Submitted URL: https://ca-cardpay.lpca.ohyousweeps.com/#/?reqid=2322578439&oid=26216&a=3075&cid=609871&s1=470588
Effective URL: https://ca-cardpay.lpca.ohyousweeps.com/
Submission Tags: @phish_report
Submission: On September 23 via api from FI — Scanned from FI

Summary

This website contacted 10 IPs in 5 countries across 10 domains to perform 56 HTTP transactions. The main IP is 2606:4700:7::60, located in United States and belongs to CLOUDFLARENET, US. The main domain is ca-cardpay.lpca.ohyousweeps.com.
TLS certificate: Issued by WE1 on August 19th 2024. Valid for: 3 months.
This is the only time ca-cardpay.lpca.ohyousweeps.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
30 2606:4700:7::60 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
8 188.114.96.3 13335 (CLOUDFLAR...)
1 34.243.217.56 16509 (AMAZON-02)
1 4 3.222.94.220 14618 (AMAZON-AES)
2 2600:9000:223... 16509 (AMAZON-02)
1 172.67.181.103 13335 (CLOUDFLAR...)
9 139.45.197.253 9002 (RETN-AS)
1 172.67.190.205 13335 (CLOUDFLAR...)
56 10
Apex Domain
Subdomains
Transfer
30 ohyousweeps.com
ca-cardpay.lpca.ohyousweeps.com
533 KB
9 notix.io
notix.io — Cisco Umbrella Rank: 33476
45 KB
6 trustedform.com
api.trustedform.com — Cisco Umbrella Rank: 24719
cdn.trustedform.com — Cisco Umbrella Rank: 28386
44 KB
5 trk-consulatu.com
trk-consulatu.com — Cisco Umbrella Rank: 163673
event.trk-consulatu.com — Cisco Umbrella Rank: 329009
3 KB
3 ld-genie.com
lpapi.ld-genie.com
14 KB
1 us-imageo.com
im.us-imageo.com
196 KB
1 eu-imageo.com
im.eu-imageo.com
187 KB
1 affslinksfirst.com
affslinksfirst.com
237 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32
964 B
0 Failed
function sub() { [native code] }. Failed
56 10
Domain Requested by
30 ca-cardpay.lpca.ohyousweeps.com ca-cardpay.lpca.ohyousweeps.com
9 notix.io ca-cardpay.lpca.ohyousweeps.com
notix.io
4 event.trk-consulatu.com trk-consulatu.com
4 api.trustedform.com 1 redirects api.trustedform.com
cdn.trustedform.com
3 lpapi.ld-genie.com ca-cardpay.lpca.ohyousweeps.com
2 cdn.trustedform.com api.trustedform.com
1 trk-consulatu.com ca-cardpay.lpca.ohyousweeps.com
1 im.us-imageo.com
1 im.eu-imageo.com
1 affslinksfirst.com ca-cardpay.lpca.ohyousweeps.com
1 fonts.googleapis.com ca-cardpay.lpca.ohyousweeps.com
0 truncated Failed
56 12

This site contains links to these domains. Also see Links.

Domain
ohyousweeps.com
Subject Issuer Validity Valid
lpca.ohyousweeps.com
WE1
2024-08-19 -
2024-11-17
3 months crt.sh
upload.video.google.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
ld-genie.com
WE1
2024-09-03 -
2024-12-02
3 months crt.sh
*.affslinksfirst.com
GlobalSign GCC R6 AlphaSSL CA 2023
2024-02-15 -
2025-03-18
a year crt.sh
eu-imageo.com
WE1
2024-09-03 -
2024-12-02
3 months crt.sh
notix.io
E5
2024-08-31 -
2024-11-29
3 months crt.sh
us-imageo.com
WE1
2024-09-03 -
2024-12-02
3 months crt.sh
trk-consulatu.com
WE1
2024-08-18 -
2024-11-16
3 months crt.sh
*.trustedform.com
Amazon RSA 2048 M02
2024-07-10 -
2025-08-06
a year crt.sh
cdn.trustedform.com
Amazon RSA 2048 M03
2024-02-13 -
2025-03-13
a year crt.sh

This page contains 1 frames:

Primary Page: https://ca-cardpay.lpca.ohyousweeps.com/
Frame ID: C9F8C13B98C76A9A89ED19441DE76509
Requests: 51 HTTP requests in this frame

Screenshot

Page Title


Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

56
Requests

98 %
HTTPS

33 %
IPv6

10
Domains

12
Subdomains

10
IPs

5
Countries

1023 kB
Transfer

2356 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17271202593980.10553657896919688&invert_field_sensitivity=false HTTP 301
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17271202593980.10553657896919688&invert_field_sensitivity=false

56 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ca-cardpay.lpca.ohyousweeps.com/
53 KB
10 KB
Document
General
Full URL
https://ca-cardpay.lpca.ohyousweeps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
d355bf5098d399e1defef1538748b55e58583a6242e4648d930d484447aee2a2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
s-maxage=3600, stale-while-revalidate
cf-cache-status
MISS
cf-ray
8c7cfd8d1db356a4-OSL
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 23 Sep 2024 19:37:38 GMT
server
cloudflare
vary
Accept-Encoding
x-do-app-origin
81b1c52e-11dc-4896-be93-6fb0d48ae8c0
x-do-orig-status
200
x-nextjs-cache
HIT
x-powered-by
Next.js
1324116117031259.css
ca-cardpay.lpca.ohyousweeps.com/_next/static/css/
119 KB
21 KB
Stylesheet
General
Full URL
https://ca-cardpay.lpca.ohyousweeps.com/_next/static/css/1324116117031259.css
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7feed42f6d072bebc3791034e87191857c77a12237d42a46b3ccd62f68e134bc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
MISS
etag
W/"1dda3-49773873e8"
x-do-app-origin
81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray
8c7cfd903b8d56a4-OSL
date
Mon, 23 Sep 2024 19:37:38 GMT
content-type
text/css; charset=UTF-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
webpack-09738fa05af399f5.js
ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/
6 KB
3 KB
Script
General
Full URL
https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/webpack-09738fa05af399f5.js
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2a51bee0fed4b842c95c7bdfea50a8fe43efa8a07adadfb4c4a112b466c56c4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
MISS
etag
W/"1937-49773873e8"
x-do-app-origin
81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray
8c7cfd903b9256a4-OSL
date
Mon, 23 Sep 2024 19:37:38 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
framework-92a422f151f77ddb.js
ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/
138 KB
44 KB
Script
General
Full URL
https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/framework-92a422f151f77ddb.js
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c085969288e366f115fd6ba1c93ce5c3ffecb65f6298a770385e192872f96252

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
MISS
etag
W/"226b9-49773873e8"
x-do-app-origin
81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray
8c7cfd905be956a4-OSL
date
Mon, 23 Sep 2024 19:37:39 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
main-3ddcad86c0b8c094.js
ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/
124 KB
36 KB
Script
General
Full URL
https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/main-3ddcad86c0b8c094.js
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bca92b278d68953e3f3e9bd23b31caabd8f3286f2ffc6c72239db68b7e02377

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
MISS
etag
W/"1ee6b-49773873e8"
x-do-app-origin
81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray
8c7cfd905bed56a4-OSL
date
Mon, 23 Sep 2024 19:37:39 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
_app-ae7b956fa38ba3ea.js
ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/pages/
301 KB
87 KB
Script
General
Full URL
https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/pages/_app-ae7b956fa38ba3ea.js
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f076ce7baaabd01b8ff5952665ab35c3674ddc59084ec9c84c576d100f9ff22

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
MISS
etag
W/"4b331-49773873e8"
x-do-app-origin
81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray
8c7cfd905bf056a4-OSL
date
Mon, 23 Sep 2024 19:37:39 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
b637e9a5-445986cafd87aa11.js
ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/
85 KB
30 KB
Script
General
Full URL
https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/b637e9a5-445986cafd87aa11.js
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f8286214f7f23287908ec2c6da7f8ea5ed67fef0bd3a7d70eead2411033b8dd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
MISS
etag
W/"152b1-49773873e8"
x-do-app-origin
81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray
8c7cfd905bf356a4-OSL
date
Mon, 23 Sep 2024 19:37:39 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
4870-ffe4bae46444420d.js
ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/
357 KB
113 KB
Script
General
Full URL
https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/4870-ffe4bae46444420d.js
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
808eb1aa1ec1ee07e101b17e80454b47790ca3ad7079a19bf31edd6152fea2f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
MISS
etag
W/"59508-49773873e8"
x-do-app-origin
81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray
8c7cfd905bf556a4-OSL
date
Mon, 23 Sep 2024 19:37:39 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
%5Blandingpage%5D-802d3f49eafcd77c.js
ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/pages/landingpages/
98 KB
22 KB
Script
General
Full URL
https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/pages/landingpages/%5Blandingpage%5D-802d3f49eafcd77c.js
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45db4da4fe9af410c4c9826065a57eb574aa039703fe425416e0e7ea5feb7b5f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
MISS
etag
W/"18618-49773873e8"
x-do-app-origin
81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray
8c7cfd905bf856a4-OSL
date
Mon, 23 Sep 2024 19:37:39 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
_buildManifest.js
ca-cardpay.lpca.ohyousweeps.com/_next/static/i8raJ4wkVkwnQ6R-ga4ZZ/
649 B
420 B
Script
General
Full URL
https://ca-cardpay.lpca.ohyousweeps.com/_next/static/i8raJ4wkVkwnQ6R-ga4ZZ/_buildManifest.js
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ebb08575dcb473717e8e8ce6ee02fa4bd92ca7f781859847b4a104337f8194a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
br
cf-cache-status
MISS
etag
W/"289-49773873e8"
x-do-app-origin
81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray
8c7cfd905bfa56a4-OSL
date
Mon, 23 Sep 2024 19:37:38 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
_ssgManifest.js
ca-cardpay.lpca.ohyousweeps.com/_next/static/i8raJ4wkVkwnQ6R-ga4ZZ/
119 B
152 B
Script
General
Full URL
https://ca-cardpay.lpca.ohyousweeps.com/_next/static/i8raJ4wkVkwnQ6R-ga4ZZ/_ssgManifest.js
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d74bdd6d4a41d352668bd82d267ab63420ecf7e805d0bc55ed885bb26789b72

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
br
cf-cache-status
MISS
etag
W/"77-49773873e8"
x-do-app-origin
81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray
8c7cfd905bfd56a4-OSL
date
Mon, 23 Sep 2024 19:37:39 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
css
fonts.googleapis.com/
2 KB
964 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oswald
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/_next/static/css/1324116117031259.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f90de736f6ff83da489522cee313c012ce3309322e062293f92680c64489f151
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 23 Sep 2024 19:37:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Sep 2024 19:37:39 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 23 Sep 2024 18:57:10 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
cb1608f2.4b67b4d74d78a099.js
ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/
4 KB
2 KB
Script
General
Full URL
https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/cb1608f2.4b67b4d74d78a099.js
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/webpack-09738fa05af399f5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ccf543350d6a4c5910bb8557058274fc37430426790eef4df9c1bf9aea667cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
MISS
etag
W/"f1f-49773873e8"
x-do-app-origin
81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray
8c7cfd953de356a4-OSL
date
Mon, 23 Sep 2024 19:37:39 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
2814.600547a8c4b34b37.js
ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/
42 KB
14 KB
Script
General
Full URL
https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/2814.600547a8c4b34b37.js
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/webpack-09738fa05af399f5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1ab66a7491b6307e5fdc14fbd5b0de4ecac697c38c3ef15ff140b976dc00720

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
MISS
etag
W/"a81a-49773873e8"
x-do-app-origin
81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray
8c7cfd953de756a4-OSL
date
Mon, 23 Sep 2024 19:37:39 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
ffcceef0bdb89207.css
ca-cardpay.lpca.ohyousweeps.com/_next/static/css/
1 KB
524 B
Stylesheet
General
Full URL
https://ca-cardpay.lpca.ohyousweeps.com/_next/static/css/ffcceef0bdb89207.css
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/webpack-09738fa05af399f5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb9f4f94a17e3726e2a7feaa2d2bff01b52a814ef269f8bea7c051e602efe3b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
MISS
etag
W/"5e4-49773873e8"
x-do-app-origin
81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray
8c7cfd953de956a4-OSL
date
Mon, 23 Sep 2024 19:37:39 GMT
content-type
text/css; charset=UTF-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
4847.9930c1c407d88f3d.js
ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/
13 KB
4 KB
Script
General
Full URL
https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/4847.9930c1c407d88f3d.js
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/webpack-09738fa05af399f5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3488684854def9eff19939300836cbd81c8e6cba1d0d94f5498a2c47c53dfb0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
MISS
etag
W/"34e8-49773873e8"
x-do-app-origin
81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray
8c7cfd953dea56a4-OSL
date
Mon, 23 Sep 2024 19:37:39 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
/
lpapi.ld-genie.com/survey/getSurveyData/72_questions.json/
6 KB
2 KB
XHR
General
Full URL
https://lpapi.ld-genie.com/survey/getSurveyData/72_questions.json/
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/pages/_app-ae7b956fa38ba3ea.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.28
Resource Hash
3801feb04cedb11eb5e195c922aa930a2be5c31a2b747c25ec74dbd58b72910f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8gjuOm4qNIBZYsZ7xcWyOyH%2BBhae%2FRiS%2B7eds8kiNw1Pi7RxDD1AyMiJMUPRTYAybAjGLBy3pQ6VdTNyZQCtLA3zNc8XM%2BiMGesni6E6ru4frPeDVcm%2BhFlnkT%2Fb13b4QJJ4Fvo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7cfd960ecb0a65-AMS
access-control-allow-origin
https://ca-cardpay.lpca.ohyousweeps.com
date
Mon, 23 Sep 2024 19:37:39 GMT
content-type
application/javascript
x-powered-by
PHP/7.4.28
server
cloudflare
/
lpapi.ld-genie.com/survey/getSurveyData/72_ads.json/
185 KB
10 KB
XHR
General
Full URL
https://lpapi.ld-genie.com/survey/getSurveyData/72_ads.json/
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/pages/_app-ae7b956fa38ba3ea.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.28
Resource Hash
d58a3c4956ba6797ec6d8d0f24c5090aeeb3245141f79111a6a6be7d06a6c784

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kEwks3HZHuEqh4ebDKXPHvwcMx22CHlBeyfQqy%2BELKLnaI%2BDc3mBVz95K0x9rhoRlUHv5YmnEqUtCJMsyJkz5nYSj%2BuS7vnntfVKhxOeJw5DVn5eLEk%2FB0iAG2wW4vNbj%2BbZu7c%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7cfd960ecd0a65-AMS
access-control-allow-origin
https://ca-cardpay.lpca.ohyousweeps.com
date
Mon, 23 Sep 2024 19:37:39 GMT
content-type
application/javascript
x-powered-by
PHP/7.4.28
server
cloudflare
/
lpapi.ld-genie.com/survey/getSurveyData/72_cosponsors.json/
9 KB
2 KB
XHR
General
Full URL
https://lpapi.ld-genie.com/survey/getSurveyData/72_cosponsors.json/
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/pages/_app-ae7b956fa38ba3ea.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.28
Resource Hash
99dfbb3235dbc42d4ca49476af408e41e395d348b8f16dc4e7534ed01cd46324

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BjEgxJtfVSgPMYFk63WbKTzdg6%2BihAr4N7GWKFHZ8oerS%2BczjKJXGQ82tqwGnd1yzhFlHCO8Kw3g%2B1UEr9ep3r7V%2FcIrm134jV0hVX6KH5QF0H8RJfLFN78zQhW972BFZvqkehQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7cfd960ed00a65-AMS
access-control-allow-origin
https://ca-cardpay.lpca.ohyousweeps.com
date
Mon, 23 Sep 2024 19:37:39 GMT
content-type
application/javascript
x-powered-by
PHP/7.4.28
server
cloudflare
p.ashx
affslinksfirst.com/
2 B
237 B
Fetch
General
Full URL
https://affslinksfirst.com/p.ashx?o=26216&en=evt01&t=2322578439&r=2322578439
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/pages/_app-ae7b956fa38ba3ea.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.243.217.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-217-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6a4b804705e725b9f4fd4adf6500180b54cc5ddefed460e48d1be724fed155d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

Cache-Control
private
Content-Length
2
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Mon, 23 Sep 2024 19:37:39 GMT
Content-Type
text/plain; charset=utf-8
Connection
close
undefined
ca-cardpay.lpca.ohyousweeps.com/
2 KB
884 B
Other
General
Full URL
https://ca-cardpay.lpca.ohyousweeps.com/undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
1bf9f7f24b683c3a0776fc83901bb21ab9b7264aae509548b5e4976e589ac7c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
cf-cache-status
MISS
x-do-app-origin
81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray
8c7cfd955e1756a4-OSL
date
Mon, 23 Sep 2024 19:37:39 GMT
content-type
text/html; charset=utf-8
x-powered-by
Next.js
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
404
notix.js
ca-cardpay.lpca.ohyousweeps.com/scripts/
257 B
261 B
Script
General
Full URL
https://ca-cardpay.lpca.ohyousweeps.com/scripts/notix.js
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/main-3ddcad86c0b8c094.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec17709236c10eb00355ac73cbcac28ee3bb80d13fba70f817fcd14c4afeea10

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

cache-control
public, max-age=0
content-encoding
br
cf-cache-status
MISS
etag
W/"101-49773873e8"
x-do-app-origin
81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray
8c7cfd956e2256a4-OSL
date
Mon, 23 Sep 2024 19:37:39 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
bootstrap.js
cdn.trustedform.com/
Redirect Chain
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17271202593980.10553657896919688&invert_field_sensitivity=false
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17271202593980.10553657896919688&invert_field_sensitivity=false
16 KB
6 KB
Script
General
Full URL
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17271202593980.10553657896919688&invert_field_sensitivity=false
Protocol
H2
Server
2600:9000:223d:a800:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0eb8b05089b753663acfc4e99d629a52b3e24820fc15278ffe083096d2d56f09

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

x-amz-cf-pop
FRA56-P3
content-encoding
gzip
x-amz-version-id
Zi0t0xxZO4o3vJw_BYLnfUU1uwFoytrz
etag
W/"b3bc785786206e7500d411bc5be1ffa5"
via
1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
gc7QIrbjeAafcfvyS1FS4ptegIkdXwU3zIlgbwFz-7l6gC0gPAGM1w==
date
Mon, 23 Sep 2024 19:37:41 GMT
content-type
application/javascript
vary
Accept-Encoding
server
AmazonS3
last-modified
Mon, 23 Sep 2024 18:27:04 GMT

Redirect headers

location
https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17271202593980.10553657896919688&invert_field_sensitivity=false
content-length
134
date
Mon, 23 Sep 2024 19:37:39 GMT
content-type
text/html
server
awselb/2.0
1584360455_1583484802_paypal-holiday-webpng.png
im.eu-imageo.com/upload/
186 KB
187 KB
Other
General
Full URL
https://im.eu-imageo.com/upload/1584360455_1583484802_paypal-holiday-webpng.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.181.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53d526d4765114c9804ec8ce5de0e73ab32a6ccb5b4d08eff2946103b5f1e26d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"5e6f6c07-2e989"
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PeNBk%2BOhl76lREB%2F%2Bi0svqXkjRy6Jjt0MVE050d74wt7daeylAOrvOG5fvtqpP%2Bm00ktKZONL8n5MyhbHdYmMI7VUqg%2FQsUg587c5N9ufw9zapZMB75mDu07lY0xxmMCtyOL"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7cfd965db33ce1-CDG
accept-ranges
bytes
content-length
190857
date
Mon, 23 Sep 2024 19:37:39 GMT
content-type
image/png
last-modified
Mon, 16 Mar 2020 12:07:35 GMT
vary
Accept-Encoding
server
cloudflare
notifyAI.js
ca-cardpay.lpca.ohyousweeps.com/scripts/
532 B
334 B
Script
General
Full URL
https://ca-cardpay.lpca.ohyousweeps.com/scripts/notifyAI.js
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/main-3ddcad86c0b8c094.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1462e67150facc091d6b0373d7178e59ba1d4acae61fa402a9c49b9d5df03226

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

cache-control
public, max-age=0
content-encoding
br
cf-cache-status
MISS
etag
W/"214-49773873e8"
x-do-app-origin
81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray
8c7cfd956e3b56a4-OSL
date
Mon, 23 Sep 2024 19:37:39 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
enot.min.js
notix.io/ent/current/
142 KB
43 KB
Script
General
Full URL
https://notix.io/ent/current/enot.min.js
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/scripts/notix.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
6ccf4be26c7c79133eaf94c9c64a2ace27574e72d4c40c3c2011479cadca1f55

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

cache-control
no-cache
content-encoding
gzip
etag
W/"65f18b52-2380d"
pragma
no-cache
access-control-allow-credentials
true
date
Mon, 23 Sep 2024 19:37:40 GMT
content-type
application/javascript
last-modified
Wed, 13 Mar 2024 11:17:38 GMT
server
nginx
3641.3002d920b3ccc912.js
ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/
3 KB
2 KB
Script
General
Full URL
https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/3641.3002d920b3ccc912.js
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/webpack-09738fa05af399f5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91eeb2d7da31803a9ff81305b22748f382cfcdd99421c3cde30ba24b345dca43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
MISS
etag
W/"bfe-49773873e8"
x-do-app-origin
81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray
8c7cfd982b8256a4-OSL
date
Mon, 23 Sep 2024 19:37:40 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
6384.f47c613343806cd1.js
ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/
4 KB
2 KB
Script
General
Full URL
https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/6384.f47c613343806cd1.js
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/webpack-09738fa05af399f5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbff486932a0e42ec11d9519a14afede7325e6f9b2f51a6fbbbf225f8a69df5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
MISS
etag
W/"1167-49773873e8"
x-do-app-origin
81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray
8c7cfd982b8956a4-OSL
date
Mon, 23 Sep 2024 19:37:40 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
3426.66dbf3454cd11140.js
ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/
8 KB
3 KB
Script
General
Full URL
https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/3426.66dbf3454cd11140.js
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/webpack-09738fa05af399f5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fd3a3c48555251af8b29729fcbce9415e2b241be2b89f4519c89691ca103c62

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
MISS
etag
W/"1f1d-49773873e8"
x-do-app-origin
81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray
8c7cfd982b8b56a4-OSL
date
Mon, 23 Sep 2024 19:37:40 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
8910.1c12a8327253c4fe.js
ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/
1 KB
764 B
Script
General
Full URL
https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/8910.1c12a8327253c4fe.js
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/webpack-09738fa05af399f5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
960e80aa227e5e4de9d45cd3e22e8197d5d11fc00ddec34116a94cbc0db98aef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
MISS
etag
W/"48c-49773873e8"
x-do-app-origin
81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray
8c7cfd982b8c56a4-OSL
date
Mon, 23 Sep 2024 19:37:40 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
image
ca-cardpay.lpca.ohyousweeps.com/_next/
15 KB
15 KB
Image
General
Full URL
https://ca-cardpay.lpca.ohyousweeps.com/_next/image?url=https%3A%2F%2Fim.us-imageo.com%2Fupload%2F1561383747_yellow-banner-en.png&w=640&q=100
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/main-3ddcad86c0b8c094.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a53eef8a03ab984b8fbe27f5c85bd0da27c5ab7617d4e1adce24e1bf312710e0
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
cache-control
public, max-age=14400, must-revalidate
cf-cache-status
MISS
etag
pT7vigOrmEuPvif1yFvQ2ifFq3YX1OGtziThvzEnEOA=
x-do-app-origin
81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray
8c7cfd982b9456a4-OSL
accept-ranges
bytes
content-length
15320
x-nextjs-cache
HIT
date
Mon, 23 Sep 2024 19:37:40 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
server
cloudflare
content-disposition
inline; filename="1561383747_yellow-banner-en.webp"
x-do-orig-status
200
image
ca-cardpay.lpca.ohyousweeps.com/_next/
84 KB
84 KB
Image
General
Full URL
https://ca-cardpay.lpca.ohyousweeps.com/_next/image?url=https%3A%2F%2Fim.eu-imageo.com%2Fupload%2F1584360455_1583484802_paypal-holiday-webpng.png&w=640&q=100
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/main-3ddcad86c0b8c094.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8065bcc31e0491a3a728904ff69e4ed75eed93483d2cd9c36ff2a0b37faada7
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
cache-control
public, max-age=14400, must-revalidate
cf-cache-status
MISS
etag
yAZbzDHgSRo6cokE-2nk7XXu2TSD0s2cNv8qCzf6rac=
x-do-app-origin
81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray
8c7cfd982b9556a4-OSL
accept-ranges
bytes
content-length
85862
x-nextjs-cache
HIT
date
Mon, 23 Sep 2024 19:37:40 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
server
cloudflare
content-disposition
inline; filename="1584360455_1583484802_paypal-holiday-webpng.webp"
x-do-orig-status
200
1583482261_bg.jpg
im.us-imageo.com/upload/
195 KB
196 KB
Image
General
Full URL
https://im.us-imageo.com/upload/1583482261_bg.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b232b609c16039c22bb497ea4d5a98ace3f88aaad7d137897f3487853fdb7aae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"5e620595-30d60"
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GeLRN%2Bbux1JFGaASGOyTxMp6gNH7fA1xehLFROJMmgkgxfON8xvMMdNCQ9ojovdbKU3qIDa%2BnkEoNzu7sNHq6Q9ekEH5s2ugtqzdq3OLlQiBjt04%2FNJU3D%2FFW3ekfulFWcKu"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7cfd9908e9d593-AMS
accept-ranges
bytes
content-length
200032
date
Mon, 23 Sep 2024 19:37:40 GMT
content-type
image/jpeg
last-modified
Fri, 06 Mar 2020 08:11:01 GMT
vary
Accept-Encoding
server
cloudflare
eafabf029ad39a43-s.p.woff2
ca-cardpay.lpca.ohyousweeps.com/_next/static/media/
8 KB
8 KB
Font
General
Full URL
https://ca-cardpay.lpca.ohyousweeps.com/_next/static/media/eafabf029ad39a43-s.p.woff2
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/_next/static/css/ffcceef0bdb89207.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dc5d0c52428fe1696264907a1054ebbaac07f8cbe45832c105f819c2ae397c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ca-cardpay.lpca.ohyousweeps.com
Referer
https://ca-cardpay.lpca.ohyousweeps.com/_next/static/css/ffcceef0bdb89207.css

Response headers

cache-control
public, max-age=31536000, immutable
cf-cache-status
MISS
etag
W/"1edc-49773873e8"
x-do-app-origin
81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray
8c7cfd983ba256a4-OSL
accept-ranges
bytes
content-length
7900
date
Mon, 23 Sep 2024 19:37:40 GMT
content-type
font/woff2
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
z0grz0mex9
trk-consulatu.com/scripts/push/script/
8 KB
3 KB
Script
General
Full URL
https://trk-consulatu.com/scripts/push/script/z0grz0mex9?url=ca-cardpay.lpca.ohyousweeps.com&alturl=/
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/scripts/notifyAI.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
577a4876a1a082f0b8d6fe9805b002693c159e8ccc669b7d68a472cba87784bb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hJGlSEEhAObcjlVfDtbUDkOm6e0bShdaFtEFt0LQzZ304A20IRzQm0mkl80Drtq0cgwj5oltqZ%2F4ijaHljENVeuR8fV8IGz9EpG3wfUpWpGSCrXjl2WcJ5nBtnct00BFYbNlXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
0
date
Mon, 23 Sep 2024 19:37:40 GMT
content-type
application/javascript;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified
Mon, 23 Sep 2024 19:37:40 GMT
x-frame-options
SAMEORIGIN
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
cache-control
max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
cf-ray
8c7cfd9a8ea0d379-FRA
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
accept-ranges
bytes
content-length
2520
x-xss-protection
1; mode=block
server
cloudflare
7569.1c434c9359f1adb0.js
ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/
13 KB
4 KB
Script
General
Full URL
https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/7569.1c434c9359f1adb0.js
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/webpack-09738fa05af399f5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6016e72c7fd3108e77f24a968fc064b2454f6c6f7224f0da62975afae4505a22

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
MISS
etag
W/"34c1-49773873e8"
x-do-app-origin
81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray
8c7cfd9a7fcc56a4-OSL
date
Mon, 23 Sep 2024 19:37:40 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
2273.cbba0084c0ea59ed.js
ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/
4 KB
2 KB
Script
General
Full URL
https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/2273.cbba0084c0ea59ed.js
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/webpack-09738fa05af399f5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5af5436cf0a978437797ebd55a1d8a1534e33b9ad6abc587a53f87738e2c74d0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
MISS
etag
W/"1103-49773873e8"
x-do-app-origin
81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray
8c7cfd9a7fd056a4-OSL
date
Mon, 23 Sep 2024 19:37:40 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
image
ca-cardpay.lpca.ohyousweeps.com/_next/
15 KB
15 KB
Image
General
Full URL
https://ca-cardpay.lpca.ohyousweeps.com/_next/image?url=https%3A%2F%2Fim.us-imageo.com%2Fupload%2F1561383747_yellow-banner-en.png&w=1920&q=100
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/_next/static/chunks/main-3ddcad86c0b8c094.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a53eef8a03ab984b8fbe27f5c85bd0da27c5ab7617d4e1adce24e1bf312710e0
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
cache-control
public, max-age=14400, must-revalidate
cf-cache-status
MISS
etag
pT7vigOrmEuPvif1yFvQ2ifFq3YX1OGtziThvzEnEOA=
x-do-app-origin
81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray
8c7cfd9a7fd256a4-OSL
accept-ranges
bytes
content-length
15320
x-nextjs-cache
STALE
date
Mon, 23 Sep 2024 19:37:40 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
server
cloudflare
content-disposition
inline; filename="1561383747_yellow-banner-en.webp"
x-do-orig-status
200
settings
notix.io/
106 B
371 B
Fetch
General
Full URL
https://notix.io/settings?appId=1004e05c0628e2395124a3dabc0d9c0&ver=0.16.4
Requested by
Host: notix.io
URL: https://notix.io/ent/current/enot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
521afc73611a7d8a747dd3690f24d7277d30a51618ebe5faec2ca64a0bfea103
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

strict-transport-security
max-age=1
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://ca-cardpay.lpca.ohyousweeps.com
content-length
106
date
Mon, 23 Sep 2024 19:37:40 GMT
content-type
application/json; charset=utf-8
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
event
notix.io/
15 B
279 B
Ping
General
Full URL
https://notix.io/event
Requested by
Host: notix.io
URL: https://notix.io/ent/current/enot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

strict-transport-security
max-age=1
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://ca-cardpay.lpca.ohyousweeps.com
content-length
15
date
Mon, 23 Sep 2024 19:37:40 GMT
content-type
application/json; charset=utf-8
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
event
notix.io/
0
0
Preflight
General
Full URL
https://notix.io/event
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ca-cardpay.lpca.ohyousweeps.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ca-cardpay.lpca.ohyousweeps.com
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 23 Sep 2024 19:37:40 GMT
server
nginx
event
notix.io/
15 B
279 B
Ping
General
Full URL
https://notix.io/event
Requested by
Host: notix.io
URL: https://notix.io/ent/current/enot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

strict-transport-security
max-age=1
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://ca-cardpay.lpca.ohyousweeps.com
content-length
15
date
Mon, 23 Sep 2024 19:37:40 GMT
content-type
application/json; charset=utf-8
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
event
notix.io/
0
0
Preflight
General
Full URL
https://notix.io/event
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ca-cardpay.lpca.ohyousweeps.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ca-cardpay.lpca.ohyousweeps.com
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 23 Sep 2024 19:37:40 GMT
server
nginx
event
notix.io/
15 B
279 B
Ping
General
Full URL
https://notix.io/event
Requested by
Host: notix.io
URL: https://notix.io/ent/current/enot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

strict-transport-security
max-age=1
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://ca-cardpay.lpca.ohyousweeps.com
content-length
15
date
Mon, 23 Sep 2024 19:37:40 GMT
content-type
application/json; charset=utf-8
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
event
notix.io/
0
0
Preflight
General
Full URL
https://notix.io/event
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ca-cardpay.lpca.ohyousweeps.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ca-cardpay.lpca.ohyousweeps.com
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 23 Sep 2024 19:37:40 GMT
server
nginx
certs
api.trustedform.com/
474 B
685 B
XHR
General
Full URL
https://api.trustedform.com/certs
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17271202593980.10553657896919688&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.222.94.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-94-220.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
18ebf25689b6196c461a7061975f9b7ed0010e101c88461c2157a8f11d291562

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
474
date
Mon, 23 Sep 2024 19:37:40 GMT
content-type
application/json; charset=utf-8
server
Cowboy
b957ea75a84b6ea7-s.p.woff2
ca-cardpay.lpca.ohyousweeps.com/_next/static/media/
8 KB
8 KB
Font
General
Full URL
https://ca-cardpay.lpca.ohyousweeps.com/_next/static/media/b957ea75a84b6ea7-s.p.woff2
Requested by
Host: ca-cardpay.lpca.ohyousweeps.com
URL: https://ca-cardpay.lpca.ohyousweeps.com/_next/static/css/ffcceef0bdb89207.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
197a3cbd7290c242c5c765268cdd69a9a39867fdc80cd13071f243a81c56fb76

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ca-cardpay.lpca.ohyousweeps.com
Referer
https://ca-cardpay.lpca.ohyousweeps.com/_next/static/css/ffcceef0bdb89207.css

Response headers

cache-control
public, max-age=31536000, immutable
cf-cache-status
MISS
etag
W/"1ea8-49773873e8"
x-do-app-origin
81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray
8c7cfd9d1cfa56a4-OSL
accept-ranges
bytes
content-length
7848
date
Mon, 23 Sep 2024 19:37:41 GMT
content-type
font/woff2
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
image
ca-cardpay.lpca.ohyousweeps.com/_next/
158 B
314 B
Image
General
Full URL
https://ca-cardpay.lpca.ohyousweeps.com/_next/image?url=%2Fimages%2FgreaterThan.png&w=16&q=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c3894c673ada266451ff3b5cc75fae43cfa0f1e075a00ed4c09f53dfdfc8703
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
cache-control
public, max-age=60, must-revalidate
cf-cache-status
MISS
etag
XDiUxnOtomZFH-O1zHX65Dz6Dx4HWgDtTAn1Pf38hwM=
x-do-app-origin
81b1c52e-11dc-4896-be93-6fb0d48ae8c0
cf-ray
8c7cfd9d1d0156a4-OSL
accept-ranges
bytes
content-length
158
x-nextjs-cache
STALE
date
Mon, 23 Sep 2024 19:37:40 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
server
cloudflare
content-disposition
inline; filename="greaterThan.webp"
x-do-orig-status
200
trustedform-1.9.25.js
cdn.trustedform.com/
98 KB
37 KB
Script
General
Full URL
https://cdn.trustedform.com/trustedform-1.9.25.js
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17271202593980.10553657896919688&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:a800:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b3d5f1c0a62589e130e1df06260f2baddff459fee615183fe457009f097fa9bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

x-amz-cf-pop
FRA56-P3
content-encoding
gzip
x-amz-version-id
th1QTntZ0kkfxgBAyYad3OuQZtjnDdbF
etag
W/"e5efb6170f403c834bc84b1d77f73d94"
age
18
via
1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
IcZZli1UFJhGzk4uaYkyId3AmnmMwYVFJexLe2oev0qBrEyM8ZBsgw==
date
Mon, 23 Sep 2024 19:37:22 GMT
content-type
application/javascript
vary
Accept-Encoding
server
AmazonS3
last-modified
Mon, 23 Sep 2024 18:27:04 GMT
truncated
/
0
0

snapshot
api.trustedform.com/certs/20e81b0c9f6b768a1a8bd12ee4b808fc3d473ac6/
0
159 B
XHR
General
Full URL
https://api.trustedform.com/certs/20e81b0c9f6b768a1a8bd12ee4b808fc3d473ac6/snapshot
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.222.94.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-94-220.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

access-control-expose-headers
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
date
Mon, 23 Sep 2024 19:37:41 GMT
server
Cowboy
access-control-allow-credentials
true
fingerprints
api.trustedform.com/certs/20e81b0c9f6b768a1a8bd12ee4b808fc3d473ac6/
0
159 B
XHR
General
Full URL
https://api.trustedform.com/certs/20e81b0c9f6b768a1a8bd12ee4b808fc3d473ac6/fingerprints
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.222.94.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-94-220.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

access-control-expose-headers
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
date
Mon, 23 Sep 2024 19:37:41 GMT
server
Cowboy
access-control-allow-credentials
true
event
notix.io/
15 B
279 B
Ping
General
Full URL
https://notix.io/event
Requested by
Host: notix.io
URL: https://notix.io/ent/current/enot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

strict-transport-security
max-age=1
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://ca-cardpay.lpca.ohyousweeps.com
content-length
15
date
Mon, 23 Sep 2024 19:37:41 GMT
content-type
application/json; charset=utf-8
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
57dkwyrvdw
event.trk-consulatu.com/register/event_log/
0
0
Preflight
General
Full URL
https://event.trk-consulatu.com/register/event_log/57dkwyrvdw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ca-cardpay.lpca.ohyousweeps.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8c7cfda62c57655a-AMS
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Mon, 23 Sep 2024 19:37:42 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KzCdfN%2BB5UzFPUAB%2B6shATToAuEOrtY7rALuQG5PpqqJkPsiWOMd5krrpNX258GnqdnBbHerxtWzeEBgihj7LUZPBKlSZuAVQUlIo%2FU2my4ltpfwkNXv0zBbFyOeSX%2Be4BcUR4loFNgI0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
57dkwyrvdw
event.trk-consulatu.com/register/event_log/
0
0
Fetch
General
Full URL
https://event.trk-consulatu.com/register/event_log/57dkwyrvdw
Requested by
Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/z0grz0mex9?url=ca-cardpay.lpca.ohyousweeps.com&alturl=/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xC0zhB4aonabOJQJBBE2sbCc2eoSRpAl7aTrjQQ6xNJO%2BC8ipEO1c6ZcmaEedByQyYXA8AWKnZRFqBf9J%2B1AxhYQ6FW6wZz5yk2bmJVI14k4WMnCLg%2BbCvD5rD2vU8fTJ5JoX12LEveAyw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
0
alt-svc
h3=":443"; ma=86400
date
Mon, 23 Sep 2024 19:37:42 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
SAMEORIGIN
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
cache-control
no-cache, no-store, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
cf-ray
8c7cfda7def6655a-AMS
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
x-pushplatformapp-params
access-control-allow-origin
*
content-length
0
x-xss-protection
1; mode=block
server
cloudflare
57dkwyrvdw
event.trk-consulatu.com/register/event_log/
0
0
Preflight
General
Full URL
https://event.trk-consulatu.com/register/event_log/57dkwyrvdw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ca-cardpay.lpca.ohyousweeps.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8c7cfda62c56655a-AMS
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Mon, 23 Sep 2024 19:37:42 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nge538BAFvHAYqfhKtvsj5S2DymP7tl1DRHUrBOCJsQfVfQVc032kJ5oKflZUw2g7IE%2BoY8kpGangtcy4x1I2wXiW3DoD2l2g68P42Ii4B8HvgNNCyx%2FE8gVhqlg0KD%2FU7kV4Guuw%2Bctqg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
57dkwyrvdw
event.trk-consulatu.com/register/event_log/
0
0
Fetch
General
Full URL
https://event.trk-consulatu.com/register/event_log/57dkwyrvdw
Requested by
Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/z0grz0mex9?url=ca-cardpay.lpca.ohyousweeps.com&alturl=/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://ca-cardpay.lpca.ohyousweeps.com/

Response headers

access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jP8dHLRnwH%2FVp8QhFzTZ9nmQ7BOkMsX2mePFsp5aKsy6OaJXNxG9jEASUMd5Df8c4XDGBMZUitEF%2FA%2FnBzF5CsYwIw%2FmUERbS9n42eJn8Kb8jgMNQLrZHARje4aC%2BOsyzsypf0%2BAbcT2OQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
0
date
Mon, 23 Sep 2024 19:37:42 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
SAMEORIGIN
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
cache-control
no-cache, no-store, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
cf-ray
8c7cfda7def8655a-AMS
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
x-pushplatformapp-params
access-control-allow-origin
*
content-length
0
x-xss-protection
1; mode=block
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
truncated
URL
data:truncated

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunk_N_E function| __next_set_public_path__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| __NEXT_PRELOADREADY object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST object| s object| FontAwesomeConfig object| ___FONT_AWESOME___ object| a0_0xab7c function| a0_0x1665 object| zfgformats object| trustedForm function| trustedFormStartRecording function| trustedFormStopRecording function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore function| setAttributes object| regeneratorRuntime function| trustedFormNext

1 Cookies

Domain/Path Name / Value
.ca-cardpay.lpca.ohyousweeps.com/ Name: __cf_bm
Value: mD3Iz3l5qWXmD2vsJIFW1Z37z4v1Y0oaXcHmUUyjUNc-1727120260-1.0.1.1-JWQcgXqnWi3pqsOivR4HkfPacPBYyL7IKLhrvMBABMput_WhuMgPRnl8biuxZmVOY61vmWmHJGwPknHYRPJqhw

2 Console Messages

Source Level URL
Text
network error URL: https://ca-cardpay.lpca.ohyousweeps.com/undefined
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: https://ca-cardpay.lpca.ohyousweeps.com/#/?reqid=2322578439&oid=26216&a=3075&cid=609871&s1=470588
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

affslinksfirst.com
api.trustedform.com
ca-cardpay.lpca.ohyousweeps.com
cdn.trustedform.com
event.trk-consulatu.com
fonts.googleapis.com
im.eu-imageo.com
im.us-imageo.com
lpapi.ld-genie.com
notix.io
trk-consulatu.com
truncated
truncated
139.45.197.253
172.67.181.103
172.67.190.205
188.114.96.3
2600:9000:223d:a800:1c:7f1a:6680:93a1
2606:4700:7::60
2a00:1450:4001:80e::200a
3.222.94.220
34.243.217.56
0eb8b05089b753663acfc4e99d629a52b3e24820fc15278ffe083096d2d56f09
1462e67150facc091d6b0373d7178e59ba1d4acae61fa402a9c49b9d5df03226
18ebf25689b6196c461a7061975f9b7ed0010e101c88461c2157a8f11d291562
197a3cbd7290c242c5c765268cdd69a9a39867fdc80cd13071f243a81c56fb76
1bf9f7f24b683c3a0776fc83901bb21ab9b7264aae509548b5e4976e589ac7c0
1ebb08575dcb473717e8e8ce6ee02fa4bd92ca7f781859847b4a104337f8194a
3801feb04cedb11eb5e195c922aa930a2be5c31a2b747c25ec74dbd58b72910f
3dc5d0c52428fe1696264907a1054ebbaac07f8cbe45832c105f819c2ae397c0
45db4da4fe9af410c4c9826065a57eb574aa039703fe425416e0e7ea5feb7b5f
521afc73611a7d8a747dd3690f24d7277d30a51618ebe5faec2ca64a0bfea103
53d526d4765114c9804ec8ce5de0e73ab32a6ccb5b4d08eff2946103b5f1e26d
577a4876a1a082f0b8d6fe9805b002693c159e8ccc669b7d68a472cba87784bb
5af5436cf0a978437797ebd55a1d8a1534e33b9ad6abc587a53f87738e2c74d0
5c3894c673ada266451ff3b5cc75fae43cfa0f1e075a00ed4c09f53dfdfc8703
5fbff486932a0e42ec11d9519a14afede7325e6f9b2f51a6fbbbf225f8a69df5
5fd3a3c48555251af8b29729fcbce9415e2b241be2b89f4519c89691ca103c62
6016e72c7fd3108e77f24a968fc064b2454f6c6f7224f0da62975afae4505a22
6a4b804705e725b9f4fd4adf6500180b54cc5ddefed460e48d1be724fed155d6
6ccf4be26c7c79133eaf94c9c64a2ace27574e72d4c40c3c2011479cadca1f55
6ccf543350d6a4c5910bb8557058274fc37430426790eef4df9c1bf9aea667cd
7d74bdd6d4a41d352668bd82d267ab63420ecf7e805d0bc55ed885bb26789b72
7feed42f6d072bebc3791034e87191857c77a12237d42a46b3ccd62f68e134bc
808eb1aa1ec1ee07e101b17e80454b47790ca3ad7079a19bf31edd6152fea2f2
8bca92b278d68953e3f3e9bd23b31caabd8f3286f2ffc6c72239db68b7e02377
91eeb2d7da31803a9ff81305b22748f382cfcdd99421c3cde30ba24b345dca43
960e80aa227e5e4de9d45cd3e22e8197d5d11fc00ddec34116a94cbc0db98aef
99dfbb3235dbc42d4ca49476af408e41e395d348b8f16dc4e7534ed01cd46324
9f076ce7baaabd01b8ff5952665ab35c3674ddc59084ec9c84c576d100f9ff22
9f8286214f7f23287908ec2c6da7f8ea5ed67fef0bd3a7d70eead2411033b8dd
a2a51bee0fed4b842c95c7bdfea50a8fe43efa8a07adadfb4c4a112b466c56c4
a53eef8a03ab984b8fbe27f5c85bd0da27c5ab7617d4e1adce24e1bf312710e0
b232b609c16039c22bb497ea4d5a98ace3f88aaad7d137897f3487853fdb7aae
b3d5f1c0a62589e130e1df06260f2baddff459fee615183fe457009f097fa9bf
bb9f4f94a17e3726e2a7feaa2d2bff01b52a814ef269f8bea7c051e602efe3b2
c085969288e366f115fd6ba1c93ce5c3ffecb65f6298a770385e192872f96252
c8065bcc31e0491a3a728904ff69e4ed75eed93483d2cd9c36ff2a0b37faada7
d355bf5098d399e1defef1538748b55e58583a6242e4648d930d484447aee2a2
d58a3c4956ba6797ec6d8d0f24c5090aeeb3245141f79111a6a6be7d06a6c784
e1ab66a7491b6307e5fdc14fbd5b0de4ecac697c38c3ef15ff140b976dc00720
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec17709236c10eb00355ac73cbcac28ee3bb80d13fba70f817fcd14c4afeea10
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
f3488684854def9eff19939300836cbd81c8e6cba1d0d94f5498a2c47c53dfb0
f90de736f6ff83da489522cee313c012ce3309322e062293f92680c64489f151