us-bg-cash.lpus.beyondgiveaways.com Open in urlscan Pro
172.66.0.96 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://noscrublinks.com/?a=3311&oc=37365&c=70676&m=7&s1=46&s2=57beaa6e957e43938d278cd685dd9685
Effective URL:
https://us-bg-cash.lpus.beyondgiveaways.com/
Submission: On October 23 via api (October 23rd 2024, 4:56:33 pm UTC) from US — Scanned from US

Summary HTTP 51 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 15 domains to perform 51 HTTP transactions. The main IP is 172.66.0.96, located in United States and belongs to CLOUDFLARENET, US. The main domain is us-bg-cash.lpus.beyondgiveaways.com.
TLS certificate: Issued by WE1 on October 11th 2024. Valid for: 3 months.

This is the only time us-bg-cash.lpus.beyondgiveaways.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 3	52.211.8.148 52.211.8.148	16509 (AMAZON-02) (AMAZON-02)
2	104.21.73.192 104.21.73.192	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.251.32.74 142.251.32.74	15169 (GOOGLE) (GOOGLE)
1	104.21.55.147 104.21.55.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	52.85.61.70 52.85.61.70	16509 (AMAZON-02) (AMAZON-02)
6	104.21.59.242 104.21.59.242	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.164.124.33 18.164.124.33	16509 (AMAZON-02) (AMAZON-02)
2	13.249.91.120 13.249.91.120	16509 (AMAZON-02) (AMAZON-02)
1	18.164.124.56 18.164.124.56	16509 (AMAZON-02) (AMAZON-02)
13	172.66.0.96 172.66.0.96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	3.213.207.248 3.213.207.248	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.190.106 142.250.190.106	15169 (GOOGLE) (GOOGLE)
51	12

3 52.211.8.148 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-8-148.eu-west-1.compute.amazonaws.com

noscrublinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
link2offer.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
znqroot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.73.192 (None, )

ASN13335 (CLOUDFLARENET, US)

p.t71.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.32.74 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: yyz12s07-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.55.147 (None, )

ASN13335 (CLOUDFLARENET, US)

apidata.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.85.61.70 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-70.ewr53.r.cloudfront.net

app.logictree.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.21.59.242 (None, )

ASN13335 (CLOUDFLARENET, US)

secure.aiprocessonline.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.124.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-33.jfk50.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.249.91.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-91-120.jfk52.r.cloudfront.net

cdn.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.124.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-56.jfk50.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.66.0.96 (United States)

ASN13335 (CLOUDFLARENET, US)

us-bg-cash.lpus.beyondgiveaways.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.213.207.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-207-248.compute-1.amazonaws.com

psp.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.190.106 (United States)

ASN15169 (GOOGLE, US)
PTR: ord37s35-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	beyondgiveaways.com us-bg-cash.lpus.beyondgiveaways.com	380 KB
8	pushnami.com api.pushnami.com — Cisco Umbrella Rank: 9642 cdn.pushnami.com — Cisco Umbrella Rank: 16416 psp.pushnami.com — Cisco Umbrella Rank: 22665	370 KB
6	aiprocessonline.xyz secure.aiprocessonline.xyz	60 KB
4	logictree.co 3 redirects app.logictree.co	6 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 412 fonts.googleapis.com — Cisco Umbrella Rank: 30	64 KB
2	t71.me p.t71.me	3 KB
1	znqroot.com 1 redirects znqroot.com	847 B
1	link2offer.co 1 redirects link2offer.co	316 B
1	apidata.info apidata.info	959 B
1	noscrublinks.com 1 redirects noscrublinks.com	563 B
0	us-imageo.com Failed im.us-imageo.com Failed
0	lidstatic.com Failed create.lidstatic.com Failed
0	trustedform.com Failed api.trustedform.com Failed
0	affslinksfirst.com Failed affslinksfirst.com Failed
0	d-promo.com Failed lpapi.d-promo.com Failed
51	15

	Domain	Requested by
13	us-bg-cash.lpus.beyondgiveaways.com	secure.aiprocessonline.xyz us-bg-cash.lpus.beyondgiveaways.com
6	secure.aiprocessonline.xyz	p.t71.me secure.aiprocessonline.xyz
4	psp.pushnami.com	cdn.pushnami.com api.pushnami.com
4	app.logictree.co	3 redirects secure.aiprocessonline.xyz
2	cdn.pushnami.com	api.pushnami.com
2	api.pushnami.com	secure.aiprocessonline.xyz api.pushnami.com
2	ajax.googleapis.com	p.t71.me secure.aiprocessonline.xyz
2	p.t71.me	p.t71.me
1	fonts.googleapis.com	us-bg-cash.lpus.beyondgiveaways.com
1	znqroot.com	1 redirects
1	link2offer.co	1 redirects
1	apidata.info	p.t71.me
1	noscrublinks.com	1 redirects
0	im.us-imageo.com Failed
0	create.lidstatic.com Failed	us-bg-cash.lpus.beyondgiveaways.com
0	api.trustedform.com Failed	us-bg-cash.lpus.beyondgiveaways.com
0	affslinksfirst.com Failed	us-bg-cash.lpus.beyondgiveaways.com
0	lpapi.d-promo.com Failed	us-bg-cash.lpus.beyondgiveaways.com
51	18

This site contains no links.

Subject Issuer	Validity	Valid
t71.me WE1	`2024-09-23` - `2024-12-22`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
apidata.info WE1	`2024-08-31` - `2024-11-29`	3 months	crt.sh
aiprocessonline.xyz WE1	`2024-09-09` - `2024-12-08`	3 months	crt.sh
*.pushnami.com Amazon RSA 2048 M02	`2024-02-03` - `2025-03-03`	a year	crt.sh
app.logictree.co Amazon RSA 2048 M02	`2024-04-24` - `2025-05-24`	a year	crt.sh
lpus.beyondgiveaways.com WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://us-bg-cash.lpus.beyondgiveaways.com/
Frame ID: 2F18ED8903ECDE81DFEE2035FD1A6A37
Requests: 48 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: A1F1D2D8D06EDFC4417657C7487BE29E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rewards Flow Test

Page URL History Show full URLs

http://noscrublinks.com/?a=3311&oc=37365&c=70676&m=7&s1=46&s2=57beaa6e957e43938d278cd685dd9685 HTTP 307
https://noscrublinks.com/?a=3311&oc=37365&c=70676&m=7&s1=46&s2=57beaa6e957e43938d278cd685dd9685 HTTP 302
https://p.t71.me/t/?s6=1&s7=LG&s8=CAK Page URL
https://app.logictree.co/f1091213-049f-49d7-965d-8c05dd6c61f1?s6=1&s7=LG&s8=CAK&spushon=y HTTP 307
https://app.logictree.co/f1091213-049f-49d7-965d-8c05dd6c61f1/2?s6=1&s7=LG&s8=CAK&spushon=y HTTP 302
https://secure.aiprocessonline.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=US&cep=yc4tuhsanq3QF... Page URL
https://app.logictree.co/click?country=US HTTP 302
https://link2offer.co/?a=538&oc=39404&c=73921&m=7&s1=1_&s2=dc3opv35fo1lc835393mhjec&s3=&country=US HTTP 302
https://znqroot.com/?a=538&oc=39404&c=73921&m=7&s1=1_&s2=dc3opv35fo1lc835393mhjec&s3=&country=US... HTTP 302
https://us-bg-cash.lpus.beyondgiveaways.com/ Page URL

Detected technologies

Pushnami (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.pushnami\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

51
Requests

67 %
HTTPS

0 %
IPv6

15
Domains

18
Subdomains

12
IPs

3
Countries

882 kB
Transfer

2039 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://noscrublinks.com/?a=3311&oc=37365&c=70676&m=7&s1=46&s2=57beaa6e957e43938d278cd685dd9685 HTTP 307
https://noscrublinks.com/?a=3311&oc=37365&c=70676&m=7&s1=46&s2=57beaa6e957e43938d278cd685dd9685 HTTP 302
https://p.t71.me/t/?s6=1&s7=LG&s8=CAK Page URL
https://app.logictree.co/f1091213-049f-49d7-965d-8c05dd6c61f1?s6=1&s7=LG&s8=CAK&spushon=y HTTP 307
https://app.logictree.co/f1091213-049f-49d7-965d-8c05dd6c61f1/2?s6=1&s7=LG&s8=CAK&spushon=y HTTP 302
https://secure.aiprocessonline.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=US&cep=yc4tuhsanq3QFmGBuBTC92mMsm0m70LTISdlktdUulsbjubqhnqWBbjfFExmMJSZ46CY0VUyYXqNWi_UZv928V16CwglKurxLEb100PbXqkg6RqelJ3YqzY7LDC57ZK3MnxeT1Uw628k_pzplZDa8-WWgjxx-MBpbWv-aTmhNGKgM0MMmXeam4sot8_zofBw3cH-P9jetRRfMYCxLtHkxFIebrjC_8hbWUE4WVMWugQA6EdxyH2X0hc0_G-N0eaQnD57zk-0tWh0-kNW8jtIGYIq6U45XnylKhfFl9kiXRHRg67QMsL14_eWvMNti65dMeb-LC2Sh6AYGrbb6HyxLj90NLXEqKdIe4ZzYHlywojje10OMt-XNSes20ehunaSiZ0cDXMtvx_it-HTjiTKRiYHQ1HGX9isg5MprEYQCwRITLwLT5aXyJkM6vpiohKu&lptoken=17272936707a43ca8732&s6=1&s7=LG&s8=CAK&spushon=y Page URL
https://app.logictree.co/click?country=US HTTP 302
https://link2offer.co/?a=538&oc=39404&c=73921&m=7&s1=1_&s2=dc3opv35fo1lc835393mhjec&s3=&country=US HTTP 302
https://znqroot.com/?a=538&oc=39404&c=73921&m=7&s1=1_&s2=dc3opv35fo1lc835393mhjec&s3=&country=US&ckmguid=ebc670d3-e17b-45b4-936b-e09e5def7bd3 HTTP 302
https://us-bg-cash.lpus.beyondgiveaways.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://noscrublinks.com/?a=3311&oc=37365&c=70676&m=7&s1=46&s2=57beaa6e957e43938d278cd685dd9685 HTTP 307
https://noscrublinks.com/?a=3311&oc=37365&c=70676&m=7&s1=46&s2=57beaa6e957e43938d278cd685dd9685 HTTP 302
https://p.t71.me/t/?s6=1&s7=LG&s8=CAK

Request Chain 4

https://app.logictree.co/f1091213-049f-49d7-965d-8c05dd6c61f1?s6=1&s7=LG&s8=CAK&spushon=y HTTP 307
https://app.logictree.co/f1091213-049f-49d7-965d-8c05dd6c61f1/2?s6=1&s7=LG&s8=CAK&spushon=y HTTP 302
https://secure.aiprocessonline.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=US&cep=yc4tuhsanq3QFmGBuBTC92mMsm0m70LTISdlktdUulsbjubqhnqWBbjfFExmMJSZ46CY0VUyYXqNWi_UZv928V16CwglKurxLEb100PbXqkg6RqelJ3YqzY7LDC57ZK3MnxeT1Uw628k_pzplZDa8-WWgjxx-MBpbWv-aTmhNGKgM0MMmXeam4sot8_zofBw3cH-P9jetRRfMYCxLtHkxFIebrjC_8hbWUE4WVMWugQA6EdxyH2X0hc0_G-N0eaQnD57zk-0tWh0-kNW8jtIGYIq6U45XnylKhfFl9kiXRHRg67QMsL14_eWvMNti65dMeb-LC2Sh6AYGrbb6HyxLj90NLXEqKdIe4ZzYHlywojje10OMt-XNSes20ehunaSiZ0cDXMtvx_it-HTjiTKRiYHQ1HGX9isg5MprEYQCwRITLwLT5aXyJkM6vpiohKu&lptoken=17272936707a43ca8732&s6=1&s7=LG&s8=CAK&spushon=y

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

/ Show response
p.t71.me/t/
Redirect Chain

http://noscrublinks.com/?a=3311&oc=37365&c=70676&m=7&s1=46&s2=57beaa6e957e43938d278cd685dd9685
https://noscrublinks.com/?a=3311&oc=37365&c=70676&m=7&s1=46&s2=57beaa6e957e43938d278cd685dd9685
https://p.t71.me/t/?s6=1&s7=LG&s8=CAK

349 B
788 B

442ms
215ms

Document
text/html

104.21.73.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.t71.me/t/?s6=1&s7=LG&s8=CAK
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.73.192 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b64828207d3245843ca93c287bc80f9e3d381702c10f28f27583d5611cd2dc8d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8d7342ac5a9c1f2d-DEN
content-encoding: br
content-type: text/html
date: Wed, 23 Oct 2024 16:56:26 GMT
last-modified: Mon, 19 Aug 2024 09:20:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zLKuHolLz5jq8yCvccBe9czESdyPlceD3mgmnRf5ROPH788fZaRlZm0%2FE4dYHVdUbumMyAgE97JUHG9ksqZ6P2yZoPm9zyWrlR8QtMMfNTGh%2FltDh0QnewIgKA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=91772&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4195&recv_bytes=4498&delivery_rate=4556&cwnd=12000&unsent_bytes=0&cid=d74c2f2e730878d5&ts=340&x=1" cfExtPri cfHdrFlush;dur=0

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 162
Content-Type: text/html; charset=utf-8
Date: Wed, 23 Oct 2024 16:56:25 GMT
Location: https://p.t71.me/t/?s6=1&s7=LG&s8=CAK
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 94 KB
33 KB 363ms
111ms Script
text/javascript 142.251.32.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js

Requested by

Host: p.t71.me
URL: https://p.t71.me/t/?s6=1&s7=LG&s8=CAK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.74 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s07-in-f10.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://p.t71.me/

Response headers

content-encoding: gzip
age: 414484
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Sat, 18 Oct 2025 21:48:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 21:48:22 GMT
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33495
x-xss-protection: 0
server: sffe

GET
H3 200 js Show response
apidata.info/ 832 B
959 B 381ms
277ms Script
application/javascript 104.21.55.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://apidata.info/js
Requested by: Host: p.t71.me
URL: https://p.t71.me/t/?s6=1&s7=LG&s8=CAK
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.55.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8fea6f304ebb217463b28e140d2fd41a0f50f06186fc6dfd853534af2e57237

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://p.t71.me/

Response headers

access-control-max-age: 3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D4Lan47ekpnfZug2TwcxlezbV8RPFawErxLdQnscAl4FOCTRb%2FwCbiVcERnDEpgYbyp08BbDXgg1eH5nW883Ioga8bfsBTzUZhAauMhskW%2B7H%2FHpCwMEMUTUIEHohuw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: POST, GET
cf-ray: 8d7342aebbf50ad3-LAS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=78566&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4173&recv_bytes=4378&delivery_rate=272&cwnd=12000&unsent_bytes=0&cid=9d65ca9b06921e5e&ts=287&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 23 Oct 2024 16:56:26 GMT
content-type: application/javascript;charset=UTF-8
server: cloudflare
priority: u=1,i=?0
access-control-allow-headers: Content-Type

GET
H3 200 logic_tree.js Show response
p.t71.me/t/ 5 KB
2 KB 111ms
110ms Script
application/javascript 104.21.73.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.t71.me/t/logic_tree.js
Requested by: Host: p.t71.me
URL: https://p.t71.me/t/?s6=1&s7=LG&s8=CAK
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.73.192 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95aafbb535384855a5580422e00bdd770bb6e50983807d10c351a42b50d6ef8f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://p.t71.me/t/?s6=1&s7=LG&s8=CAK

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"66c30e55-1284"
age: 1480
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=75EnZfuU5S0v1Fsa01o%2Fct8xGVofirFqievTfvEd6xl%2FOK5WWIDVOP1%2BERxrwGqA4YqpmhLdqkzLmBceZ6nOa3dXNRhK4tjej3%2BFawrlKJ4%2Fg0GiXIVovW1GiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=99126&sent=14&recv=13&lost=0&retrans=0&sent_bytes=5030&recv_bytes=4882&delivery_rate=8024&cwnd=12000&unsent_bytes=0&cid=d74c2f2e730878d5&ts=512&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 23 Oct 2024 16:56:26 GMT
content-type: application/javascript
last-modified: Mon, 19 Aug 2024 09:20:21 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d7342ae0d8e1f2d-DEN
server: cloudflare

GET
H3

200

/ Show response
secure.aiprocessonline.xyz/lp/load/1b/
Redirect Chain

https://app.logictree.co/f1091213-049f-49d7-965d-8c05dd6c61f1?s6=1&s7=LG&s8=CAK&spushon=y
https://app.logictree.co/f1091213-049f-49d7-965d-8c05dd6c61f1/2?s6=1&s7=LG&s8=CAK&spushon=y
https://secure.aiprocessonline.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=US&cep=yc4tuhsanq3QFmGBuBTC92mMsm0m70LTISdlktdUulsbjubqhnqWBbjfFExmMJSZ46CY0VUyYXqNWi_UZv928V16CwglKurxLEb...

2 KB
2 KB

362ms
238ms

Document
text/html

104.21.59.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.aiprocessonline.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=US&cep=yc4tuhsanq3QFmGBuBTC92mMsm0m70LTISdlktdUulsbjubqhnqWBbjfFExmMJSZ46CY0VUyYXqNWi_UZv928V16CwglKurxLEb100PbXqkg6RqelJ3YqzY7LDC57ZK3MnxeT1Uw628k_pzplZDa8-WWgjxx-MBpbWv-aTmhNGKgM0MMmXeam4sot8_zofBw3cH-P9jetRRfMYCxLtHkxFIebrjC_8hbWUE4WVMWugQA6EdxyH2X0hc0_G-N0eaQnD57zk-0tWh0-kNW8jtIGYIq6U45XnylKhfFl9kiXRHRg67QMsL14_eWvMNti65dMeb-LC2Sh6AYGrbb6HyxLj90NLXEqKdIe4ZzYHlywojje10OMt-XNSes20ehunaSiZ0cDXMtvx_it-HTjiTKRiYHQ1HGX9isg5MprEYQCwRITLwLT5aXyJkM6vpiohKu&lptoken=17272936707a43ca8732&s6=1&s7=LG&s8=CAK&spushon=y
Requested by: Host: p.t71.me
URL: https://p.t71.me/t/logic_tree.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.59.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19a40dd78eead1d31bc9400854687c587c6f622911d3dbb2ac70d19625efae60

Request headers

Referer: https://p.t71.me/t/?s6=1&s7=LG&s8=CAK
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8d7342b548070a01-LAS
content-encoding: zstd
content-type: text/html
date: Wed, 23 Oct 2024 16:56:27 GMT
last-modified: Mon, 19 Aug 2024 09:20:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=82M8taT4eamMGL68l3WwfemvN%2FdekCYxrS5fjFm4WxwlFUDoCVlFLDCYpImJEm9lrblgKdk7Nhxvm893Vbt%2BPsNgsTRCaOA2bhOZrrcjZKHBEC2CsiRGHW3FIOOJRYSDt%2B0xExg8oSTGHfnSHg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=79943&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4171&recv_bytes=4904&delivery_rate=6638&cwnd=12000&unsent_bytes=0&cid=22302f3c4ff9906f&ts=265&x=1" cfExtPri cfHdrFlush;dur=0

Redirect headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 0
date: Wed, 23 Oct 2024 16:56:27 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://secure.aiprocessonline.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=US&cep=yc4tuhsanq3QFmGBuBTC92mMsm0m70LTISdlktdUulsbjubqhnqWBbjfFExmMJSZ46CY0VUyYXqNWi_UZv928V16CwglKurxLEb100PbXqkg6RqelJ3YqzY7LDC57ZK3MnxeT1Uw628k_pzplZDa8-WWgjxx-MBpbWv-aTmhNGKgM0MMmXeam4sot8_zofBw3cH-P9jetRRfMYCxLtHkxFIebrjC_8hbWUE4WVMWugQA6EdxyH2X0hc0_G-N0eaQnD57zk-0tWh0-kNW8jtIGYIq6U45XnylKhfFl9kiXRHRg67QMsL14_eWvMNti65dMeb-LC2Sh6AYGrbb6HyxLj90NLXEqKdIe4ZzYHlywojje10OMt-XNSes20ehunaSiZ0cDXMtvx_it-HTjiTKRiYHQ1HGX9isg5MprEYQCwRITLwLT5aXyJkM6vpiohKu&lptoken=17272936707a43ca8732&s6=1&s7=LG&s8=CAK&spushon=y
pragma: no-cache
server: nginx
via: 1.1 99b519fb7ca87e7fd6040aacb1160452.cloudfront.net (CloudFront)
x-amz-cf-id: 1m646OXaleeXyFswhbY2_VWGZaPkB0m_S8LHZH2rFRQoJnV5ouNUhQ==
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 420ms
134ms Script
text/javascript 142.251.32.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: secure.aiprocessonline.xyz
URL: https://secure.aiprocessonline.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=US&cep=yc4tuhsanq3QFmGBuBTC92mMsm0m70LTISdlktdUulsbjubqhnqWBbjfFExmMJSZ46CY0VUyYXqNWi_UZv928V16CwglKurxLEb100PbXqkg6RqelJ3YqzY7LDC57ZK3MnxeT1Uw628k_pzplZDa8-WWgjxx-MBpbWv-aTmhNGKgM0MMmXeam4sot8_zofBw3cH-P9jetRRfMYCxLtHkxFIebrjC_8hbWUE4WVMWugQA6EdxyH2X0hc0_G-N0eaQnD57zk-0tWh0-kNW8jtIGYIq6U45XnylKhfFl9kiXRHRg67QMsL14_eWvMNti65dMeb-LC2Sh6AYGrbb6HyxLj90NLXEqKdIe4ZzYHlywojje10OMt-XNSes20ehunaSiZ0cDXMtvx_it-HTjiTKRiYHQ1HGX9isg5MprEYQCwRITLwLT5aXyJkM6vpiohKu&lptoken=17272936707a43ca8732&s6=1&s7=LG&s8=CAK&spushon=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.74 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s07-in-f10.1e100.net

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 392801
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Sun, 19 Oct 2025 03:49:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Oct 2024 03:49:47 GMT
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30186
x-xss-protection: 0
server: sffe

GET
H3 200 loader.gif
secure.aiprocessonline.xyz/lp/load/1b/img/ 51 KB
52 KB 262ms
261ms Image
image/gif 104.21.59.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.aiprocessonline.xyz/lp/load/1b/img/loader.gif
Requested by: Host: secure.aiprocessonline.xyz
URL: https://secure.aiprocessonline.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=US&cep=yc4tuhsanq3QFmGBuBTC92mMsm0m70LTISdlktdUulsbjubqhnqWBbjfFExmMJSZ46CY0VUyYXqNWi_UZv928V16CwglKurxLEb100PbXqkg6RqelJ3YqzY7LDC57ZK3MnxeT1Uw628k_pzplZDa8-WWgjxx-MBpbWv-aTmhNGKgM0MMmXeam4sot8_zofBw3cH-P9jetRRfMYCxLtHkxFIebrjC_8hbWUE4WVMWugQA6EdxyH2X0hc0_G-N0eaQnD57zk-0tWh0-kNW8jtIGYIq6U45XnylKhfFl9kiXRHRg67QMsL14_eWvMNti65dMeb-LC2Sh6AYGrbb6HyxLj90NLXEqKdIe4ZzYHlywojje10OMt-XNSes20ehunaSiZ0cDXMtvx_it-HTjiTKRiYHQ1HGX9isg5MprEYQCwRITLwLT5aXyJkM6vpiohKu&lptoken=17272936707a43ca8732&s6=1&s7=LG&s8=CAK&spushon=y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.59.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78ec6fb90696be9a847580501ec42909638107b35ff31f3780b24499a2fefa83

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status: REVALIDATED
etag: "66c30e6f-cc19"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6NGuvjQJzxnFd4%2BnklA5A7A1xflFLXgeoGCVMSoKHPvhsFJEQVFv4anwICS1NGab9eHEPo28greMH2%2B7brHJNDUMNs3GPrI1LF44DbnJwbG4xmGUB3lv3BVJuyS58TpJ305aOgqsDIpCspSQWg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79503&sent=16&recv=14&lost=0&retrans=0&sent_bytes=6002&recv_bytes=5720&delivery_rate=17877&cwnd=12000&unsent_bytes=0&cid=22302f3c4ff9906f&ts=580&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 23 Oct 2024 16:56:28 GMT
content-type: image/gif
last-modified: Mon, 19 Aug 2024 09:20:47 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d7342b72aa10a01-LAS
accept-ranges: bytes
content-length: 52249
server: cloudflare

GET
H3 200 url-pixel.png
secure.aiprocessonline.xyz/lp/load/1b/ 95 B
765 B 340ms
339ms Image
image/png 104.21.59.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.aiprocessonline.xyz/lp/load/1b/url-pixel.png
Requested by: Host: secure.aiprocessonline.xyz
URL: https://secure.aiprocessonline.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=US&cep=yc4tuhsanq3QFmGBuBTC92mMsm0m70LTISdlktdUulsbjubqhnqWBbjfFExmMJSZ46CY0VUyYXqNWi_UZv928V16CwglKurxLEb100PbXqkg6RqelJ3YqzY7LDC57ZK3MnxeT1Uw628k_pzplZDa8-WWgjxx-MBpbWv-aTmhNGKgM0MMmXeam4sot8_zofBw3cH-P9jetRRfMYCxLtHkxFIebrjC_8hbWUE4WVMWugQA6EdxyH2X0hc0_G-N0eaQnD57zk-0tWh0-kNW8jtIGYIq6U45XnylKhfFl9kiXRHRg67QMsL14_eWvMNti65dMeb-LC2Sh6AYGrbb6HyxLj90NLXEqKdIe4ZzYHlywojje10OMt-XNSes20ehunaSiZ0cDXMtvx_it-HTjiTKRiYHQ1HGX9isg5MprEYQCwRITLwLT5aXyJkM6vpiohKu&lptoken=17272936707a43ca8732&s6=1&s7=LG&s8=CAK&spushon=y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.59.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a13a0af892f283e422697ebc2c5c84b6ab173989701ef72329ebd6af59e93685

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status: REVALIDATED
etag: "66c30e6f-5f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6fbe1BeomrIb0GwsWUEwWwQzOBDKiFHQ3QxrmsqQGJJI4aCdQKw%2FZGvviH8C0F2SK8ZXGq1OIWOYZhsuIPFIrH1rqE%2BVqtB82w9Z1FeySq4Jvg7s6JnOv0o1r9W0Pj4EUcXS8VLaM%2Bc09J5%2FSA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79503&sent=26&recv=14&lost=0&retrans=0&sent_bytes=18002&recv_bytes=5720&delivery_rate=17877&cwnd=12000&unsent_bytes=0&cid=22302f3c4ff9906f&ts=586&x=1", cfExtPri, cfHdrFlush;dur=73
date: Wed, 23 Oct 2024 16:56:28 GMT
content-type: image/png
last-modified: Mon, 19 Aug 2024 09:20:47 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d7342b72aa50a01-LAS
accept-ranges: bytes
content-length: 95
server: cloudflare

GET
H3 200 gotoURL.js Show response
secure.aiprocessonline.xyz/script/ 7 KB
3 KB 265ms
264ms Script
application/javascript 104.21.59.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.aiprocessonline.xyz/script/gotoURL.js
Requested by: Host: secure.aiprocessonline.xyz
URL: https://secure.aiprocessonline.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=US&cep=yc4tuhsanq3QFmGBuBTC92mMsm0m70LTISdlktdUulsbjubqhnqWBbjfFExmMJSZ46CY0VUyYXqNWi_UZv928V16CwglKurxLEb100PbXqkg6RqelJ3YqzY7LDC57ZK3MnxeT1Uw628k_pzplZDa8-WWgjxx-MBpbWv-aTmhNGKgM0MMmXeam4sot8_zofBw3cH-P9jetRRfMYCxLtHkxFIebrjC_8hbWUE4WVMWugQA6EdxyH2X0hc0_G-N0eaQnD57zk-0tWh0-kNW8jtIGYIq6U45XnylKhfFl9kiXRHRg67QMsL14_eWvMNti65dMeb-LC2Sh6AYGrbb6HyxLj90NLXEqKdIe4ZzYHlywojje10OMt-XNSes20ehunaSiZ0cDXMtvx_it-HTjiTKRiYHQ1HGX9isg5MprEYQCwRITLwLT5aXyJkM6vpiohKu&lptoken=17272936707a43ca8732&s6=1&s7=LG&s8=CAK&spushon=y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.59.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f59a0643be02779db9902e4db88d29594be31f7a307ca0a873ef371c39728b4f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
etag: W/"66c30e4f-1d1a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xuZ2Sf8brwEwddFvdCVyCEQo72e9q3Qh7h83vGknw%2B9pyeL4wUsZkQ2m8viDAO4U5Z3U46Nd0B9T3pjSRletYeJUG2jGIYztpBVplNRMz4zSPkzCPsujHNuLTlb5zy%2F7bn3%2F%2FftqFEuE8WImZg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d7342ba7f820a01-LAS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=77632&sent=65&recv=39&lost=0&retrans=0&sent_bytes=60937&recv_bytes=7039&delivery_rate=247483&cwnd=46800&unsent_bytes=0&cid=22302f3c4ff9906f&ts=1118&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 23 Oct 2024 16:56:28 GMT
content-type: application/javascript
last-modified: Mon, 19 Aug 2024 09:20:15 GMT
vary: Accept-Encoding
priority: u=1,i=?0

GET
H2 200 62a7807cf9e9090013c65cc7 Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 101 KB
21 KB 510ms
147ms Script
application/javascript 18.164.124.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Requested by: Host: secure.aiprocessonline.xyz
URL: https://secure.aiprocessonline.xyz/script/gotoURL.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-33.jfk50.r.cloudfront.net
Software: /
Resource Hash: 6bd9ef960f284a0987acb1bf0c3923388978922abf60704cb40c008ddbfaf1a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache
content-encoding: gzip
age: 213
via: 1.1 fe705b44d5a5a2d7d6e73595ceeca2e2.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: U5MOvxkgVnW8yh92oUVznjBHXWaxhPD3_K_jU6lsGvzhOc_GmyU4Uw==
date: Wed, 23 Oct 2024 16:52:56 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding
x-amz-cf-pop: JFK50-P7

GET
H2 200 .js Show response
app.logictree.co/d/ 3 KB
3 KB 367ms
131ms Script
application/javascript 52.85.61.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.logictree.co/d/.js?lpref=https%3A%2F%2Fp.t71.me%2F&lpurl=https%3A%2F%2Fsecure.aiprocessonline.xyz%2Flp%2Fload%2F1b%2F%3Fvsv%3DUTS%26vl%3D1%26vlink%3Dapp.logictree.co%26country%3DUS%26cep%3Dyc4tuhsanq3QFmGBuBTC92mMsm0m70LTISdlktdUulsbjubqhnqWBbjfFExmMJSZ46CY0VUyYXqNWi_UZv928V16CwglKurxLEb100PbXqkg6RqelJ3YqzY7LDC57ZK3MnxeT1Uw628k_pzplZDa8-WWgjxx-MBpbWv-aTmhNGKgM0MMmXeam4sot8_zofBw3cH-P9jetRRfMYCxLtHkxFIebrjC_8hbWUE4WVMWugQA6EdxyH2X0hc0_G-N0eaQnD57zk-0tWh0-kNW8jtIGYIq6U45XnylKhfFl9kiXRHRg67QMsL14_eWvMNti65dMeb-LC2Sh6AYGrbb6HyxLj90NLXEqKdIe4ZzYHlywojje10OMt-XNSes20ehunaSiZ0cDXMtvx_it-HTjiTKRiYHQ1HGX9isg5MprEYQCwRITLwLT5aXyJkM6vpiohKu%26lptoken%3D17272936707a43ca8732%26s6%3D1%26s7%3DLG%26s8%3DCAK%26spushon%3Dy&lpt=Loader&vtm=1729702588797
Requested by: Host: secure.aiprocessonline.xyz
URL: https://secure.aiprocessonline.xyz/script/gotoURL.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-70.ewr53.r.cloudfront.net
Software: nginx /
Resource Hash: 1ead2f54c01b29c9d3d6b4acab2c45e779af0698742c776b8ccc18be82882002

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
via: 1.1 960b27f23df49cd65e51133bf80b9878.cloudfront.net (CloudFront)
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 3191
x-amz-cf-id: AwZdl6bnXCbFR_FQy8w75uTu-oyIHcq8SW7A3N2ptbXm7Cwy2Ls8lw==
date: Wed, 23 Oct 2024 16:56:29 GMT
content-type: application/javascript;charset=UTF-8
x-amz-cf-pop: EWR53-P1
server: nginx

GET
H3 200 bckbtn.js Show response
secure.aiprocessonline.xyz/script/ 1012 B
1 KB 248ms
248ms Script
application/javascript 104.21.59.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.aiprocessonline.xyz/script/bckbtn.js
Requested by: Host: secure.aiprocessonline.xyz
URL: https://secure.aiprocessonline.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=US&cep=yc4tuhsanq3QFmGBuBTC92mMsm0m70LTISdlktdUulsbjubqhnqWBbjfFExmMJSZ46CY0VUyYXqNWi_UZv928V16CwglKurxLEb100PbXqkg6RqelJ3YqzY7LDC57ZK3MnxeT1Uw628k_pzplZDa8-WWgjxx-MBpbWv-aTmhNGKgM0MMmXeam4sot8_zofBw3cH-P9jetRRfMYCxLtHkxFIebrjC_8hbWUE4WVMWugQA6EdxyH2X0hc0_G-N0eaQnD57zk-0tWh0-kNW8jtIGYIq6U45XnylKhfFl9kiXRHRg67QMsL14_eWvMNti65dMeb-LC2Sh6AYGrbb6HyxLj90NLXEqKdIe4ZzYHlywojje10OMt-XNSes20ehunaSiZ0cDXMtvx_it-HTjiTKRiYHQ1HGX9isg5MprEYQCwRITLwLT5aXyJkM6vpiohKu&lptoken=17272936707a43ca8732&s6=1&s7=LG&s8=CAK&spushon=y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.59.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d1cbbcd5fa98ac7e076b1b2ae962846cc73356efdb61f10d915e23f77756814

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
etag: W/"66c30e4f-3f4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=orBE4nViV5iCCkY9x6gIHiGQtw1pDz0F%2FweAQxmy%2FPNeOtFh%2Fg9AUbKtBxnU0av0JW7uyrJo9gcMUfBP6FP5%2FezM5M9abw9BbThiKFIyted95FYOQNw7hSNSNZM%2B6DFWVKj%2Fxr%2F2ltJzm5DacA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d7342bc29ee0a01-LAS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=77619&sent=70&recv=42&lost=0&retrans=0&sent_bytes=64489&recv_bytes=7406&delivery_rate=13387&cwnd=46800&unsent_bytes=0&cid=22302f3c4ff9906f&ts=1375&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 23 Oct 2024 16:56:28 GMT
content-type: application/javascript
last-modified: Mon, 19 Aug 2024 09:20:15 GMT
vary: Accept-Encoding
priority: u=1,i=?0

GET
H3 200 swgfonts.js Show response
secure.aiprocessonline.xyz/script/ 965 B
1 KB 164ms
163ms Script
application/javascript 104.21.59.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.aiprocessonline.xyz/script/swgfonts.js
Requested by: Host: secure.aiprocessonline.xyz
URL: https://secure.aiprocessonline.xyz/lp/load/1b/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.59.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d36e0b2c22cdd894cc75c675a077b3da89a4e0c64e5a04376f088abe6468a531

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
etag: W/"66c30e50-3c5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gzESUginO%2BJMeh0eM5s8u4o9vxOTDcLyWViS8seNpre%2FTdRrWNPGFYfrHg1cN5l%2FiOAXoDRhRwu5vloMQjLysM%2BXtiFw3VuJv7oTacehTw2Eeg2VDMHukD7S555E8y90nvKBVfpYxzJ7J6mm1A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d7342bdcc500a01-LAS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=77614&sent=73&recv=44&lost=0&retrans=0&sent_bytes=65774&recv_bytes=7732&delivery_rate=5138&cwnd=46800&unsent_bytes=0&cid=22302f3c4ff9906f&ts=1542&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 23 Oct 2024 16:56:29 GMT
content-type: application/javascript
last-modified: Mon, 19 Aug 2024 09:20:16 GMT
vary: Accept-Encoding
priority: u=1,i=?0

GET
H2 200 fcm-v1-module.019781ec7a1c97363e85.bundle.js Show response
cdn.pushnami.com/js/modules/ 46 KB
15 KB 399ms
150ms Script
application/javascript 13.249.91.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushnami.com/js/modules/fcm-v1-module.019781ec7a1c97363e85.bundle.js
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.91.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-91-120.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b41d7402cbdab32acba31cfdd479730c74b7527fa7c881b0486098bd1a895607

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

vary: Accept-Encoding
content-encoding: gzip
etag: W/"09467cbbdfbe0b4f7131476215348a19"
x-amz-version-id: DKNNXfrKVNQFoskvuTtbaAOVbVs0JYVO
age: 2606
via: 1.1 06a2a91727cd0dfdaa1154422bcbc726.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: oAUHnY-eSVxagE68qN0Oh5wHo75gdJYJF3_OqU6gkmEZsL-wZ_nQeQ==
date: Wed, 23 Oct 2024 16:13:04 GMT
content-type: application/javascript
last-modified: Fri, 10 May 2024 21:23:38 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P9
x-amz-server-side-encryption: AES256

GET
H2 200 hub
api.pushnami.com/scripts/v1/ Frame A1F1 0
0 354ms
119ms Document
text/html 18.164.124.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushnami.com/scripts/v1/hub

Requested by

Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.56 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-56.jfk50.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *
X-Content-Security-Policy	default-src 'unsafe-inline' *

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: *
age: 1209
cache-control: no-cache
content-encoding: gzip
content-security-policy: default-src 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Wed, 23 Oct 2024 16:36:21 GMT
vary: accept-encoding
via: 1.1 a4c7006ff62b5b4c16c58f54fdfeb656.cloudfront.net (CloudFront)
x-amz-cf-id: -_31NJldGypgMVOorRpT4qroht07mH_vp7MNNfCpCigvMKKl_FjLGQ==
x-amz-cf-pop: JFK50-P7
x-cache: Hit from cloudfront
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *

GET
H3

200

Primary Request / Show response
us-bg-cash.lpus.beyondgiveaways.com/
Redirect Chain

https://app.logictree.co/click?country=US
https://link2offer.co/?a=538&oc=39404&c=73921&m=7&s1=1_&s2=dc3opv35fo1lc835393mhjec&s3=&country=US
https://znqroot.com/?a=538&oc=39404&c=73921&m=7&s1=1_&s2=dc3opv35fo1lc835393mhjec&s3=&country=US&ckmguid=ebc670d3-e17b-45b4-936b-e09e5def7bd3
https://us-bg-cash.lpus.beyondgiveaways.com/

37 KB
10 KB

375ms
189ms

Document
text/html

172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-bg-cash.lpus.beyondgiveaways.com/
Requested by: Host: secure.aiprocessonline.xyz
URL: https://secure.aiprocessonline.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=US&cep=yc4tuhsanq3QFmGBuBTC92mMsm0m70LTISdlktdUulsbjubqhnqWBbjfFExmMJSZ46CY0VUyYXqNWi_UZv928V16CwglKurxLEb100PbXqkg6RqelJ3YqzY7LDC57ZK3MnxeT1Uw628k_pzplZDa8-WWgjxx-MBpbWv-aTmhNGKgM0MMmXeam4sot8_zofBw3cH-P9jetRRfMYCxLtHkxFIebrjC_8hbWUE4WVMWugQA6EdxyH2X0hc0_G-N0eaQnD57zk-0tWh0-kNW8jtIGYIq6U45XnylKhfFl9kiXRHRg67QMsL14_eWvMNti65dMeb-LC2Sh6AYGrbb6HyxLj90NLXEqKdIe4ZzYHlywojje10OMt-XNSes20ehunaSiZ0cDXMtvx_it-HTjiTKRiYHQ1HGX9isg5MprEYQCwRITLwLT5aXyJkM6vpiohKu&lptoken=17272936707a43ca8732&s6=1&s7=LG&s8=CAK&spushon=y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Next.js
Resource Hash: 4dcddf984edd92de279ac3e6d1ee20f0388b4536d8501760bbc99b265a80825d

Request headers

Referer: https://secure.aiprocessonline.xyz/lp/load/1b/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=3600, stale-while-revalidate
cf-cache-status: HIT
cf-ray: 8d7342ce2aa40acd-LAS
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 23 Oct 2024 16:56:31 GMT
server: cloudflare
vary: Accept-Encoding
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
x-nextjs-cache: HIT
x-powered-by: Next.js

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 244
Content-Type: text/html; charset=utf-8
Date: Wed, 23 Oct 2024 16:56:31 GMT
Location: https://us-bg-cash.lpus.beyondgiveaways.com/#/?reqid=2324403122&oid=33279&a=538&cid=610224&s1=1_&country=US
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 psfpv4_client_1.128.0_e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9.js
cdn.pushnami.com/js/exp/ 333 KB
334 KB 140ms
139ms Script
application/javascript 13.249.91.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushnami.com/js/exp/psfpv4_client_1.128.0_e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9.js
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.91.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-91-120.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: utf-8
x-amz-version-id: iJVtw0MDnvg5Vkf9zg8GHQyDY6vN4ZdU
etag: "4b9f77845d59f14274d2b8d4b1112ca4"
age: 1885
x-cache: Hit from cloudfront
x-amz-cf-id: 1PS_fm3LhdimXLq5Bmn5b2VW5cnjMmPiXqDzBuOsBDmyItgLy6aOfQ==
date: Wed, 23 Oct 2024 16:25:06 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 12 Aug 2024 17:22:56 GMT
via: 1.1 06a2a91727cd0dfdaa1154422bcbc726.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 340965
x-amz-cf-pop: JFK52-P9
server: AmazonS3
x-amz-server-side-encryption: AES256

OPTIONS
H2 204 data
psp.pushnami.com/psfp/ Frame 0
0 387ms
127ms Preflight 3.213.207.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/psfp/data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.213.207.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-207-248.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.aiprocessonline.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Wed, 23 Oct 2024 16:56:31 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

POST
H2 201 data
psp.pushnami.com/psfp/ 61 B
220 B 128ms
126ms Fetch
application/json 3.213.207.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/psfp/data
Requested by: Host: cdn.pushnami.com
URL: https://cdn.pushnami.com/js/exp/psfpv4_client_1.128.0_e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.213.207.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-207-248.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/octet-stream
Referer

Response headers

access-control-allow-origin: *
content-length: 61
date: Wed, 23 Oct 2024 16:56:31 GMT
etag: W/"3d-U1WwelPqdjj4tWy7/a14ZD1QCxM"
content-type: application/json; charset=utf-8
x-powered-by: Express

POST
H2 200 psp
psp.pushnami.com/api/ 2 B
152 B 160ms
159ms Fetch
text/html 3.213.207.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.213.207.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-207-248.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

key: 62a7807cf9e9090013c65cc7
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept: application/json, text/plain, */*
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
content-length: 2
date: Wed, 23 Oct 2024 16:56:31 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/html; charset=utf-8
x-powered-by: Express

OPTIONS
H2 204 psp
psp.pushnami.com/api/ Frame 0
0 124ms
123ms Preflight 3.213.207.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.213.207.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-207-248.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://secure.aiprocessonline.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: key
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Wed, 23 Oct 2024 16:56:31 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

GET
H3 200 606d5d0dc56617aa.css
us-bg-cash.lpus.beyondgiveaways.com/_next/static/css/ 122 KB
21 KB 97ms
96ms Stylesheet
text/css 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-bg-cash.lpus.beyondgiveaways.com/_next/static/css/606d5d0dc56617aa.css
Requested by: Host: us-bg-cash.lpus.beyondgiveaways.com
URL: https://us-bg-cash.lpus.beyondgiveaways.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a804e66bcfffb35093add9366bd520517406af41ff2542496ad29e97ee313ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us-bg-cash.lpus.beyondgiveaways.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1e73c-49773873e8"
age: 74035
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
cf-ray: 8d7342cf8cb50acd-LAS
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 16:56:31 GMT
content-type: text/css; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H3 200 webpack-78fa90fbb23c16c2.js Show response
us-bg-cash.lpus.beyondgiveaways.com/_next/static/chunks/ 6 KB
4 KB 174ms
174ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-bg-cash.lpus.beyondgiveaways.com/_next/static/chunks/webpack-78fa90fbb23c16c2.js
Requested by: Host: us-bg-cash.lpus.beyondgiveaways.com
URL: https://us-bg-cash.lpus.beyondgiveaways.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d2f212eb47b66741f04c68dada48111355113c779750b92ee732029af1c5e9f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us-bg-cash.lpus.beyondgiveaways.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: HIT
etag: W/"194f-49773873e8"
age: 74035
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
cf-ray: 8d7342cf8cb90acd-LAS
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 16:56:31 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H3 200 framework-314c182fa7e2bf37.js Show response
us-bg-cash.lpus.beyondgiveaways.com/_next/static/chunks/ 138 KB
45 KB 130ms
127ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-bg-cash.lpus.beyondgiveaways.com/_next/static/chunks/framework-314c182fa7e2bf37.js
Requested by: Host: us-bg-cash.lpus.beyondgiveaways.com
URL: https://us-bg-cash.lpus.beyondgiveaways.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fff0bdb3f70b85b820a949503a24610fb007cf4582f1e67f4835a14de511d50f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us-bg-cash.lpus.beyondgiveaways.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: HIT
etag: W/"226cf-49773873e8"
age: 74035
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
cf-ray: 8d7342cfcd290acd-LAS
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 16:56:32 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H3 200 main-407d6493f1476c1f.js Show response
us-bg-cash.lpus.beyondgiveaways.com/_next/static/chunks/ 124 KB
37 KB 129ms
126ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-bg-cash.lpus.beyondgiveaways.com/_next/static/chunks/main-407d6493f1476c1f.js
Requested by: Host: us-bg-cash.lpus.beyondgiveaways.com
URL: https://us-bg-cash.lpus.beyondgiveaways.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7a5ac9d1fb9e82e28bc45c4c6679978dffcebb48005912ed948342cba2080e9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us-bg-cash.lpus.beyondgiveaways.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1efab-49773873e8"
age: 41695
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
cf-ray: 8d7342cfcd2e0acd-LAS
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 16:56:31 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H3 200 _app-b6ebb27b9976a677.js Show response
us-bg-cash.lpus.beyondgiveaways.com/_next/static/chunks/pages/ 300 KB
87 KB 129ms
126ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-bg-cash.lpus.beyondgiveaways.com/_next/static/chunks/pages/_app-b6ebb27b9976a677.js
Requested by: Host: us-bg-cash.lpus.beyondgiveaways.com
URL: https://us-bg-cash.lpus.beyondgiveaways.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d4280da8ac9ba452dc92a55a7837e5c13e74f2e91da85cf9b88e2e2cf057c43

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us-bg-cash.lpus.beyondgiveaways.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: HIT
etag: W/"4af49-49773873e8"
age: 41695
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
cf-ray: 8d7342cfcd2f0acd-LAS
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 16:56:31 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H3 200 b637e9a5-af501d1d7b629672.js Show response
us-bg-cash.lpus.beyondgiveaways.com/_next/static/chunks/ 85 KB
30 KB 368ms
366ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-bg-cash.lpus.beyondgiveaways.com/_next/static/chunks/b637e9a5-af501d1d7b629672.js
Requested by: Host: us-bg-cash.lpus.beyondgiveaways.com
URL: https://us-bg-cash.lpus.beyondgiveaways.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f02f38a92903a74aff3d45e16895c39a63a533aea698c41cf69ce89fa7d2ce5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us-bg-cash.lpus.beyondgiveaways.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: HIT
etag: W/"152b2-49773873e8"
age: 41695
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
cf-ray: 8d7342cfcd310acd-LAS
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 16:56:31 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H3 200 4870-09253cbb3653b9f3.js Show response
us-bg-cash.lpus.beyondgiveaways.com/_next/static/chunks/ 358 KB
113 KB 369ms
367ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-bg-cash.lpus.beyondgiveaways.com/_next/static/chunks/4870-09253cbb3653b9f3.js
Requested by: Host: us-bg-cash.lpus.beyondgiveaways.com
URL: https://us-bg-cash.lpus.beyondgiveaways.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ad6bbfa96aa5a10e94f05d4cad856e2dab931e53e079c962f565d8251a90c21

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us-bg-cash.lpus.beyondgiveaways.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: HIT
etag: W/"596f5-49773873e8"
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
cf-ray: 8d7342cfcd320acd-LAS
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 16:56:32 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H3 200 %5Blandingpage%5D-dd67e4ee54e58620.js Show response
us-bg-cash.lpus.beyondgiveaways.com/_next/static/chunks/pages/landingpages/ 125 KB
28 KB 441ms
439ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-bg-cash.lpus.beyondgiveaways.com/_next/static/chunks/pages/landingpages/%5Blandingpage%5D-dd67e4ee54e58620.js
Requested by: Host: us-bg-cash.lpus.beyondgiveaways.com
URL: https://us-bg-cash.lpus.beyondgiveaways.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 684f9cdb9391d09c6772987eb3046dcd47223e1b50b608778048feafc70a1c0b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us-bg-cash.lpus.beyondgiveaways.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1f380-49773873e8"
age: 41695
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
cf-ray: 8d7342cfcd350acd-LAS
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 16:56:31 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H3 200 _buildManifest.js Show response
us-bg-cash.lpus.beyondgiveaways.com/_next/static/3Cl-TGN24tvGSGZTo1LDq/ 649 B
628 B 446ms
444ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-bg-cash.lpus.beyondgiveaways.com/_next/static/3Cl-TGN24tvGSGZTo1LDq/_buildManifest.js
Requested by: Host: us-bg-cash.lpus.beyondgiveaways.com
URL: https://us-bg-cash.lpus.beyondgiveaways.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f5c54fff4c6f6e562b600fd223a35ad8b762f89b79f0267cc3cb3d4cd543166

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us-bg-cash.lpus.beyondgiveaways.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: br
cf-cache-status: HIT
etag: W/"289-49773873e8"
age: 41695
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
cf-ray: 8d7342cfcd380acd-LAS
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 16:56:31 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H3 200 _ssgManifest.js Show response
us-bg-cash.lpus.beyondgiveaways.com/_next/static/3Cl-TGN24tvGSGZTo1LDq/ 119 B
359 B 446ms
445ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-bg-cash.lpus.beyondgiveaways.com/_next/static/3Cl-TGN24tvGSGZTo1LDq/_ssgManifest.js
Requested by: Host: us-bg-cash.lpus.beyondgiveaways.com
URL: https://us-bg-cash.lpus.beyondgiveaways.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d74bdd6d4a41d352668bd82d267ab63420ecf7e805d0bc55ed885bb26789b72

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us-bg-cash.lpus.beyondgiveaways.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: br
cf-cache-status: HIT
etag: W/"77-49773873e8"
age: 74035
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
cf-ray: 8d7342cfcd3a0acd-LAS
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 16:56:32 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1021 B 326ms
113ms Stylesheet
text/css 142.250.190.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: us-bg-cash.lpus.beyondgiveaways.com
URL: https://us-bg-cash.lpus.beyondgiveaways.com/_next/static/css/606d5d0dc56617aa.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.190.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ord37s35-in-f10.1e100.net

Software

ESF /

Resource Hash

77ab64cceae5115ff453740351c36a92b4c72d02e4e5f40d4eba4f8259a7ac7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us-bg-cash.lpus.beyondgiveaways.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 16:56:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 16:56:32 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 23 Oct 2024 16:28:35 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 5b641e9bca8c675e.css
us-bg-cash.lpus.beyondgiveaways.com/_next/static/css/ 2 KB
740 B 127ms
126ms Stylesheet
text/css 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-bg-cash.lpus.beyondgiveaways.com/_next/static/css/5b641e9bca8c675e.css
Requested by: Host: us-bg-cash.lpus.beyondgiveaways.com
URL: https://us-bg-cash.lpus.beyondgiveaways.com/_next/static/chunks/webpack-78fa90fbb23c16c2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e24c5ffbef0c1a864af8454cc95ffcb4d406324b4ddca1a6ebfc05e66c2883c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us-bg-cash.lpus.beyondgiveaways.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: HIT
etag: W/"64e-49773873e8"
age: 74035
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
cf-ray: 8d7342d40b700acd-LAS
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 16:56:32 GMT
content-type: text/css; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET
H3 200 9232.e61de05c86a48442.js Show response
us-bg-cash.lpus.beyondgiveaways.com/_next/static/chunks/ 12 KB
4 KB 103ms
102ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-bg-cash.lpus.beyondgiveaways.com/_next/static/chunks/9232.e61de05c86a48442.js
Requested by: Host: us-bg-cash.lpus.beyondgiveaways.com
URL: https://us-bg-cash.lpus.beyondgiveaways.com/_next/static/chunks/webpack-78fa90fbb23c16c2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa8d990b9e0d70897cc3d8ce6fdae8d66fae803a9679b8378f35e3c767eb760b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us-bg-cash.lpus.beyondgiveaways.com/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: HIT
etag: W/"30e4-49773873e8"
age: 74035
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
cf-ray: 8d7342d40b750acd-LAS
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 16:56:32 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
x-do-orig-status: 200

GET /
lpapi.d-promo.com/survey/getSurveyData/32_questions.json/ 0
0

GET /
lpapi.d-promo.com/survey/getSurveyData/32_ads.json/ 0
0

GET /
lpapi.d-promo.com/survey/getSurveyData/32_cosponsors.json/ 0
0

GET p.ashx
affslinksfirst.com/ 0
0

GET undefined
us-bg-cash.lpus.beyondgiveaways.com/ 0
0

GET pushNami.js
us-bg-cash.lpus.beyondgiveaways.com/scripts/ 0
0

GET trustedform.js
api.trustedform.com/ 0
0

GET a62329fc-b047-95ca-1835-43098649ff47.js
create.lidstatic.com/campaign/ 0
0

GET 1713451215_prizeimg.png
im.us-imageo.com/upload/ 0
0

GET 7778.7431b445d69f3fca.js
us-bg-cash.lpus.beyondgiveaways.com/_next/static/chunks/ 0
0

GET 3426.047bb38c1624b0c5.js
us-bg-cash.lpus.beyondgiveaways.com/_next/static/chunks/ 0
0

GET 8910.023027ff64c7da19.js
us-bg-cash.lpus.beyondgiveaways.com/_next/static/chunks/ 0
0

GET image
us-bg-cash.lpus.beyondgiveaways.com/_next/ 0
0

GET eafabf029ad39a43-s.p.woff2
us-bg-cash.lpus.beyondgiveaways.com/_next/static/media/ 0
0

GET b957ea75a84b6ea7-s.p.woff2
us-bg-cash.lpus.beyondgiveaways.com/_next/static/media/ 0
0

GET image
us-bg-cash.lpus.beyondgiveaways.com/_next/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lpapi.d-promo.com
URL: https://lpapi.d-promo.com/survey/getSurveyData/32_questions.json/

Domain: lpapi.d-promo.com
URL: https://lpapi.d-promo.com/survey/getSurveyData/32_ads.json/

Domain: lpapi.d-promo.com
URL: https://lpapi.d-promo.com/survey/getSurveyData/32_cosponsors.json/

Domain: affslinksfirst.com
URL: https://affslinksfirst.com/p.ashx?o=33279&en=evt01&t=2324403122&r=2324403122

Domain: us-bg-cash.lpus.beyondgiveaways.com
URL: https://us-bg-cash.lpus.beyondgiveaways.com/undefined

Domain: us-bg-cash.lpus.beyondgiveaways.com
URL: https://us-bg-cash.lpus.beyondgiveaways.com/scripts/pushNami.js

Domain: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17297025926550.8239107107233361&invert_field_sensitivity=false

Domain: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2

Domain: im.us-imageo.com
URL: https://im.us-imageo.com/upload/1713451215_prizeimg.png

Domain: us-bg-cash.lpus.beyondgiveaways.com
URL: https://us-bg-cash.lpus.beyondgiveaways.com/_next/static/chunks/7778.7431b445d69f3fca.js

Domain: us-bg-cash.lpus.beyondgiveaways.com
URL: https://us-bg-cash.lpus.beyondgiveaways.com/_next/static/chunks/3426.047bb38c1624b0c5.js

Domain: us-bg-cash.lpus.beyondgiveaways.com
URL: https://us-bg-cash.lpus.beyondgiveaways.com/_next/static/chunks/8910.023027ff64c7da19.js

Domain: us-bg-cash.lpus.beyondgiveaways.com
URL: https://us-bg-cash.lpus.beyondgiveaways.com/_next/image?url=https%3A%2F%2Fim.us-imageo.com%2Fupload%2F1713451215_prizeimg.png&w=640&q=100

Domain: us-bg-cash.lpus.beyondgiveaways.com
URL: https://us-bg-cash.lpus.beyondgiveaways.com/_next/static/media/eafabf029ad39a43-s.p.woff2

Domain: us-bg-cash.lpus.beyondgiveaways.com
URL: https://us-bg-cash.lpus.beyondgiveaways.com/_next/static/media/b957ea75a84b6ea7-s.p.woff2

Domain: us-bg-cash.lpus.beyondgiveaways.com
URL: https://us-bg-cash.lpus.beyondgiveaways.com/_next/image?url=https%3A%2F%2Fim.us-imageo.com%2Fupload%2F1713451223_bg.png&w=1920&q=100

Domain: us-bg-cash.lpus.beyondgiveaways.com
URL: https://us-bg-cash.lpus.beyondgiveaways.com/_next/image?url=%2Fimages%2Frewards%2Ftick.png&w=32&q=75

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.noscrublinks.com/	1969-12-31 23:59:59	Name: sid Value: YS6gTgWp23DUOpsSnwBhAn//amXUHMO/iUBnOF/7MTcM5ZFKxzO8zw==
.noscrublinks.com/	1970-01-21 10:04:22	Name: trk Value: cxFsLL7qcFSfHLhwlvAp+H//amXUHMO/iUBnOF/7MTcM5ZFKxzO8zw==
.app.logictree.co/	1970-01-21 00:29:48	Name: cep-v4 Value: XjH_l5VcndwhHeudnmqbMIj2nGGQUO2h6fc1KV41QUREAqe7afeGDX8U2Np46y6DiLiVGNhZKgQ99l9pbYQjiC4HmUB89pbNYahSNKPukzWTr_Y5ePrjg4C2Gmd49l_x0PGc7YD-5v0KfZbCCZrKRIqNBh1x0qOIzd21Sj_creitmbI2sSdb7sgKkfTbuPkwmboWs21a1yGVFNtMBTzJolU54G2XtcChRXax3lNVa8Iq0vWfQa5tqcs_qQ_9owhVD1ORKaEDg2coXOMhY1Sbea6ippOG72bKiGUA9HaRJ-7YvGzd0DskvXYebe0zZXWpA562iAvXB0T_vdQX_jBJmckGlWjyRNMj-H6-hZ3PpMYDz42-nyt2wpQfkBL3ablCbRrlifAsMIb2oNdWosHWihbD87bLCsN3cFFdMtPwCqSrzHe0e0dChc1csUe5u1S4
secure.aiprocessonline.xyz/	1970-01-21 00:29:48	Name: vl-cep Value: cep=mCf4KvbHk3phXX7LXgOCi2x1SrbLgaFDLH3FNL_uIXxu2dblh0o1agt2Jddqpd6zehrlQpXgtwxT-87w3TB3r75MNMizRhEsHZ_A9EV3N3eO8Hyeh0QACtlQ7jtS0n4O42Mwh-BPWY4b8l9rsd2AMS4aeRbLJXSx2YLzFsKkAYbu9E5QxNsdcJIQSNb52NzpC7opzrxuy0jY4MCK9kfeCMstMEwzzN1ao824JTX67dTmiQx8oRtVuEbh4rrW53iPRiEFMQP-za680dBsUYaZ7XxDPXKcnXKFPmpV82IGZTpjiWn1eQc-8q2SoJx3SXB12M8gM-zLUsaG6T6FQUwOjOFotzUAa2pXEH63-FTAYuC21xML0chxCu0xA2lL_ahC32ZXeYo2fp8XLdhuW3NXNQIgAnNpSz5FzuDVYsz_NtqhwhrF5jf-xAVKPIOZK7mq
.app.logictree.co/	1970-01-21 09:13:58	Name: cc-v4 Value: Z0FvNI20hZUV0RAW%2Fs0%2BBoIzuAZ3yscYO3T%2BSZVk3sBsx9gbM%2FQkJFdrMwKa3DVdyGGLb31u%2FebvDrI0NCo%2BAi2PZtl%2BV1Io6CRTxlOdo2YbPLt%2Fgn%2BmPYO0L%2Fgvft7yJQbbG%2FgN1B7gY6%2FmUekMGg%3D%3D
.app.logictree.co/	1970-01-21 00:29:48	Name: f1091213-049f-49d7-965d-8c05dd6c61f1-clk-v4 Value: f1091213-049f-49d7-965d-8c05dd6c61f1
.app.logictree.co/	1970-01-21 00:29:48	Name: f1091213-049f-49d7-965d-8c05dd6c61f1-v4 Value: 5IsVv8fEoZVs3mHFqEQCuhq1fCHSR_bPxclQW-Rm_K8
.znqroot.com/	1969-12-31 23:59:59	Name: sid Value: YS6gTgWp23DUOpsSnwBhAn//amXUHMO/+prwV8XmRg/Opvcw6OcRzA==
.znqroot.com/	1970-01-21 10:04:22	Name: trk Value: cxFsLL7qcFSfHLhwlvAp+H//amXUHMO/+prwV8XmRg/Opvcw6OcRzA==
.znqroot.com/	1970-01-21 00:31:15	Name: c33279 Value: YS6gTgWp23A1ZUqGN/xUXuJrmFH70P1SvJw511iDRS9zRBJ83DePZQ==
.us-bg-cash.lpus.beyondgiveaways.com/	1970-01-21 00:28:24	Name: __cf_bm Value: HkCJAu53z4wiPlP12M3aTQjFoRMRUDDcuYFD15iq3uk-1729702591-1.0.1.1-eef42HEyDzQIBDxRzTaHTIrMjjPaniKfw_D11HCc_6_sn.Ewx2RM5KDHzoXC7tbyxvfcbD9Fb.scQt4Z_4RZWA

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://secure.aiprocessonline.xyz/lp/load/1b/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0901D0094110000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://secure.aiprocessonline.xyz/lp/load/1b/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0C05D0894110000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://secure.aiprocessonline.xyz/lp/load/1b/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0F05D0894110000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://secure.aiprocessonline.xyz/lp/load/1b/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0505E0894110000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://secure.aiprocessonline.xyz/lp/load/1b/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0205E0894110000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

affslinksfirst.com
ajax.googleapis.com
api.pushnami.com
api.trustedform.com
apidata.info
app.logictree.co
cdn.pushnami.com
create.lidstatic.com
fonts.googleapis.com
im.us-imageo.com
link2offer.co
lpapi.d-promo.com
noscrublinks.com
p.t71.me
psp.pushnami.com
secure.aiprocessonline.xyz
us-bg-cash.lpus.beyondgiveaways.com
znqroot.com
affslinksfirst.com
api.trustedform.com
create.lidstatic.com
im.us-imageo.com
lpapi.d-promo.com
us-bg-cash.lpus.beyondgiveaways.com
104.21.55.147
104.21.59.242
104.21.73.192
13.249.91.120
142.250.190.106
142.251.32.74
172.66.0.96
18.164.124.33
18.164.124.56
3.213.207.248
52.211.8.148
52.85.61.70
0d1cbbcd5fa98ac7e076b1b2ae962846cc73356efdb61f10d915e23f77756814
19a40dd78eead1d31bc9400854687c587c6f622911d3dbb2ac70d19625efae60
1ead2f54c01b29c9d3d6b4acab2c45e779af0698742c776b8ccc18be82882002
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2f02f38a92903a74aff3d45e16895c39a63a533aea698c41cf69ce89fa7d2ce5
3a804e66bcfffb35093add9366bd520517406af41ff2542496ad29e97ee313ff
3ad6bbfa96aa5a10e94f05d4cad856e2dab931e53e079c962f565d8251a90c21
4dcddf984edd92de279ac3e6d1ee20f0388b4536d8501760bbc99b265a80825d
4e24c5ffbef0c1a864af8454cc95ffcb4d406324b4ddca1a6ebfc05e66c2883c
684f9cdb9391d09c6772987eb3046dcd47223e1b50b608778048feafc70a1c0b
6bd9ef960f284a0987acb1bf0c3923388978922abf60704cb40c008ddbfaf1a3
6d4280da8ac9ba452dc92a55a7837e5c13e74f2e91da85cf9b88e2e2cf057c43
77ab64cceae5115ff453740351c36a92b4c72d02e4e5f40d4eba4f8259a7ac7c
78ec6fb90696be9a847580501ec42909638107b35ff31f3780b24499a2fefa83
7d2f212eb47b66741f04c68dada48111355113c779750b92ee732029af1c5e9f
7d74bdd6d4a41d352668bd82d267ab63420ecf7e805d0bc55ed885bb26789b72
7f5c54fff4c6f6e562b600fd223a35ad8b762f89b79f0267cc3cb3d4cd543166
95aafbb535384855a5580422e00bdd770bb6e50983807d10c351a42b50d6ef8f
a13a0af892f283e422697ebc2c5c84b6ab173989701ef72329ebd6af59e93685
a7a5ac9d1fb9e82e28bc45c4c6679978dffcebb48005912ed948342cba2080e9
b41d7402cbdab32acba31cfdd479730c74b7527fa7c881b0486098bd1a895607
b64828207d3245843ca93c287bc80f9e3d381702c10f28f27583d5611cd2dc8d
c8fea6f304ebb217463b28e140d2fd41a0f50f06186fc6dfd853534af2e57237
d36e0b2c22cdd894cc75c675a077b3da89a4e0c64e5a04376f088abe6468a531
f59a0643be02779db9902e4db88d29594be31f7a307ca0a873ef371c39728b4f
fa8d990b9e0d70897cc3d8ce6fdae8d66fae803a9679b8378f35e3c767eb760b
fff0bdb3f70b85b820a949503a24610fb007cf4582f1e67f4835a14de511d50f

us-bg-cash.lpus.beyondgiveaways.com Open in urlscan Pro 172.66.0.96 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

67 %HTTPS

0 %IPv6

15 Domains

18 Subdomains

12 IPs

3 Countries

882 kBTransfer

2039 kBSize

11 Cookies

0 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

us-bg-cash.lpus.beyondgiveaways.com Open in urlscan Pro
172.66.0.96 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

67 %
HTTPS

0 %
IPv6

15
Domains

18
Subdomains

12
IPs

3
Countries

882 kB
Transfer

2039 kB
Size

11
Cookies

51 HTTP transactions
0 data transactions