e28-4f06-a01f-9e90a2431115 HTTP 302
    https://us-nicdonalds-tp.yousweeps.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17190850014750.10690166257036449&invert_field_sensitivity=false HTTP 301
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17190850014750.10690166257036449&invert_field_sensitivity=false

58 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
us-nicdonalds-tp.yousweeps.com/
Redirect Chain
  • http://frstafflinks.com/?a=1313&oc=30336&c=61212&m=7&s1=250806&s3=sweeps&s2=1528057815&s4=19103
  • https://frstafflinks.com/?a=1313&oc=30336&c=61212&m=7&s1=250806&s3=sweeps&s2=1528057815&s4=19103
  • https://frstafflinks.com/?a=1313&oc=30336&c=61212&m=7&s1=250806&s3=sweeps&s2=1528057815&s4=19103&ch-redir=1&ckmxid=cprifi5r00006k07pnl0
  • https://znqroot.com/?a=1313&oc=30336&c=61212&m=7&s1=250806&s3=sweeps&s2=1528057815&s4=19103&ch-redir=1&ckmxid=cprifi5r00006k07pnl0&ckmguid=dbf14443-9e28-4f06-a01f-9e90a2431115
  • https://us-nicdonalds-tp.yousweeps.com/
71 KB
9 KB
Document
General
Full URL
https://us-nicdonalds-tp.yousweeps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
f39166fb546e406c041b9ca885a8d10167fc489929996c697ec6de8365d2788b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
s-maxage=3600, stale-while-revalidate
cf-cache-status
DYNAMIC
cf-ray
897eb0459d762bae-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 22 Jun 2024 19:36:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=09%2FOfoGaaPwn1HCcpXnbJ0H0G3Nmgr6q1mL1XNaj8oxUEA8S2Cj6NTcL1UWx%2BGfhkSMoeIOuWHRcq5ZJQmQ6ptxRhienO1uVGB4c%2FAwTNoVUV17BZQeUyRQttIIlCFLqDq466OIWIpnI4%2BGDR9FwZLsAm0kSL3qCX%2B5F%2Ff4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-do-app-origin
4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status
200
x-nextjs-cache
HIT
x-powered-by
Next.js

Redirect headers

Cache-Control
private
Connection
close
Content-Length
229
Content-Type
text/html; charset=utf-8
Date
Sat, 22 Jun 2024 19:36:40 GMT
Location
https://us-nicdonalds-tp.yousweeps.com/#/?reqid=2317233877&oid=24331&a=1313&cid=524847&s1=250806
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
c92405fb728e0c3f.css
us-nicdonalds-tp.yousweeps.com/_next/static/css/
114 KB
20 KB
Stylesheet
General
Full URL
https://us-nicdonalds-tp.yousweeps.com/_next/static/css/c92405fb728e0c3f.css
Requested by
Host: us-nicdonalds-tp.yousweeps.com
URL: https://us-nicdonalds-tp.yousweeps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51761027c3827b6b88ec1c7e38560edbd92e1422281d5ced264dffc63ab85e09

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:36:41 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status
200
etag
W/"1c7ae-49773873e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SoIHOuSjLhi5p1UObz3mQupsn32A8x8bO52tLSZAfln0fOiQYKPXaO7xJSNYeYpn%2FKfFdOBereV9mMGkR3k1c2DMukCS109OYE58ucwkGUaEb%2BSV0W0rjQ%2FrLBvjxBeaIN8Z4cHztbhtqDhbPnioevpEY75Zdpk%2F8Ov8Zvg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
server
cloudflare
cache-control
public, max-age=31536000, immutable
cf-ray
897eb047c8a02bae-FRA
alt-svc
h3=":443"; ma=86400
webpack-11741ab7930e7a04.js
us-nicdonalds-tp.yousweeps.com/_next/static/chunks/
6 KB
3 KB
Script
General
Full URL
https://us-nicdonalds-tp.yousweeps.com/_next/static/chunks/webpack-11741ab7930e7a04.js
Requested by
Host: us-nicdonalds-tp.yousweeps.com
URL: https://us-nicdonalds-tp.yousweeps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec6cc28f8d2572a43b7e58d7a7184cc496f1c184c738509a5fbaf2721a2e4b6a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:36:41 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status
200
etag
W/"1840-49773873e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ANXBXOXIB7HfNBqrQlKvzVOvWaXzc%2B9gul4uP9Be8SOnESara38YKhSBfLl6MDoqBA3AsGPrDh4xYMF7Cpv%2BcWZAnpdW1NH2hsqLkWFlV1z642EVPmkcxxIicjV61mV0qsqEVkXxObcTWXMajqI3sgjODQJqVpj9nKFu1BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
server
cloudflare
cache-control
public, max-age=31536000, immutable
cf-ray
897eb047c8a42bae-FRA
alt-svc
h3=":443"; ma=86400
framework-92a422f151f77ddb.js
us-nicdonalds-tp.yousweeps.com/_next/static/chunks/
138 KB
45 KB
Script
General
Full URL
https://us-nicdonalds-tp.yousweeps.com/_next/static/chunks/framework-92a422f151f77ddb.js
Requested by
Host: us-nicdonalds-tp.yousweeps.com
URL: https://us-nicdonalds-tp.yousweeps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c085969288e366f115fd6ba1c93ce5c3ffecb65f6298a770385e192872f96252

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:36:41 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status
200
etag
W/"226b9-49773873e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=inGQixbGSzZWQrY6CSzXTsD4J603uXjlKIgpZWlQZeBLpCqQQmndl4xtZX5sxAsP%2BdVIP9HzMcDyKRgakQO6osgd7gtMhq1hnimH%2BR89j4A6AU75kefeBiEplVzENw01IyskPIj8Wbajx9UKnW29f7ka9LJ3URGtdJGJDuM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
server
cloudflare
cache-control
public, max-age=31536000, immutable
cf-ray
897eb047d8b82bae-FRA
alt-svc
h3=":443"; ma=86400
main-3ddcad86c0b8c094.js
us-nicdonalds-tp.yousweeps.com/_next/static/chunks/
124 KB
37 KB
Script
General
Full URL
https://us-nicdonalds-tp.yousweeps.com/_next/static/chunks/main-3ddcad86c0b8c094.js
Requested by
Host: us-nicdonalds-tp.yousweeps.com
URL: https://us-nicdonalds-tp.yousweeps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bca92b278d68953e3f3e9bd23b31caabd8f3286f2ffc6c72239db68b7e02377

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:36:41 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status
200
etag
W/"1ee6b-49773873e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=opNqiOzTIcfd2s0LidQSxThUplpYcFLhXGJCk41SnSxZLiJbQdtWd2%2F13BuJfZb%2Flx5dmRoMBD8dG6HsZszAd%2BTKciBEY5JetNJpbTKVDiWhTGJmr6OTAujFaZ29dyanQV0XRLJtdiSxGAWkVd%2Fvjwgc6z1o7JLVnfUCS58%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
server
cloudflare
cache-control
public, max-age=31536000, immutable
cf-ray
897eb047d8ba2bae-FRA
alt-svc
h3=":443"; ma=86400
_app-41463df6f76f35e5.js
us-nicdonalds-tp.yousweeps.com/_next/static/chunks/pages/
305 KB
89 KB
Script
General
Full URL
https://us-nicdonalds-tp.yousweeps.com/_next/static/chunks/pages/_app-41463df6f76f35e5.js
Requested by
Host: us-nicdonalds-tp.yousweeps.com
URL: https://us-nicdonalds-tp.yousweeps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1036349b737b04f9ba1daa25245bfa92f457671f07a07be75954c989e147056

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:36:41 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status
200
etag
W/"4c352-49773873e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xJjSPqfqC8V926twBabMiIw5nGwbcTaOuBADoGo%2FivwvUXbUYlTx0zOjiJNrcuj65p2E%2FpZWo%2F97tcoU5uufmednEZ2AcaLWjEMrupLL4Hr7bOEffAQlgv%2BeYJoRLy3wGzwvHhTES%2FXMTohfIJwd6RPaMA9BKPYB3COfz3I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
server
cloudflare
cache-control
public, max-age=31536000, immutable
cf-ray
897eb047d8bd2bae-FRA
alt-svc
h3=":443"; ma=86400
b637e9a5-445986cafd87aa11.js
us-nicdonalds-tp.yousweeps.com/_next/static/chunks/
85 KB
30 KB
Script
General
Full URL
https://us-nicdonalds-tp.yousweeps.com/_next/static/chunks/b637e9a5-445986cafd87aa11.js
Requested by
Host: us-nicdonalds-tp.yousweeps.com
URL: https://us-nicdonalds-tp.yousweeps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f8286214f7f23287908ec2c6da7f8ea5ed67fef0bd3a7d70eead2411033b8dd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:36:41 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status
200
etag
W/"152b1-49773873e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DUg3R7xUql0TuPa1qjy8LD2Wjk7vcYNEwZGQCPi1i8BQm4l7a3KdIRC8ME2rmEUoz%2FxtlzGefUbuwRfeEz3WYEKLAja8sVmJ4igxcjpNhktuxNd22dSq63mCUOOqvLglklcJOpRgeI79sWqy5SxMbCu0lYQxydvxG3X8LeM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
server
cloudflare
cache-control
public, max-age=31536000, immutable
cf-ray
897eb047d8be2bae-FRA
alt-svc
h3=":443"; ma=86400
4870-ffe4bae46444420d.js
us-nicdonalds-tp.yousweeps.com/_next/static/chunks/
357 KB
113 KB
Script
General
Full URL
https://us-nicdonalds-tp.yousweeps.com/_next/static/chunks/4870-ffe4bae46444420d.js
Requested by
Host: us-nicdonalds-tp.yousweeps.com
URL: https://us-nicdonalds-tp.yousweeps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
808eb1aa1ec1ee07e101b17e80454b47790ca3ad7079a19bf31edd6152fea2f2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:36:41 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status
200
etag
W/"59508-49773873e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i5%2BbpfrVSyqXN7kv7ZalBi4ZYQPEe1OTdR5lBIXyUGg8Wh7YM8PBTF4UlzHb8pAfmepI%2Bgz1%2FFU%2BWHCqB7FssZnmgaZIh5K%2FNPd2cEsPkpv2t5FYj9hZo6BUp%2BwcFa1nsKxF5TUero7g7EwRjZQa7odUIfjJ7SGDcc%2BmUBg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
server
cloudflare
cache-control
public, max-age=31536000, immutable
cf-ray
897eb047d8bf2bae-FRA
alt-svc
h3=":443"; ma=86400
%5Blandingpage%5D-93cb87ca272d168d.js
us-nicdonalds-tp.yousweeps.com/_next/static/chunks/pages/landingpages/
88 KB
21 KB
Script
General
Full URL
https://us-nicdonalds-tp.yousweeps.com/_next/static/chunks/pages/landingpages/%5Blandingpage%5D-93cb87ca272d168d.js
Requested by
Host: us-nicdonalds-tp.yousweeps.com
URL: https://us-nicdonalds-tp.yousweeps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fdce03581ff3c80e558493f365b4b65c46dacd4bdd507d9e00eefc964db4622

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:36:41 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status
200
etag
W/"16035-49773873e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M3DnIJ5LqjFGcx0j0O19NYk%2FuNd%2FnwLUCTp0QjEKw%2BKMpg1HewZDzrVcvHBqPjlq%2BXAgsVVNZyuE5v0LzM0dEHppsKL1WeBo%2BSF2E%2BzusIvBbWojqQ7c0jjUZjuE%2BxJisg22kNRmiZyHE4HFchkUuekDowTlLmk%2BMQuxoZ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
server
cloudflare
cache-control
public, max-age=31536000, immutable
cf-ray
897eb047d8c02bae-FRA
alt-svc
h3=":443"; ma=86400
_buildManifest.js
us-nicdonalds-tp.yousweeps.com/_next/static/3XvO6Jtb878cuYcxtPA_M/
649 B
763 B
Script
General
Full URL
https://us-nicdonalds-tp.yousweeps.com/_next/static/3XvO6Jtb878cuYcxtPA_M/_buildManifest.js
Requested by
Host: us-nicdonalds-tp.yousweeps.com
URL: https://us-nicdonalds-tp.yousweeps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf07a2a6a6c1c600afbfb8739b6f2a8bea34d72756b0ae300ece18ae75a7655b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:36:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
4c1fccf3-103a-472c-9b64-c862664ac86d
age
205235
x-do-orig-status
200
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
cloudflare
etag
W/"289-49773873e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mF6MLx5BtklVpu4ySsbPok%2B7S7wGvXJP69zMlCX%2FmyfMQ0YgA9Gjuq%2BrOrylNPzlgr%2BHIrM5kck3xQVGcePC9BvJKH57iV4SlkH5%2F3%2FgLT0XvJuiUlsrIngZ%2Bwf%2F7mwQ2FUMQ66nCJNIlmZnw%2FBTxsWVI51NkmuDoZD3Y2E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
897eb047d8c42bae-FRA
_ssgManifest.js
us-nicdonalds-tp.yousweeps.com/_next/static/3XvO6Jtb878cuYcxtPA_M/
119 B
399 B
Script
General
Full URL
https://us-nicdonalds-tp.yousweeps.com/_next/static/3XvO6Jtb878cuYcxtPA_M/_ssgManifest.js
Requested by
Host: us-nicdonalds-tp.yousweeps.com
URL: https://us-nicdonalds-tp.yousweeps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d74bdd6d4a41d352668bd82d267ab63420ecf7e805d0bc55ed885bb26789b72

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:36:41 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status
200
etag
W/"77-49773873e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4MerZGVGY%2FEpJQY9s4X4gSCIzUKdd8upgJyHdnXwiFxzwwcHMsdkhWT7xO%2BBA3Fh09bLcVSH%2FRXWVW5Wl8keoIaoqB5g1wzvZZTdvKkm1ztuVKzdueAWwmI3iSuFhrsqIgaXOVmAD%2Bpa32hCXwrJIYEWHRRnNeTCEi5%2B6GU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
server
cloudflare
cache-control
public, max-age=31536000, immutable
cf-ray
897eb047d8c72bae-FRA
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/
2 KB
964 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oswald
Requested by
Host: us-nicdonalds-tp.yousweeps.com
URL: https://us-nicdonalds-tp.yousweeps.com/_next/static/css/c92405fb728e0c3f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f90de736f6ff83da489522cee313c012ce3309322e062293f92680c64489f151
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 22 Jun 2024 19:36:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 22 Jun 2024 18:30:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 22 Jun 2024 19:36:41 GMT
cb1608f2.4b67b4d74d78a099.js
us-nicdonalds-tp.yousweeps.com/_next/static/chunks/
4 KB
2 KB
Script
General
Full URL
https://us-nicdonalds-tp.yousweeps.com/_next/static/chunks/cb1608f2.4b67b4d74d78a099.js
Requested by
Host: us-nicdonalds-tp.yousweeps.com
URL: https://us-nicdonalds-tp.yousweeps.com/_next/static/chunks/webpack-11741ab7930e7a04.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ccf543350d6a4c5910bb8557058274fc37430426790eef4df9c1bf9aea667cd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:36:41 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status
200
etag
W/"f1f-49773873e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4tAGBOXErmsVkkgTJgPeAuNfYz5jBUIvsPcuCA5XFnzCPX2VKSRq0BODE4X%2FXhmCvsnbH1F%2F3Cms1eKLsmz%2B6rm50V8ok4NghZgcV2uuGWYf61aHuTMoTekUmcbgU3vrgvo9sttwxGx8%2BUUtiCU21uwgoD9YSg2qWj%2Bno24%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
server
cloudflare
cache-control
public, max-age=31536000, immutable
cf-ray
897eb04b3d6e2bae-FRA
alt-svc
h3=":443"; ma=86400
2814.600547a8c4b34b37.js
us-nicdonalds-tp.yousweeps.com/_next/static/chunks/
42 KB
15 KB
Script
General
Full URL
https://us-nicdonalds-tp.yousweeps.com/_next/static/chunks/2814.600547a8c4b34b37.js
Requested by
Host: us-nicdonalds-tp.yousweeps.com
URL: https://us-nicdonalds-tp.yousweeps.com/_next/static/chunks/webpack-11741ab7930e7a04.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1ab66a7491b6307e5fdc14fbd5b0de4ecac697c38c3ef15ff140b976dc00720

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:36:41 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status
200
etag
W/"a81a-49773873e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UCZyKS3AIhnNSGRbYBlUxLiThZl2R6%2F%2BE0OWshP%2B8M8gzWCv53VMaDQp0dsMwrdH5UO3BlbTyupsUznoftORQvviZ%2FRaT4cWjPRJLEDubW3LXC2K4vFB5Vm2CsjHbPkZMcP431YhvaK2jOsdEQ51kayDwWiFnBIGPAcObQE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
server
cloudflare
cache-control
public, max-age=31536000, immutable
cf-ray
897eb04b3d742bae-FRA
alt-svc
h3=":443"; ma=86400
e8a71ef503c5cc21.css
us-nicdonalds-tp.yousweeps.com/_next/static/css/
2 KB
886 B
Stylesheet
General
Full URL
https://us-nicdonalds-tp.yousweeps.com/_next/static/css/e8a71ef503c5cc21.css
Requested by
Host: us-nicdonalds-tp.yousweeps.com
URL: https://us-nicdonalds-tp.yousweeps.com/_next/static/chunks/webpack-11741ab7930e7a04.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af8fdf6bc206540ea16c7d0eb9a03faad5409b6ec70e0f3b08579a13833e0a39

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:36:41 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status
200
etag
W/"98e-49773873e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lm7vTVvNr11aaCnl4Dv5XncN8YjiRaM0pVlrw2YiFJY2QpVcT5%2BfqlyNAwpkHtwAh9WdP90REmktjjAQoXzVy%2Foq0N0XOniEbjTlyUG1W5NF7bdhOaG9TZNwkzh1WPX75M84g7jalB7lw5ysD4x6VdZ1QIPlBtIuVYKaqII%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
server
cloudflare
cache-control
public, max-age=31536000, immutable
cf-ray
897eb04b3d792bae-FRA
alt-svc
h3=":443"; ma=86400
3265.90b408200e79bebb.js
us-nicdonalds-tp.yousweeps.com/_next/static/chunks/
12 KB
4 KB
Script
General
Full URL
https://us-nicdonalds-tp.yousweeps.com/_next/static/chunks/3265.90b408200e79bebb.js
Requested by
Host: us-nicdonalds-tp.yousweeps.com
URL: https://us-nicdonalds-tp.yousweeps.com/_next/static/chunks/webpack-11741ab7930e7a04.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf6146e8d117267208f21f3e0cd443cc862b2f9610c1cbbb3b1629ef034d3bed

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:36:41 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status
200
etag
W/"3194-49773873e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VnysFXqvUHKpxYaPJsOS%2FKjmhf%2Ft6%2FMRsKx9RNzE03x8eHYAVVxrt15TIXUzvpoScfmykikJOiG%2FBSxXOvuj3uF1ZA%2BMcTvYwqR1JVCNiGKqcila02DaahmKTH%2Fy7uhRQ69MSWmUEXgbvESzGrOxL0DW2k26YNh3KX%2B881U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
server
cloudflare
cache-control
public, max-age=31536000, immutable
cf-ray
897eb04b3d7b2bae-FRA
alt-svc
h3=":443"; ma=86400
/
lpapi.d-promo.com/survey/getSurveyData/32_questions.json/
307 KB
110 KB
XHR
General
Full URL
https://lpapi.d-promo.com/survey/getSurveyData/32_questions.json/
Requested by
Host: us-nicdonalds-tp.yousweeps.com
URL: https://us-nicdonalds-tp.yousweeps.com/_next/static/chunks/pages/_app-41463df6f76f35e5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.28
Resource Hash
277ae862e92b0da4383b06533edfc3c839df8b6c14f519e374e7007993c7f175

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:36:41 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.28
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8xtPVwjXMoblmOgNG0QqPISSXdZGEu1QrDM0YiQqM97b2gGYXQ%2FFflQag6xlGs%2Bgx8vqCLU4xrJ%2Fnveo6wMHJH9%2B1a7N%2FBVCMaHF8STyOPVpaeIoyaBBz8IC7XU5utDMrKm5fIWyQMcgn9b6HQ%2FAJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
https://us-nicdonalds-tp.yousweeps.com
access-control-allow-credentials
true
cf-ray
897eb04b9dc41db0-FRA
alt-svc
h3=":443"; ma=86400
/
lpapi.d-promo.com/survey/getSurveyData/32_ads.json/
462 KB
118 KB
XHR
General
Full URL
https://lpapi.d-promo.com/survey/getSurveyData/32_ads.json/
Requested by
Host: us-nicdonalds-tp.yousweeps.com
URL: https://us-nicdonalds-tp.yousweeps.com/_next/static/chunks/pages/_app-41463df6f76f35e5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.28
Resource Hash
db35bc33d6843f825271fa2a5b54b66b81d8640072922a69a03bfd7f45bdd588

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:36:41 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.28
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nnbDizid0mj3coDMDf9AiLsep5LWEH8F9%2FXR89RezFc4ORAEtY2Lyp8vR6I2a0uV0ex8Z%2BLtz1LSiLji4w%2F3%2FsP%2FqyARrpaGxLoex%2Bqoxs6NBv7txYA5I4nTGk5jTkCTwrmla92%2BTXM%2BWbllhKea0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
https://us-nicdonalds-tp.yousweeps.com
access-control-allow-credentials
true
cf-ray
897eb04b9dbf1db0-FRA
alt-svc
h3=":443"; ma=86400
/
lpapi.d-promo.com/survey/getSurveyData/32_cosponsors.json/
27 KB
6 KB
XHR
General
Full URL
https://lpapi.d-promo.com/survey/getSurveyData/32_cosponsors.json/
Requested by
Host: us-nicdonalds-tp.yousweeps.com
URL: https://us-nicdonalds-tp.yousweeps.com/_next/static/chunks/pages/_app-41463df6f76f35e5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.28
Resource Hash
61fcb24f36b5cb086c3d9e3b093b7fddf545cb8693182097e0744472c588780a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:36:41 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.28
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X94CPxBx%2BI9wXiu4jhSltz2e9NX3Zp%2Fldzuf7PdcGjoLiJ4MrWMvPkldBvOaysR60npU6DPLsP77AX1xjXuu6kKeX3kmHZKSnjDKZbBWVzk8JQWSl9lcAyNhvScYQdGkaGgRizAIOIggXJEuYVCUoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
https://us-nicdonalds-tp.yousweeps.com
access-control-allow-credentials
true
cf-ray
897eb04b9dc21db0-FRA
alt-svc
h3=":443"; ma=86400
undefined
us-nicdonalds-tp.yousweeps.com/
2 KB
1 KB
Other
General
Full URL
https://us-nicdonalds-tp.yousweeps.com/undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
1c8bba335f3ca747328b7868ad08d220cf8e142b6b96b704579f2aff956c9ff2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:36:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-do-app-origin
4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status
404
x-powered-by
Next.js
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0m40jmBwFiurMrl5%2BftnKmBH0B5ke%2Fk%2Bqux%2BWc9Eon0E448w4GH7vn0BODT%2FBfS0iQdQxdik1KYW%2FGEu0yUAsQmZ%2FaVLDmDWSBMceSsAKmBjIEF4VOgXlfeDSxfVAMKPMjO7UtY4WbTSzaNWxycsjKNEe%2Ft8uVoIBsEtR2Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-ray
897eb04b4d982bae-FRA
alt-svc
h3=":443"; ma=86400
pushNami.js
us-nicdonalds-tp.yousweeps.com/scripts/
1 KB
980 B
Script
General
Full URL
https://us-nicdonalds-tp.yousweeps.com/scripts/pushNami.js
Requested by
Host: us-nicdonalds-tp.yousweeps.com
URL: https://us-nicdonalds-tp.yousweeps.com/_next/static/chunks/main-3ddcad86c0b8c094.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
457b799d17a3c96d2bd5d8cea31f1329934862663740f0bc6807b1e4a9997a12

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:36:41 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status
200
etag
W/"432-49773873e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ptBnKtJWFCs4qtVlwW84UK%2FTvkSTgOKQFVoIUGMiaMWIrWscr8JpoDXgKLZXcyC0UcwUONzZZOHG8q2fBnYZpXL8rq3kX7mqyb1yPF0Ea411w2vFP8sgXvDPz0dY921zynnpFtR6WRDLKDU4Zb5pX5d6hWdOiy2AhecWvyQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
server
cloudflare
cache-control
public, max-age=14400
cf-ray
897eb04b4d9e2bae-FRA
alt-svc
h3=":443"; ma=86400
bootstrap.js
cdn.trustedform.com/
Redirect Chain
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17190850014750.10690166257036449&invert_field_sensitivity=false
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17190850014750.10690166257036449&invert_field_sensitivity=false
16 KB
6 KB
Script
General
Full URL
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17190850014750.10690166257036449&invert_field_sensitivity=false
Protocol
H2
Server
2600:9000:26db:3000:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5bd89bfca3ca1cb53de9cf357ddc8e0e2041837783db4d49995cfb5ddd4acbc9

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://us-nicdonalds-tp.yousweeps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 22 Jun 2024 19:36:43 GMT
x-amz-version-id
USH.kGm.LW1lWf1QLkIlyNzwTMcmWmXb
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 20:45:19 GMT
server
AmazonS3
via
1.1 66e1af4a9e82225c770ca97b3baaf86e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
etag
W/"7714c59720fe363c09fbb7ada2282741"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
l3YRr8Hbm4LhQqp6y2XdESuulnkwus6VXY7_eKd32EvcC28OGbkyqg==

Redirect headers

location
https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17190850014750.10690166257036449&invert_field_sensitivity=false
date
Sat, 22 Jun 2024 19:36:41 GMT
server
awselb/2.0
content-length
134
content-type
text/html
a62329fc-b047-95ca-1835-43098649ff47.js
create.lidstatic.com/campaign/
121 KB
39 KB
Script
General
Full URL
https://create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2
Requested by
Host: us-nicdonalds-tp.yousweeps.com
URL: https://us-nicdonalds-tp.yousweeps.com/_next/static/chunks/pages/_app-41463df6f76f35e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:26b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e821beaa30c8849331b42d715e3b019cd97633fb3bad5aa3dfc3a6ba2f586898

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:36:41 GMT
x-amz-version-id
.CbreCnc.Mp5ld_oVdN4pJoyDQutiv81
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
SHBNXC8CZSEGECAZ
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
894GOuMVHYstdcJXtyss3IKsCK0tctEAZmMlB1miAiW8W0BksyWDA9Rn+BSRSArllpTzcLaHnpyFI1Oo9VmVj08d6FKGhiAQO3a6TImkc28=
last-modified
Thu, 18 Jan 2024 00:52:56 GMT
server
cloudflare
etag
W/"1de8777c60debe293fbb8f8e4c4a78eb"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
897eb04bab5b1953-FRA
1583405593_mcd-card.png
im.us-imageo.com/upload/
167 KB
167 KB
Other
General
Full URL
https://im.us-imageo.com/upload/1583405593_mcd-card.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:becd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce65d119672dcb85894dd0e68bd36f865b5639ff031523ffd08e5ffc3feaeee2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:36:41 GMT
cf-cache-status
MISS
last-modified
Thu, 05 Mar 2020 10:53:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5e60da19-29b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=By7SEwmzJwpoSbOgxEL1W2RNrjdErDyl75%2F4rXrknIVyl%2BkCmfkgo%2FdInj6uAUEqp9fUypPoxhP4eqgEbEilwgWFzA5N7IHKMnCAO8ND3n6IJq8xMYTwoZFYHEXMQqA0OfiP%2BdjZxzzFv1hQY708"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
897eb04bb94fa070-FRA
alt-svc
h3=":443"; ma=86400
content-length
170803
62a7807cf9e9090013c65cc7
api.pushnami.com/scripts/v1/pushnami-adv/
100 KB
21 KB
Script
General
Full URL
https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Requested by
Host: us-nicdonalds-tp.yousweeps.com
URL: https://us-nicdonalds-tp.yousweeps.com/scripts/pushNami.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-93.muc50.r.cloudfront.net
Software
/
Resource Hash
db447bf963a600e4e3d7cd0f205fb95e32bfb748b5e292934c893ccf4a19ac33

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:34:16 GMT
content-encoding
gzip
via
1.1 de8b46af7190cc021fd8b12be6996a2e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
age
144
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
no-cache
x-amz-cf-id
tLNnyLqY3QgJYIzrKQhq4hBlQCP9NII9E32DRt7D--Dd0806gKKvxg==
4091.f0c43bc96fd55008.js
us-nicdonalds-tp.yousweeps.com/_next/static/chunks/
4 KB
2 KB
Script
General
Full URL
https://us-nicdonalds-tp.yousweeps.com/_next/static/chunks/4091.f0c43bc96fd55008.js
Requested by
Host: us-nicdonalds-tp.yousweeps.com
URL: https://us-nicdonalds-tp.yousweeps.com/_next/static/chunks/webpack-11741ab7930e7a04.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46dde747d6abe6e17e15ac45e335d7c3e0c7ff2db2a42d2d9f260d69c87b479b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:36:41 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status
200
etag
W/"111b-49773873e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XHgbT2sctbfPMG8oAzcgor5cO4ldFiqBRKzqbVfhHw960OqOH2Zk5KptCbcldWc4eVv%2BwQJ75hW25K6R%2BYIq6uhmkMKrJDzTYfhn%2B2aI60bZmsgQIxpTWa0TBKS7yyS7xLXn%2FVDW0TGvLlaBGvFq9yZSySpDdUp3DZl5Zt4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
server
cloudflare
cache-control
public, max-age=31536000, immutable
cf-ray
897eb04d18bd2bae-FRA
alt-svc
h3=":443"; ma=86400
3426.38fe6a01b318fc64.js
us-nicdonalds-tp.yousweeps.com/_next/static/chunks/
7 KB
3 KB
Script
General
Full URL
https://us-nicdonalds-tp.yousweeps.com/_next/static/chunks/3426.38fe6a01b318fc64.js
Requested by
Host: us-nicdonalds-tp.yousweeps.com
URL: https://us-nicdonalds-tp.yousweeps.com/_next/static/chunks/webpack-11741ab7930e7a04.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93b32316ad4590a422b8d48c79ee3461b147c8f2222a26567abdca6f35a8b459

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:36:41 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status
200
etag
W/"1dd7-49773873e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GYjOjlf%2FFkd8ydcRQO8tXyqLxjZ8w3PPTWLTr75C7iQSoc8%2FikzqXspmbRQrIDgkBmOWZj3%2FhiezvE8vK%2BaXO%2F3Uc6virQZZTFQIoRvBEgOfy75wEcK8m8yQpXWCcc3X5JexH6%2FcaDjcPmCkSlknNRGWnoiYMuMIBvnhNXk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
server
cloudflare
cache-control
public, max-age=31536000, immutable
cf-ray
897eb04d18c22bae-FRA
alt-svc
h3=":443"; ma=86400
8910.a14c5ff2f5f3bf45.js
us-nicdonalds-tp.yousweeps.com/_next/static/chunks/
1 KB
999 B
Script
General
Full URL
https://us-nicdonalds-tp.yousweeps.com/_next/static/chunks/8910.a14c5ff2f5f3bf45.js
Requested by
Host: us-nicdonalds-tp.yousweeps.com
URL: https://us-nicdonalds-tp.yousweeps.com/_next/static/chunks/webpack-11741ab7930e7a04.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3173a996da5d9c0d9c981e92a33d3213387392e5af5b395546f23dedb2e39f38

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:36:41 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status
200
etag
W/"483-49773873e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JT%2Fjb1wcmR1ogWEOvbAJEkbP2vBCvsb05Z9JUg3qeWv1TBVqmCuoKeNwRG5SsVzTa615T3AM1CCj43Q7E%2BaRQaKhtFp0H0YqucnKj79UH%2FzD4zkrykZ9ozkQFUpSnIl8JQQeOVL3sNvR3Ek4cIJh3amtLdENNQAOtXnHQh0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
server
cloudflare
cache-control
public, max-age=31536000, immutable
cf-ray
897eb04d18c32bae-FRA
alt-svc
h3=":443"; ma=86400
image
us-nicdonalds-tp.yousweeps.com/_next/
66 KB
67 KB
Image
General
Full URL
https://us-nicdonalds-tp.yousweeps.com/_next/image?url=https%3A%2F%2Fim.us-imageo.com%2Fupload%2F1583405715_mcd-card.png&w=750&q=100
Requested by
Host: us-nicdonalds-tp.yousweeps.com
URL: https://us-nicdonalds-tp.yousweeps.com/_next/static/chunks/main-3ddcad86c0b8c094.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c59eb21c0c8c601499fbd301526eaaf8e5cc75b688e53f693108bc34e28185c
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:36:41 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status
200
x-nextjs-cache
STALE
content-disposition
inline; filename="1583405715_mcd-card.webp"
alt-svc
h3=":443"; ma=86400
content-length
68028
server
cloudflare
etag
DFnrIcDIxgFJn70wFSbqr45cx1tojlP2kxCLw04oGFw=
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zyiX5bJ8eWnGvHWoByn8qw2oEgE7rO6gOWevnSVOTwTmoO%2FYzVcCa2GVa03TBOCrjIiptqbo9v3WqJBi6c0ut%2BeXCr5fXLmzjLZZJT5bKXxaQM3N76bEooeJrG7RWUMhu5Fd4WP6qsyFh8sOWA%2FExy7ocLSGpn%2B8lIiV3Ok%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=14400, must-revalidate
cf-ray
897eb04d18c52bae-FRA
1583405706_bg.jpg
im.us-imageo.com/upload/
294 KB
295 KB
Image
General
Full URL
https://im.us-imageo.com/upload/1583405706_bg.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:becd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd1f8712d7aa82a99e723b9fd25a312548382d5af7b501c1c1ee6095243f7ca2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:36:41 GMT
cf-cache-status
MISS
last-modified
Thu, 05 Mar 2020 10:55:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5e60da8a-497ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jIfnmXCxcSJsu0unbz%2B7snwVY5IrlstMjQeF%2F%2Fw0OolrsWLUbgaH8NaqvByr8oH0a9N0jpxZ3hxdbxLwBOzImuCdl6uwwuVAro5toargo9gD%2BbWH3uENRk1xUC9geDST6Qf5hw9e%2FXkfAWmOffCM"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
897eb04d1beaa070-FRA
alt-svc
h3=":443"; ma=86400
content-length
301034
7f53015bcc551548-s.p.woff2
us-nicdonalds-tp.yousweeps.com/_next/static/media/
11 KB
11 KB
Font
General
Full URL
https://us-nicdonalds-tp.yousweeps.com/_next/static/media/7f53015bcc551548-s.p.woff2
Requested by
Host: us-nicdonalds-tp.yousweeps.com
URL: https://us-nicdonalds-tp.yousweeps.com/_next/static/css/e8a71ef503c5cc21.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ce74486e1edf5e3a7f3d0235aff5fd17b7fa0c7832648ab170a516bb1b804a8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/_next/static/css/e8a71ef503c5cc21.css
Origin
https://us-nicdonalds-tp.yousweeps.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:36:42 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status
200
alt-svc
h3=":443"; ma=86400
content-length
11340
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
cloudflare
etag
W/"2c4c-49773873e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lhg2bM8yTg5bxStZ1jzaALPPfl221iQ5UL7LO9LYLm2jAGxIBuRuBqfkwLW6jYLwrLkzEn2C8RhzU%2FlVGHjx1276SHdVQHUXRTj71yGzKEh%2Blqnnh1l6UTIyKEgOx9cNWbYc6uqjh1zqalUO1e69gmjFPxTfqsAY3snHNQc%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
897eb04d18cb2bae-FRA
image
us-nicdonalds-tp.yousweeps.com/_next/
23 KB
23 KB
Image
General
Full URL
https://us-nicdonalds-tp.yousweeps.com/_next/image?url=https%3A%2F%2Fim.us-imageo.com%2Fupload%2F1555423941_food_stuff.png&w=640&q=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19ae34a4c671221184ff107cb8693a65dfc78b7d440aee980c0512aad9648bfa
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:36:41 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status
200
x-nextjs-cache
STALE
content-disposition
inline; filename="1555423941_food_stuff.webp"
alt-svc
h3=":443"; ma=86400
content-length
23554
server
cloudflare
etag
Ga40pMZxIhGE-xB8uGk6Zd-Hi31ECu6YDAUSqtlki-o=
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tKcK04YvbnIQtLUcdUy7T5lhv1UzozJTZaBzVdp%2FrMlFeVZdQyq01bN0HPTIULG2D8q8n37%2FuOL9r1p7Kod0NqxVIPqbnx2%2Bnf%2B8Lw5nHql1ty4cQ9QPhvwu56dg7jSoOcJCZrb8gCWFcoruqCnxDGu%2FPQeKkzF2qZHsc28%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=14400, must-revalidate
cf-ray
897eb04d28d52bae-FRA
fcm-v1-module.019781ec7a1c97363e85.bundle.js
cdn.pushnami.com/js/modules/
46 KB
15 KB
Script
General
Full URL
https://cdn.pushnami.com/js/modules/fcm-v1-module.019781ec7a1c97363e85.bundle.js
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b41d7402cbdab32acba31cfdd479730c74b7527fa7c881b0486098bd1a895607

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
DKNNXfrKVNQFoskvuTtbaAOVbVs0JYVO
content-encoding
gzip
via
1.1 abf6c055b398b223d7325958955066c0.cloudfront.net (CloudFront)
date
Sat, 22 Jun 2024 19:22:07 GMT
last-modified
Fri, 10 May 2024 21:23:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
875
x-amz-server-side-encryption
AES256
etag
W/"09467cbbdfbe0b4f7131476215348a19"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
h7vjM8MouTNREYpPZuCNYTGv_snYTopWEIoZdqwvGSrmHygrSmH1JQ==
hub
api.pushnami.com/scripts/v1/ Frame 1241
0
0
Document
General
Full URL
https://api.pushnami.com/scripts/v1/hub
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-20.muc50.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' *
X-Content-Security-Policy default-src 'unsafe-inline' *

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://us-nicdonalds-tp.yousweeps.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET,PUT,POST,DELETE
access-control-allow-origin
*
age
1749
cache-control
no-cache
content-encoding
gzip
content-security-policy
default-src 'unsafe-inline' *
content-type
text/html; charset=utf-8
date
Sat, 22 Jun 2024 19:07:32 GMT
vary
accept-encoding
via
1.1 ed0321bab00e6823808eaacb7b137e08.cloudfront.net (CloudFront)
x-amz-cf-id
jVGXW4dqiDpPG0viK4A4ivQ2YrAQ1POC6hgUFYX2yn5a_cAiF2hxYw==
x-amz-cf-pop
MUC50-P4
x-cache
Hit from cloudfront
x-content-security-policy
default-src 'unsafe-inline' *
x-webkit-csp
default-src 'unsafe-inline' *
GenerateToken
create.leadid.com/2.12.1/
36 B
658 B
XHR
General
Full URL
https://create.leadid.com/2.12.1/GenerateToken?msn=1&pid=e92d8e75-81ee-485d-9eee-66074573b4f9&_=408395153
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.173.117.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-117-0.compute-1.amazonaws.com
Software
nginx /
Resource Hash
748db475f4643b7c7deed41ebd906f47ca099868d18b405a34dce370a5513d17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 22 Jun 2024 19:36:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
psfpv4_client_1.126.1_1972ad39bab3c8f1331e288e27e211c34b421bdd275cf6d126a0630d2027683f.js
cdn.pushnami.com/js/exp/
332 KB
333 KB
Script
General
Full URL
https://cdn.pushnami.com/js/exp/psfpv4_client_1.126.1_1972ad39bab3c8f1331e288e27e211c34b421bdd275cf6d126a0630d2027683f.js
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1972ad39bab3c8f1331e288e27e211c34b421bdd275cf6d126a0630d2027683f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
fqZJi451IsZ4b9ZE97VT.DK035kcgAxw
content-encoding
utf-8
via
1.1 abf6c055b398b223d7325958955066c0.cloudfront.net (CloudFront)
date
Sat, 22 Jun 2024 19:28:03 GMT
x-amz-cf-pop
FRA56-P11
age
519
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
339910
last-modified
Tue, 04 Jun 2024 21:56:41 GMT
server
AmazonS3
etag
"66394b4fbb861428f8db13d2f7ac0aab"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
x-amz-cf-id
JwNHtgleflNiUCqYfe0yvMCnwBgf3YdSzbFz3GCf66wZ_HNKwc7pzA==
7569.803336c3a23c48c4.js
us-nicdonalds-tp.yousweeps.com/_next/static/chunks/
13 KB
4 KB
Script
General
Full URL
https://us-nicdonalds-tp.yousweeps.com/_next/static/chunks/7569.803336c3a23c48c4.js
Requested by
Host: us-nicdonalds-tp.yousweeps.com
URL: https://us-nicdonalds-tp.yousweeps.com/_next/static/chunks/webpack-11741ab7930e7a04.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78c90f94b3117eb4f1ebf0a6f361bcb24775075080dd1b92b7d488c5a83cc6bf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:36:42 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status
200
etag
W/"3492-49773873e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ww5hj9ScMOHT2TMriblGyhMRZ2PS4XBtFLpm9wHZBQOIVOMtGxF80Z7jnL899DJkiOyyD%2Fue79L4L3E4X2vEGGvLeMwd4bPoCwr4OZqad2dDiQMf5wFDFjnKOPh733BpLsMN0X3rZVld0fO%2BKkMQAkNykI4KtAemfY0mk9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
server
cloudflare
cache-control
public, max-age=31536000, immutable
cf-ray
897eb04eaace2bae-FRA
alt-svc
h3=":443"; ma=86400
2273.d29b96049463d5e4.js
us-nicdonalds-tp.yousweeps.com/_next/static/chunks/
4 KB
2 KB
Script
General
Full URL
https://us-nicdonalds-tp.yousweeps.com/_next/static/chunks/2273.d29b96049463d5e4.js
Requested by
Host: us-nicdonalds-tp.yousweeps.com
URL: https://us-nicdonalds-tp.yousweeps.com/_next/static/chunks/webpack-11741ab7930e7a04.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fd227f0d7191499443b6585dcb31e46e90f8322ea64483f59d44c3f096ad6b3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:36:42 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status
200
etag
W/"107c-49773873e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y2SmQYu3SkwfzhVcuIbpPgSwxMxUvH67TBlaJyRF%2F8pIYYZRqGgKT1rXjOdevdIP8PZl8r3n2z10BSOMWbIb998F5T2kE6FOVP1SzeqHYTK8K5w0oCz9rEJzKHHj7Xs2T5D0gQhrKzstKHrlbLNY4QgIJFfa2hzgmHMLG%2BY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
server
cloudflare
cache-control
public, max-age=31536000, immutable
cf-ray
897eb04eaad32bae-FRA
alt-svc
h3=":443"; ma=86400
data
psp.pushnami.com/psfp/ Frame
0
0
Preflight
General
Full URL
https://psp.pushnami.com/psfp/data
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.233.149.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-149-30.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://us-nicdonalds-tp.yousweeps.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Sat, 22 Jun 2024 19:36:42 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
data
psp.pushnami.com/psfp/
61 B
220 B
Fetch
General
Full URL
https://psp.pushnami.com/psfp/data
Requested by
Host: cdn.pushnami.com
URL: https://cdn.pushnami.com/js/exp/psfpv4_client_1.126.1_1972ad39bab3c8f1331e288e27e211c34b421bdd275cf6d126a0630d2027683f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.233.149.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-149-30.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e50ffb9cfc4118ca497ab726ac58f7ae93bcf71de12d949e3b4c6fc22a1164ba

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/octet-stream

Response headers

access-control-allow-origin
*
date
Sat, 22 Jun 2024 19:36:42 GMT
x-powered-by
Express
content-length
61
etag
W/"3d-cDnfo67vfQqRBYKwM2yBrbW5q5A"
content-type
application/json; charset=utf-8
cf62dc41c37ae213-s.p.woff2
us-nicdonalds-tp.yousweeps.com/_next/static/media/
11 KB
12 KB
Font
General
Full URL
https://us-nicdonalds-tp.yousweeps.com/_next/static/media/cf62dc41c37ae213-s.p.woff2
Requested by
Host: us-nicdonalds-tp.yousweeps.com
URL: https://us-nicdonalds-tp.yousweeps.com/_next/static/css/e8a71ef503c5cc21.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6e8aec7ccc3eb5c11b1b26ddb6d10bffafd6c57f9841e8c8d2a7a869ff696d5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/_next/static/css/e8a71ef503c5cc21.css
Origin
https://us-nicdonalds-tp.yousweeps.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:36:42 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status
200
alt-svc
h3=":443"; ma=86400
content-length
11540
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
cloudflare
etag
W/"2d14-49773873e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QdyhR5xL4sJhIQmEULPqhhAV2%2Fi1QNS9FxWRRgd4NBD9%2FzWdKS5dvcHy5ch3cQvn%2FtwqLzhfXVFHmXBcNLJ0EdClP0sY1PPZ9BCOYigcYoPK1I1vi%2FTiSOEe4Wj8XBWAAt3fZ5tapXOUNNYdEgrYkFBlqdSAm2sWPdAtI88%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
897eb0505d912bae-FRA
certs
api.trustedform.com/
475 B
686 B
XHR
General
Full URL
https://api.trustedform.com/certs
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17190850014750.10690166257036449&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.226.230.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-226-230-157.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
24faae44c0b694afa85a26828de615c616d2fc0ff46ffdf53cede55cb199f793

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 Jun 2024 19:36:42 GMT
server
Cowboy
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
475
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame C5A2
0
0
Document
General
Full URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=2AA3ED76-9C89-5662-9C66-B9AC4BDCA8D6&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-225.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://us-nicdonalds-tp.yousweeps.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Headers
*
Access-Control-Allow-Origin
*
Age
47521
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 22 Jun 2024 06:24:58 GMT
Etag
W/"65a0715c-dbb"
Last-Modified
Thu, 11 Jan 2024 22:53:16 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Via
1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
X-Amz-Cf-Id
kTJ6MPKOHVEwt_PwluCfHO0i1cVtcsBdTNR7aOSVm-6jmfl6sYkRHw==
X-Amz-Cf-Pop
FRA56-C2
X-Cache
Hit from cloudfront
SaveDom
create.leadid.com/2.12.1/
0
623 B
XHR
General
Full URL
https://create.leadid.com/2.12.1/SaveDom?msn=2&pid=e92d8e75-81ee-485d-9eee-66074573b4f9&token=2AA3ED76-9C89-5662-9C66-B9AC4BDCA8D6&_=408395154
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.173.117.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-117-0.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 22 Jun 2024 19:36:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
InitFormData
create.leadid.com/2.12.1/
0
623 B
XHR
General
Full URL
https://create.leadid.com/2.12.1/InitFormData?msn=3&pid=e92d8e75-81ee-485d-9eee-66074573b4f9&token=2AA3ED76-9C89-5662-9C66-B9AC4BDCA8D6&_=408395155
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.173.117.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-117-0.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 22 Jun 2024 19:36:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
Snap
create.leadid.com/2.12.1/
0
622 B
XHR
General
Full URL
https://create.leadid.com/2.12.1/Snap?msn=4&pid=e92d8e75-81ee-485d-9eee-66074573b4f9&token=2AA3ED76-9C89-5662-9C66-B9AC4BDCA8D6&_=408395156
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.173.117.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-117-0.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 22 Jun 2024 19:36:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
trustedform-1.9.17.js
cdn.trustedform.com/
94 KB
36 KB
Script
General
Full URL
https://cdn.trustedform.com/trustedform-1.9.17.js
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17190850014750.10690166257036449&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:3000:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f3261b41b272b75587ac413fafb9b6ffd836858578557f32bea87b143dd0169

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
yPCS4iNdfsh5BqX6qtsN5d5eM3wY99Uk
content-encoding
gzip
via
1.1 66e1af4a9e82225c770ca97b3baaf86e.cloudfront.net (CloudFront)
date
Sat, 22 Jun 2024 19:36:42 GMT
last-modified
Thu, 06 Jun 2024 20:45:19 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P3
age
21
etag
W/"8bed3069af20b4729a119828224df24b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
fsV8CVBE4bMrJyzQcs1Q6Jiro-AcmYNgWYyndmVdNI1HO8BNMQG4yA==
snapshot
api.trustedform.com/certs/e7a20a045a521ee7d2d799cebe41a3be5cea55d9/
0
159 B
XHR
General
Full URL
https://api.trustedform.com/certs/e7a20a045a521ee7d2d799cebe41a3be5cea55d9/snapshot
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.17.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.226.230.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-226-230-157.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sat, 22 Jun 2024 19:36:42 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
fingerprints
api.trustedform.com/certs/e7a20a045a521ee7d2d799cebe41a3be5cea55d9/
0
159 B
XHR
General
Full URL
https://api.trustedform.com/certs/e7a20a045a521ee7d2d799cebe41a3be5cea55d9/fingerprints
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.17.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.226.230.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-226-230-157.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sat, 22 Jun 2024 19:36:42 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
image
us-nicdonalds-tp.yousweeps.com/_next/
66 KB
0
Image
General
Full URL
https://us-nicdonalds-tp.yousweeps.com/_next/image?url=https%3A%2F%2Fim.us-imageo.com%2Fupload%2F1583405715_mcd-card.png&w=750&q=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c59eb21c0c8c601499fbd301526eaaf8e5cc75b688e53f693108bc34e28185c
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 19:36:41 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status
200
x-nextjs-cache
STALE
content-disposition
inline; filename="1583405715_mcd-card.webp"
alt-svc
h3=":443"; ma=86400
content-length
68028
server
cloudflare
etag
DFnrIcDIxgFJn70wFSbqr45cx1tojlP2kxCLw04oGFw=
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zyiX5bJ8eWnGvHWoByn8qw2oEgE7rO6gOWevnSVOTwTmoO%2FYzVcCa2GVa03TBOCrjIiptqbo9v3WqJBi6c0ut%2BeXCr5fXLmzjLZZJT5bKXxaQM3N76bEooeJrG7RWUMhu5Fd4WP6qsyFh8sOWA%2FExy7ocLSGpn%2B8lIiV3Ok%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=14400, must-revalidate
cf-ray
897eb04d18c52bae-FRA
truncated
/
10 KB
10 KB
Other
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
psp
psp.pushnami.com/api/
2 B
152 B
Fetch
General
Full URL
https://psp.pushnami.com/api/psp
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.233.149.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-149-30.compute-1.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/x-www-form-urlencoded
accept
application/json, text/plain, */*
Referer
https://us-nicdonalds-tp.yousweeps.com/
key
62a7807cf9e9090013c65cc7
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sat, 22 Jun 2024 19:36:42 GMT
x-powered-by
Express
content-length
2
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type
text/html; charset=utf-8
psp
psp.pushnami.com/api/ Frame
0
0
Preflight
General
Full URL
https://psp.pushnami.com/api/psp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.233.149.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-149-30.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
key
Access-Control-Request-Method
POST
Origin
https://us-nicdonalds-tp.yousweeps.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
key
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Sat, 22 Jun 2024 19:36:42 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
check
fpc.pushnami.com/psfp/3000d0ea-045a-4e6e-94eb-c74153267a1d/
0
0
Fetch
General
Full URL
https://fpc.pushnami.com/psfp/3000d0ea-045a-4e6e-94eb-c74153267a1d/check?websiteId=62a7807cf9e9090013c65cc6&psfpv4=248d09eb-7211-586b-b80c-73b2285e6ee6
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.209.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-209-42.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sat, 22 Jun 2024 19:36:43 GMT
content-length
0
vary
Origin
x-request-id
aINpdNyAinQbjg6bnA366iWaGttkbmT9
track
trc.pushnami.com/api/push/
2 B
168 B
Fetch
General
Full URL
https://trc.pushnami.com/api/push/track
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.49.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-49-66.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/x-www-form-urlencoded
accept
application/json, text/plain, */*
Referer
https://us-nicdonalds-tp.yousweeps.com/
key
62a7807cf9e9090013c65cc7
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sat, 22 Jun 2024 19:36:43 GMT
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
content-length
2
content-type
text/html; charset=utf-8
track
trc.pushnami.com/api/push/ Frame
0
0
Preflight
General
Full URL
https://trc.pushnami.com/api/push/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.49.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-49-66.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
key
Access-Control-Request-Method
POST
Origin
https://us-nicdonalds-tp.yousweeps.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
cache-control
no-cache
date
Sat, 22 Jun 2024 19:36:43 GMT
track
trc.pushnami.com/api/push/
2 B
168 B
Fetch
General
Full URL
https://trc.pushnami.com/api/push/track
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.49.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-49-66.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/x-www-form-urlencoded
accept
application/json, text/plain, */*
Referer
https://us-nicdonalds-tp.yousweeps.com/
key
62a7807cf9e9090013c65cc7
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sat, 22 Jun 2024 19:36:43 GMT
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
content-length
2
content-type
text/html; charset=utf-8
track
trc.pushnami.com/api/push/ Frame
0
0
Preflight
General
Full URL
https://trc.pushnami.com/api/push/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.49.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-49-66.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
key
Access-Control-Request-Method
POST
Origin
https://us-nicdonalds-tp.yousweeps.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
cache-control
no-cache
date
Sat, 22 Jun 2024 19:36:43 GMT
events
api.trustedform.com/certs/e7a20a045a521ee7d2d799cebe41a3be5cea55d9/
0
159 B
XHR
General
Full URL
https://api.trustedform.com/certs/e7a20a045a521ee7d2d799cebe41a3be5cea55d9/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.17.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.226.230.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-226-230-157.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://us-nicdonalds-tp.yousweeps.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sat, 22 Jun 2024 19:36:43 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 undefined| event object| fence object| sharedStorage object| webpackChunk_N_E function| __next_set_public_path__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| __NEXT_PRELOADREADY object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST object| FontAwesomeConfig object| ___FONT_AWESOME___ object| isRollbar object| pushWrap function| pnFirebaseModuleInterfaceInstantiator object| pnFirebaseModuleInterface function| showFbChkOptIn object| mailnamiPromptModule undefined| o object| mailnami function| CrossStorageClient object| pushnamiStorage function| uuid object| Pushnami object| LeadiDconfig object| LeadiD object| pnFirebaseImpl object| Psfp object| trustedForm function| trustedFormStartRecording function| trustedFormStopRecording string| label string| id boolean| sensitiveData object| defaultStyleFrame object| regeneratorRuntime function| trustedFormNext

8 Cookies

Domain/Path Name / Value
.znqroot.com/ Name: sid
Value: Ok+uzN22DArDDzunjH2sAcjIsPCvzZOh2eKMghahHKE3go5NibskWg==
.znqroot.com/ Name: trk
Value: TxVzuTTXcQaLwrWKFDjW0sjIsPCvzZOh2eKMghahHKE3go5NibskWg==
.znqroot.com/ Name: c24331
Value: Ok+uzN22DAqXpRJ0p0KNQFahI8z6GUVeLxOv1OF3E94p0xs3iRZxxg==
us-nicdonalds-tp.yousweeps.com/ Name: leadid_token-B45AA041-3C06-BF07-E07C-262147A32593-A62329FC-B047-95CA-1835-43098649FF47
Value: 2AA3ED76-9C89-5662-9C66-B9AC4BDCA8D6
.trueleadid.com/ Name: nlbi_3051494
Value: 65KsCgEiKE/+4OLlC30iGwAAAAAl33xj3y4tatlU9VVzT7tF
.trueleadid.com/ Name: visid_incap_3051494
Value: xZdwUux6SqmEiwDSesCd5Mknd2YAAAAAQUIPAAAAAAAgbcNEVcz4b5A92P5gv5Y0
.trueleadid.com/ Name: incap_ses_246_3051494
Value: 8muSCpuRIk1U8sQTxfdpA8knd2YAAAAA+rVC5U5yxUBgg04Jpu8tyw==
.deviceid.trueleadid.com/ Name: uuid
Value: 0867ffbeaaa6436db2f86dcd032f2962

2 Console Messages

Source Level URL
Text
network error URL: https://us-nicdonalds-tp.yousweeps.com/undefined
Message:
Failed to load resource: the server responded with a status of 404 ()
network error
Message:
The script resource is behind a redirect, which is disallowed.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.pushnami.com
api.trustedform.com
cdn.pushnami.com
cdn.trustedform.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
fonts.googleapis.com
fpc.pushnami.com
frstafflinks.com
im.us-imageo.com
lpapi.d-promo.com
psp.pushnami.com
trc.pushnami.com
us-nicdonalds-tp.yousweeps.com
znqroot.com
13.32.23.225
18.173.187.20
18.173.187.93
18.233.149.30
18.244.18.36
2600:9000:26db:3000:1c:7f1a:6680:93a1
2606:4700:10::6816:26b6
2606:4700:3035::ac43:becd
2a00:1450:4001:80e::200a
2a06:98c1:3120::3
3.226.49.66
34.193.209.42
34.252.193.177
54.173.117.0
54.226.230.157
0c59eb21c0c8c601499fbd301526eaaf8e5cc75b688e53f693108bc34e28185c
1972ad39bab3c8f1331e288e27e211c34b421bdd275cf6d126a0630d2027683f
19ae34a4c671221184ff107cb8693a65dfc78b7d440aee980c0512aad9648bfa
1c8bba335f3ca747328b7868ad08d220cf8e142b6b96b704579f2aff956c9ff2
1ce74486e1edf5e3a7f3d0235aff5fd17b7fa0c7832648ab170a516bb1b804a8
1f3261b41b272b75587ac413fafb9b6ffd836858578557f32bea87b143dd0169
1fd227f0d7191499443b6585dcb31e46e90f8322ea64483f59d44c3f096ad6b3
24faae44c0b694afa85a26828de615c616d2fc0ff46ffdf53cede55cb199f793
277ae862e92b0da4383b06533edfc3c839df8b6c14f519e374e7007993c7f175
3173a996da5d9c0d9c981e92a33d3213387392e5af5b395546f23dedb2e39f38
457b799d17a3c96d2bd5d8cea31f1329934862663740f0bc6807b1e4a9997a12
46dde747d6abe6e17e15ac45e335d7c3e0c7ff2db2a42d2d9f260d69c87b479b
51761027c3827b6b88ec1c7e38560edbd92e1422281d5ced264dffc63ab85e09
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5bd89bfca3ca1cb53de9cf357ddc8e0e2041837783db4d49995cfb5ddd4acbc9
61fcb24f36b5cb086c3d9e3b093b7fddf545cb8693182097e0744472c588780a
6ccf543350d6a4c5910bb8557058274fc37430426790eef4df9c1bf9aea667cd
6fdce03581ff3c80e558493f365b4b65c46dacd4bdd507d9e00eefc964db4622
748db475f4643b7c7deed41ebd906f47ca099868d18b405a34dce370a5513d17
78c90f94b3117eb4f1ebf0a6f361bcb24775075080dd1b92b7d488c5a83cc6bf
7d74bdd6d4a41d352668bd82d267ab63420ecf7e805d0bc55ed885bb26789b72
808eb1aa1ec1ee07e101b17e80454b47790ca3ad7079a19bf31edd6152fea2f2
8bca92b278d68953e3f3e9bd23b31caabd8f3286f2ffc6c72239db68b7e02377
93b32316ad4590a422b8d48c79ee3461b147c8f2222a26567abdca6f35a8b459
9f8286214f7f23287908ec2c6da7f8ea5ed67fef0bd3a7d70eead2411033b8dd
a6e8aec7ccc3eb5c11b1b26ddb6d10bffafd6c57f9841e8c8d2a7a869ff696d5
af8fdf6bc206540ea16c7d0eb9a03faad5409b6ec70e0f3b08579a13833e0a39
b41d7402cbdab32acba31cfdd479730c74b7527fa7c881b0486098bd1a895607
c085969288e366f115fd6ba1c93ce5c3ffecb65f6298a770385e192872f96252
cd1f8712d7aa82a99e723b9fd25a312548382d5af7b501c1c1ee6095243f7ca2
ce65d119672dcb85894dd0e68bd36f865b5639ff031523ffd08e5ffc3feaeee2
cf07a2a6a6c1c600afbfb8739b6f2a8bea34d72756b0ae300ece18ae75a7655b
cf6146e8d117267208f21f3e0cd443cc862b2f9610c1cbbb3b1629ef034d3bed
db35bc33d6843f825271fa2a5b54b66b81d8640072922a69a03bfd7f45bdd588
db447bf963a600e4e3d7cd0f205fb95e32bfb748b5e292934c893ccf4a19ac33
e1ab66a7491b6307e5fdc14fbd5b0de4ecac697c38c3ef15ff140b976dc00720
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50ffb9cfc4118ca497ab726ac58f7ae93bcf71de12d949e3b4c6fc22a1164ba
e821beaa30c8849331b42d715e3b019cd97633fb3bad5aa3dfc3a6ba2f586898
ec6cc28f8d2572a43b7e58d7a7184cc496f1c184c738509a5fbaf2721a2e4b6a
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
f1036349b737b04f9ba1daa25245bfa92f457671f07a07be75954c989e147056
f39166fb546e406c041b9ca885a8d10167fc489929996c697ec6de8365d2788b
f90de736f6ff83da489522cee313c012ce3309322e062293f92680c64489f151