ca-phone13pr.lp.ohyousweeps.com Open in urlscan Pro
65.9.66.106 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ca-phone13pr.lp.ohyousweeps.com/
Submission: On July 29 via api (July 29th 2024, 9:58:26 pm UTC) from US — Scanned from DE

Summary HTTP 73 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 11 domains to perform 73 HTTP transactions. The main IP is 65.9.66.106, located in United States and belongs to AMAZON-02, US. The main domain is ca-phone13pr.lp.ohyousweeps.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 6th 2024. Valid for: a year.

This is the only time ca-phone13pr.lp.ohyousweeps.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
35	65.9.66.106 65.9.66.106	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
4	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	34.194.182.216 34.194.182.216	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:223... 2600:9000:223d:d400:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.68 143.204.215.68	16509 (AMAZON-02) (AMAZON-02)
4	172.67.181.103 172.67.181.103	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.215.242.10 52.215.242.10	16509 (AMAZON-02) (AMAZON-02)
2	172.67.190.205 172.67.190.205	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	18.244.18.36 18.244.18.36	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.43 143.204.215.43	16509 (AMAZON-02) (AMAZON-02)
4	35.174.37.13 35.174.37.13	14618 (AMAZON-AES) (AMAZON-AES)
1	54.236.212.43 54.236.212.43	14618 (AMAZON-AES) (AMAZON-AES)
3	52.21.124.220 52.21.124.220	14618 (AMAZON-AES) (AMAZON-AES)
73	19

35 65.9.66.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-106.fra56.r.cloudfront.net

ca-phone13pr.lp.ohyousweeps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.194.182.216 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-182-216.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:d400:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-68.fra53.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.181.103 (United States)

ASN13335 (CLOUDFLARENET, US)

im.eu-imageo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

lpapi.ld-genie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.242.10 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-242-10.eu-west-1.compute.amazonaws.com

affslinksfirst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.190.205 (United States)

ASN13335 (CLOUDFLARENET, US)

im.us-imageo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.244.18.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-36.fra56.r.cloudfront.net

cdn.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-43.fra53.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.174.37.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-37-13.compute-1.amazonaws.com

psp.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.236.212.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-212-43.compute-1.amazonaws.com

fpc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.21.124.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-124-220.compute-1.amazonaws.com

trc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	ohyousweeps.com ca-phone13pr.lp.ohyousweeps.com	333 KB
12	pushnami.com api.pushnami.com — Cisco Umbrella Rank: 7428 cdn.pushnami.com — Cisco Umbrella Rank: 21693 psp.pushnami.com — Cisco Umbrella Rank: 30686 fpc.pushnami.com — Cisco Umbrella Rank: 363613 trc.pushnami.com — Cisco Umbrella Rank: 7212	370 KB
7	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 33453 cdn.trustedform.com — Cisco Umbrella Rank: 39044	44 KB
4	eu-imageo.com im.eu-imageo.com	560 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	31 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1832	53 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 641 fonts.googleapis.com — Cisco Umbrella Rank: 110	86 KB
2	gstatic.com fonts.gstatic.com	16 KB
2	us-imageo.com im.us-imageo.com	18 KB
1	affslinksfirst.com affslinksfirst.com
1	ld-genie.com lpapi.ld-genie.com
73	11

	Domain	Requested by
35	ca-phone13pr.lp.ohyousweeps.com	ca-phone13pr.lp.ohyousweeps.com ajax.googleapis.com
5	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
4	psp.pushnami.com	cdn.pushnami.com api.pushnami.com
4	im.eu-imageo.com	ca-phone13pr.lp.ohyousweeps.com
4	cdnjs.cloudflare.com	ca-phone13pr.lp.ohyousweeps.com
3	trc.pushnami.com	api.pushnami.com
3	maxcdn.bootstrapcdn.com	ca-phone13pr.lp.ohyousweeps.com maxcdn.bootstrapcdn.com
2	cdn.pushnami.com	api.pushnami.com
2	fonts.gstatic.com	fonts.googleapis.com
2	im.us-imageo.com	ca-phone13pr.lp.ohyousweeps.com
2	api.pushnami.com	ca-phone13pr.lp.ohyousweeps.com api.pushnami.com
2	cdn.trustedform.com	ca-phone13pr.lp.ohyousweeps.com api.trustedform.com
2	ajax.googleapis.com	ca-phone13pr.lp.ohyousweeps.com
1	fpc.pushnami.com	api.pushnami.com
1	affslinksfirst.com	ajax.googleapis.com
1	lpapi.ld-genie.com	ajax.googleapis.com
1	fonts.googleapis.com	ca-phone13pr.lp.ohyousweeps.com
73	17

This site contains links to these domains. Also see Links.

Domain
ohyousweeps.com

Subject Issuer	Validity	Valid
*.lp.ohyousweeps.com Amazon RSA 2048 M02	`2024-02-06` - `2025-03-06`	a year	crt.sh
upload.video.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
bootstrapcdn.com WE1	`2024-07-23` - `2024-10-21`	3 months	crt.sh
*.pushnami.com Amazon RSA 2048 M02	`2024-02-03` - `2025-03-03`	a year	crt.sh
eu-imageo.com WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
ld-genie.com WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
*.affslinksfirst.com GlobalSign GCC R6 AlphaSSL CA 2023	`2024-02-15` - `2025-03-18`	a year	crt.sh
us-imageo.com WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.trustedform.com Amazon RSA 2048 M02	`2024-07-10` - `2025-08-06`	a year	crt.sh
cdn.trustedform.com Amazon RSA 2048 M03	`2024-02-13` - `2025-03-13`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://ca-phone13pr.lp.ohyousweeps.com/
Frame ID: 844D89D268630874D7EC1C7D0D000C35
Requests: 68 HTTP requests in this frame

Frame: https://lpapi.ld-genie.com/click/generate/?reqid=&oid=&aid=&cid=&sid=
Frame ID: AD462D435331253D381BF329FDF97346
Requests: 1 HTTP requests in this frame

Frame: https://affslinksfirst.com/p.ashx?o=&en=evt01&t=&r=
Frame ID: 5787F04940A4EDD00B4F2669D8A5D2FF
Requests: 1 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: D6C966203AA9E037F671885C6BA9ED26
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Win the New iPhone 13 Pro

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
\bangular.{0,32}\.js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

Pushnami (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.pushnami\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

73
Requests

99 %
HTTPS

22 %
IPv6

11
Domains

17
Subdomains

19
IPs

5
Countries

1521 kB
Transfer

3160 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://ohyousweeps.com/canada/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17222903004740.2558180467894271&invert_field_sensitivity=false HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17222903004740.2558180467894271&invert_field_sensitivity=false

73 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ca-phone13pr.lp.ohyousweeps.com/ 53 KB
11 KB 181ms
142ms Document
text/html 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx / PHP/7.3.33
Resource Hash: 5cc30e23d368c5816aa4b36c989745be525f8267687fa44325df773d49e91213

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 29 Jul 2024 21:58:20 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
x-amz-cf-id: b6-4TBrfUcfVJNetgeZX_aKFD90HdJxIIudYj7ij1zQfQf2I2HthlA==
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
x-powered-by: PHP/7.3.33

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.0/ 84 KB
30 KB 77ms
19ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js

Requested by

Host: ca-phone13pr.lp.ohyousweeps.com
URL: https://ca-phone13pr.lp.ohyousweeps.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 14:43:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 544498
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30211
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 14:43:22 GMT

GET
H2 200 angular.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.5.8/ 156 KB
55 KB 92ms
36ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js

Requested by

Host: ca-phone13pr.lp.ohyousweeps.com
URL: https://ca-phone13pr.lp.ohyousweeps.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e92af41ea36051ffe9f3c83abec97cec2ac09cdaa2396863958e8b4bc8de5870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 554115
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56572
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 12:03:05 GMT

GET
H3 200 angular-sanitize.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/ 6 KB
3 KB 77ms
34ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular-sanitize.min.js

Requested by

Host: ca-phone13pr.lp.ohyousweeps.com
URL: https://ca-phone13pr.lp.ohyousweeps.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1f4330a19f15a7da83142f5b49786c47e1669bac57076e021e714814a53238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 980938
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2728
last-modified: Mon, 04 May 2020 16:04:55 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d27-16e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iDM%2BfRvDwxdnv8LQdBVNJsU%2F7msv6cT%2FZYFcDzFDisrs8t5cDPUZpOnZxfJ1AOtGAmSFIfEaLdWa0bHCxyoBRG6z5t9RlBnvWBw7uuSjf7jfsLTX61IJS2wxQXkvtPqrjKx7enIp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8ab05eaa2f385d50-FRA
expires: Sat, 19 Jul 2025 21:58:20 GMT

GET
H3 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
11 KB 43ms
21ms Script
application/javascript 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: ca-phone13pr.lp.ohyousweeps.com
URL: https://ca-phone13pr.lp.ohyousweeps.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1047
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 6299315
cdn-cachedat: 03/18/2024 12:13:26
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"5869c96cc8f19086aee625d670d741f9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 3e4803ebcd67682eccd326d11a83c865
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8ab05ea9fadc1a49-FRA
cdn-requestpullsuccess: True

GET
H3 200 postscribe.min.js Show response
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/ 17 KB
5 KB 75ms
33ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js

Requested by

Host: ca-phone13pr.lp.ohyousweeps.com
URL: https://ca-phone13pr.lp.ohyousweeps.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe95a4c752590b7e2d5296446643300206175ff9312c477057c1c9dec02e9f84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 450451
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4996
last-modified: Mon, 04 May 2020 16:15:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03faa-43d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cjkD2S1f6tSkLmA7uevxFDHwyrjQEWLA72J3lbeSFihAEph053wTPfmtmF6TnmxynsL0Z6YTblO5aBglnCU8piBEZrgq5nkipLyTVZZNiRVLleDpxCV5WNL%2BJ9AeK8OY0mm8v1%2BQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8ab05eaa2f3b5d50-FRA
expires: Sat, 19 Jul 2025 21:58:20 GMT

GET
H3 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.1/ 57 KB
17 KB 63ms
22ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.1/moment.min.js

Requested by

Host: ca-phone13pr.lp.ohyousweeps.com
URL: https://ca-phone13pr.lp.ohyousweeps.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73de4254959530e4d1d9bec586379184f96b4953dacf9cd5e5e2bdd7bfeceef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://ca-phone13pr.lp.ohyousweeps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1492128
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16919
last-modified: Tue, 06 Oct 2020 12:01:40 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7c5ca4-e5ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R3yfjJxmnzJzc2469siZkeDi6gxdifnGfGxQ6pfrShijSDBp44Dwo7H46DSRAASW9hJWbTPOaqNlXc6Ua6qW8EQi7fuswzca5NdpPZgDlgMgivknkzjGmf%2BLtKaYuu8tnDNK4bJw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8ab05eaa2e7bbb50-FRA
expires: Sat, 19 Jul 2025 21:58:20 GMT

GET
H3 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
24 KB 54ms
33ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: ca-phone13pr.lp.ohyousweeps.com
URL: https://ca-phone13pr.lp.ohyousweeps.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 940
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 6417812
cdn-cachedat: 10/31/2023 19:15:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"ec3bb52a00e176a7181d454dffaea219"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: c83fee2ffb8cb55535eaeb2520d7c34a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8ab05ea9fadd1a49-FRA
cdn-requestpullsuccess: True

GET
H3 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 70 KB
5 KB 75ms
34ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: ca-phone13pr.lp.ohyousweeps.com
URL: https://ca-phone13pr.lp.ohyousweeps.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1582675
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4216
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f5628a2-11846"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HU%2BhF7NGnmAYrHLiEoyrfmWO%2Fxl8omZHQHUYWn6TU7WOmXdSaPj2Nwr9BhRQhpI07X5AUoHuAr5IEnl4WXM1VOFhfdbt47%2FY8b%2B8eg1BR3sqTBCLpa447Id6bynUcgrRaHbKWNhJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8ab05eaa2f3d5d50-FRA
expires: Sat, 19 Jul 2025 21:58:20 GMT

GET
H2 200 flowpage.min.js Show response
ca-phone13pr.lp.ohyousweeps.com/js/ 394 KB
119 KB 52ms
51ms Script
application/javascript 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/js/flowpage.min.js?rel=1710173169036
Requested by: Host: ca-phone13pr.lp.ohyousweeps.com
URL: https://ca-phone13pr.lp.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: c7dfa9afb5a42ed8ed2a2e4e0cc37dfbd8892625e61197cfcc0c5a127a2d6433

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
content-encoding: gzip
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2024 13:51:53 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: W/"661e8279-626cf"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: DYkB3gQ88Ok3ROc5BuhS829segxXg0ckikYJJyXjSQ5TmaH-Cy1bsA==

GET
H2 200 flowpage.directives.min.js Show response
ca-phone13pr.lp.ohyousweeps.com/js/ 116 KB
36 KB 41ms
41ms Script
application/javascript 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/js/flowpage.directives.min.js?rel=1710173169036
Requested by: Host: ca-phone13pr.lp.ohyousweeps.com
URL: https://ca-phone13pr.lp.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 7d3e17064f52b11f950a5472b280dbf379ee382d00f03ad365b495e525bf9e31

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
content-encoding: gzip
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2024 13:51:53 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: W/"661e8279-1ce55"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: xNJz3RJOdc39JRRwQHY3SVnC3mKBmcwuqumJj9aJi3j6omru2XOjrQ==

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17222903004740.2558180467894271&invert_field_sensitivity=false
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17222903004740.2558180467894271&invert_field_sensitivity=false

16 KB
6 KB

164ms
132ms

Script
application/javascript

2600:9000:223d:d400:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17222903004740.2558180467894271&invert_field_sensitivity=false
Requested by: Host: ca-phone13pr.lp.ohyousweeps.com
URL: https://ca-phone13pr.lp.ohyousweeps.com/
Protocol: H2
Server: 2600:9000:223d:d400:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45976a621181ee7fd8bf20fa6df22ba74aa4dbee43439c40f5dce33d3adfe5dc

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:21 GMT
x-amz-version-id: FT61aanmIsL6VBHUXACooZGktOoWXEnV
content-encoding: gzip
last-modified: Thu, 18 Jul 2024 20:05:44 GMT
server: AmazonS3
via: 1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
etag: W/"72f931c43fa2e605365f0bfec09e3a5d"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: fdxlE15GH4NewtAj6yfWPTNM3GtjAeXbmiDRsSD8GzNLNxgkcABMzQ==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17222903004740.2558180467894271&invert_field_sensitivity=false
date: Mon, 29 Jul 2024 21:58:20 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 62a7807cf9e9090013c65cc7 Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 101 KB
21 KB 400ms
359ms Script
application/javascript 143.204.215.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Requested by: Host: ca-phone13pr.lp.ohyousweeps.com
URL: https://ca-phone13pr.lp.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-68.fra53.r.cloudfront.net
Software: /
Resource Hash: db05788e5cf5e46720a37c4fbafab53adb78818840921d1146e2a96e9da8040d

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
content-encoding: gzip
via: 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
x-amz-cf-id: TgPS_EGBq0l_DLwS2-7kL6tldorqiONvT-s6c3Ne7Po0-sS3KNU-CQ==

GET
H2 200 animations.css
ca-phone13pr.lp.ohyousweeps.com/css/ 6 KB
1014 B 47ms
46ms Stylesheet
text/css 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/css/animations.css
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: ec27d9b0599096807e0703fcb249974bed533bb210038cc8158a3a08a6b9209f

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
content-encoding: br
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2024 13:51:52 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: W/"661e8278-1642"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: 8-sm277Bfbi4cH-r9wfcp9QVgRGPXeXK-IbBPN7EN_FKUTzjkoyEjQ==

GET
H2 200 template.css
ca-phone13pr.lp.ohyousweeps.com/templates/empty/css/ 15 KB
5 KB 41ms
40ms Stylesheet
text/css 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/templates/empty/css/template.css
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e67fb55a18d8128ec419dfd070516d112bbe08978d2685b5844b1655dd00c7d4

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
content-encoding: gzip
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2024 13:51:54 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: W/"661e827a-3abf"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: OMp6RBX6al6bNANzZaUscVsHviYQeysHdTcgFkKs_01vzMIGQGuEYA==

GET
H2 200 pikaday.css
ca-phone13pr.lp.ohyousweeps.com/css/vendor/ 4 KB
2 KB 70ms
69ms Stylesheet
text/css 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/css/vendor/pikaday.css
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 8c1e90dad6a7cf7aea83622e85032b766db7470604ea348dfa966cdf443bc7b2

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
content-encoding: br
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2024 13:51:52 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: W/"661e8278-1144"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: vH9SQzBtexPKC3PILo4uHjfIhISQVyZKoCtBMtJ1Fx21pRE31fd87Q==

GET
H2 200 preload-web.html Show response
ca-phone13pr.lp.ohyousweeps.com/templates/empty/ 5 KB
1 KB 32ms
31ms XHR
text/html 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/templates/empty/preload-web.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 722057e5e3a26318fa71f5be8f80ac22fddcc2e951f729f3443961657febc940

Request headers

Accept: application/json, text/plain, */*
Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
content-encoding: br
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2024 13:51:54 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: W/"661e827a-1456"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html
x-amz-cf-id: _fLhCySoNMOKO3lJ8xkIg2S1advbnm4idJeB7h4hGNG4ZEma1gQL9w==

GET
H2 200 pixels.html Show response
ca-phone13pr.lp.ohyousweeps.com/directives/ 361 B
662 B 65ms
64ms XHR
text/html 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/directives/pixels.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 6cde2e24bb939b1286c77147eed40cc96f48e208bb127f5949975f48380ce43d

Request headers

Accept: application/json, text/plain, */*
Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2024 13:51:52 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: "661e8278-169"
x-cache: Miss from cloudfront
content-type: text/html
accept-ranges: bytes
content-length: 361
x-amz-cf-id: sQCn5M450BZUIVSipf_kNLYrcjOmt3qFJMxb6JHhEuOugmFbmJrLvg==

GET
H2 200 footer.html Show response
ca-phone13pr.lp.ohyousweeps.com/directives/ 2 KB
882 B 65ms
64ms XHR
text/html 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/directives/footer.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 858e251745aa486a840abcd75cee65bd95d3b56b4d882c3d301bb81394ee06e6

Request headers

Accept: application/json, text/plain, */*
Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
content-encoding: br
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2024 13:51:52 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: W/"661e8278-836"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html
x-amz-cf-id: aJ0UyYhWZxLsbpp91eT8cRO4gzMUFojVCL3DDWlIr7A_oZXQ1cXOzw==

GET
H2 200 config.json Show response
ca-phone13pr.lp.ohyousweeps.com/templates/empty/ 12 B
317 B 50ms
50ms XHR
application/json 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/templates/empty/config.json
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 602e35a92eec4bc0a2ec6ae113f07bfc6933322fb69fe8dee416e5a67217e2a2

Request headers

Accept: application/json, text/plain, */*
Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2024 13:51:54 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: "661e827a-c"
x-cache: Miss from cloudfront
content-type: application/json
accept-ranges: bytes
content-length: 12
x-amz-cf-id: pMSCDA3_G2iyweloIyO8Lh9ISKKULBTykXUT7xuxWkxZwGKK6IEwYg==

GET
H2 200 feedback-form.html Show response
ca-phone13pr.lp.ohyousweeps.com/directives/ 889 B
1 KB 47ms
47ms XHR
text/html 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/directives/feedback-form.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 24051281c43b4638239d604bbdc49165fb45430016dd42d1112ec76a771aeae0

Request headers

Accept: application/json, text/plain, */*
Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2024 13:51:52 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: "661e8278-379"
x-cache: Miss from cloudfront
content-type: text/html
accept-ranges: bytes
content-length: 889
x-amz-cf-id: 9R_U-L349J7rTNQi9m5qXwNz4iNKihSwXlkQwSvn7vXrBP6DJvZtyg==

GET
H2 200 progress-bar.html Show response
ca-phone13pr.lp.ohyousweeps.com/directives/ 3 KB
823 B 42ms
41ms XHR
text/html 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/directives/progress-bar.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 25babacbcf3cf55f90deb348ce32888a9321761bec53dd9c3dcd8bb3c2bedc36

Request headers

Accept: application/json, text/plain, */*
Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
content-encoding: br
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2024 13:51:52 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: W/"661e8278-ac3"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html
x-amz-cf-id: Q9EQt1DTBTO-dDmbRFaCzMrP2QNEj_HPpq25dpiLkJG4n4YukS4Mdw==

GET
H2 200 %7B%7Bcms.image_2%7D%7D
ca-phone13pr.lp.ohyousweeps.com/ 3 KB
3 KB 142ms
142ms Image
text/html 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/%7B%7Bcms.image_2%7D%7D
Requested by: Host: ca-phone13pr.lp.ohyousweeps.com
URL: https://ca-phone13pr.lp.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx / PHP/7.3.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
content-encoding: gzip
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-C1
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-credentials: true
x-amz-cf-id: iboPGwOqmQBZ4oGkYvKRT0it9A1UqZzf8v5bEIcjWHAlKrU51Q_iGg==

GET
H3 200 1631696591_prizeimage.png
im.eu-imageo.com/upload/ 277 KB
278 KB 133ms
94ms Image
image/png 172.67.181.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.eu-imageo.com/upload/1631696591_prizeimage.png
Requested by: Host: ca-phone13pr.lp.ohyousweeps.com
URL: https://ca-phone13pr.lp.ohyousweeps.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc8f446354159009c60de8c3fd1d5fa8a9ebeddbfdef4175f7b748400ff8566e

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Sep 2021 09:03:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6141b6cf-455d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X6IGJ6kSXXtXa6ipZrp4SryKTpVVElGLzaS02RxJuijofsgdtQc36%2FDQiv7PFWMqimx%2Bm6%2Bua%2FVTaSx1jdlsVIj21P3kTzlogpvbZgEHnft9ECN8iYT92aRAwjJlQE1UIEvv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8ab05eab7a107188-FRA
alt-svc: h3=":443"; ma=86400
content-length: 284112

GET
H2 200 css
fonts.googleapis.com/ 2 KB
834 B 85ms
27ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:400,700&display=swap

Requested by

Host: ca-phone13pr.lp.ohyousweeps.com
URL: https://ca-phone13pr.lp.ohyousweeps.com/templates/empty/css/template.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bec178028692f94f6e52c4310e6fb58da4b5dca8e168c3dd6770e7d61f065e0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/templates/empty/css/template.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Jul 2024 21:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 21:13:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Jul 2024 21:58:20 GMT

GET
H2 200 page-header-web.html Show response
ca-phone13pr.lp.ohyousweeps.com/templates/empty/ 2 KB
948 B 50ms
50ms XHR
text/html 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/templates/empty/page-header-web.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 3a8fc51a8e86de4d545eabc23bae9700f3d7d021e9c2b834b40b54be94d31d5f

Request headers

Accept: application/json, text/plain, */*
Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
content-encoding: br
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2024 13:51:54 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: W/"661e827a-89f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html
x-amz-cf-id: 2trTdinT-rgaftCWhfGEvI9gXj37LPfPA3od82wr8mzKIRdxAFQEVQ==

GET
H3 200 /
lpapi.ld-genie.com/click/generate/ Frame AD46 0
0 111ms
49ms Document
application/json 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lpapi.ld-genie.com/click/generate/?reqid=&oid=&aid=&cid=&sid=
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.28
Resource Hash

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8ab05eabea23366d-FRA
content-encoding: gzip
content-type: application/json
date: Mon, 29 Jul 2024 21:58:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NqcCnkuCU9LxeSRBaEkq2HoMYRqLaXJ6pSGxGcvYfhPilghmYgEEfdVW8exjIYAS8yNXeG%2BzAYhjqINIw7RQQDbA3%2FUFwLFNfWHCi45m1FaC2%2FioTX6JowcIAqjsRJCImNQMIho%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.28

GET
H/1.1 200
OK p.ashx
affslinksfirst.com/ Frame 5787 0
0 133ms
46ms Document
text/plain 52.215.242.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://affslinksfirst.com/p.ashx?o=&en=evt01&t=&r=
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.215.242.10 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-242-10.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control: private
Connection: close
Content-Length: 2
Content-Type: text/plain; charset=utf-8
Date: Mon, 29 Jul 2024 21:58:20 GMT
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 deliver.png
ca-phone13pr.lp.ohyousweeps.com/templates/productdetailer/images/ 4 KB
4 KB 49ms
46ms Image
image/png 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/templates/productdetailer/images/deliver.png
Requested by: Host: ca-phone13pr.lp.ohyousweeps.com
URL: https://ca-phone13pr.lp.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 43cc909b864265ea763bb9fc89fc789162ce43bb5054998f2c72586442326b55

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2024 13:51:54 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: "661e827a-e6b"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 3691
x-amz-cf-id: uCkFi5nJgS3yqhd2o1TMIhgxSnJlJL901wXLozYPqlwtjwdJCIyVKw==

GET
H2 200 finish-icon.png
ca-phone13pr.lp.ohyousweeps.com/templates/productdetailer/images/ 2 KB
2 KB 48ms
45ms Image
image/png 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/templates/productdetailer/images/finish-icon.png
Requested by: Host: ca-phone13pr.lp.ohyousweeps.com
URL: https://ca-phone13pr.lp.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 498fe301d99911563563edc1f20bff040a0bbe6977f4cd32d0c358ff3b39ecfd

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2024 13:51:54 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: "661e827a-74a"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1866
x-amz-cf-id: PzYeNNTIPMzUk0dxFDTJD5a7KnHBabAECT2dXV_M1rT7ed0pm8t7iA==

GET
H2 200 animate.css
ca-phone13pr.lp.ohyousweeps.com/templates/surfeyo_2/css/ 73 KB
7 KB 34ms
34ms Stylesheet
text/css 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/templates/surfeyo_2/css/animate.css
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 95da3176e728e04616d92fe5f50f7ace2a0e52e4f012dba748a32f7745bcbc54

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
content-encoding: gzip
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2024 13:51:54 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: W/"661e827a-1252b"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: _Mrt82ZjnQQBV664xMTvACVTaMGwmZDhwFoMeUCHmkOnz8cweD4bJA==

GET
H2 200 %7B%7Bcms.image_3%7D%7D
ca-phone13pr.lp.ohyousweeps.com/ 3 KB
3 KB 129ms
128ms Image
text/html 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/%7B%7Bcms.image_3%7D%7D
Requested by: Host: ca-phone13pr.lp.ohyousweeps.com
URL: https://ca-phone13pr.lp.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx / PHP/7.3.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
content-encoding: gzip
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-C1
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-credentials: true
x-amz-cf-id: _RJjGLEDDRQrZ_dCK1bKtYkoyfQdyBtaowlFa06ksOZJ5GSDo5tnGA==

GET
H3 200 glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/ 18 KB
18 KB 199ms
183ms Font
font/woff2 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Origin: https://ca-phone13pr.lp.ohyousweeps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 894
cdn-cachedat: 01/03/2024 11:54:50
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18028
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "448c34a56d699c29117adc64c43affeb"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 24eee32540393a0b8cdf2aee55529e82
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8ab05eabcee91c1e-FRA
cdn-requestpullsuccess: True

GET
H3 200 1631696461_background_light.png
im.eu-imageo.com/upload/ 281 KB
282 KB 119ms
117ms Image
image/png 172.67.181.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.eu-imageo.com/upload/1631696461_background_light.png
Requested by: Host: ca-phone13pr.lp.ohyousweeps.com
URL: https://ca-phone13pr.lp.ohyousweeps.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0de3590637f82796c112fb9667776d8cbcfe4c15ff71838159c3018d95dd68b1

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Sep 2021 09:01:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6141b64d-4654a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hGEo7En966hF3WYb0t2%2F2Tlwwqh%2BKXyHAKNRwBkPNLuVr%2Fux%2FrjX7SqmOMRuzmCKHrPA%2FIuG%2BbK7tikZjHeSQItEaxng%2BXbk5rUebGBadPpgg1trXGbAuDiy4n%2FvmJTZBesW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8ab05eabaa3a7188-FRA
alt-svc: h3=":443"; ma=86400
content-length: 288074

GET
H2 200 yousweeps_logo_bw.png
ca-phone13pr.lp.ohyousweeps.com/images/logos/ 73 KB
74 KB 46ms
43ms Image
image/png 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/images/logos/yousweeps_logo_bw.png
Requested by: Host: ca-phone13pr.lp.ohyousweeps.com
URL: https://ca-phone13pr.lp.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: d0e423a53ff4fdc166a86dc2f409684ed5529cb951216657df7b90fc4f42723f

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2024 13:51:53 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: "661e8279-12499"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 74905
x-amz-cf-id: q0yH15lXpNAFq7MEXeLyQ45M6uBtw3ZzMYD3MHwhJxawaTGNPyb06A==

GET
H2 200 %7B%7Bcms.image_4%7D%7D
ca-phone13pr.lp.ohyousweeps.com/ 3 KB
3 KB 138ms
133ms Image
text/html 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/%7B%7Bcms.image_4%7D%7D
Requested by: Host: ca-phone13pr.lp.ohyousweeps.com
URL: https://ca-phone13pr.lp.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx / PHP/7.3.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
content-encoding: gzip
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-C1
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-credentials: true
x-amz-cf-id: MATTiHVu03vIXndpgLhLE8z6J8kGgnWAS_EyTR_Lz_wA2j-zexAKpQ==

GET
H3 200 1561383747_yellow-banner-en.png
im.us-imageo.com/upload/ 18 KB
18 KB 136ms
72ms Image
image/png 172.67.190.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.us-imageo.com/upload/1561383747_yellow-banner-en.png
Requested by: Host: ca-phone13pr.lp.ohyousweeps.com
URL: https://ca-phone13pr.lp.ohyousweeps.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6346556c46447018f7c3e32f9e0ee261fa5d524d60872441796a3b7f3707b1f6

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
cf-cache-status: MISS
last-modified: Mon, 24 Jun 2019 13:42:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5d10d343-462d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ucJuEVpjTvQrvii6RcIjwWFvWlDr%2F4F5YN1fkMI0e%2FdiyI9c%2B0bybCEqaQYVsxJ4SXkaUzB15nB7a7gDcHY%2BZuc92K4hXrunGTAuwzHc3reHbD0TA9DzYZovHqHK14A51TBq"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8ab05eac1e8618f7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 17965

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 101ms
34ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ca-phone13pr.lp.ohyousweeps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:14:37 GMT
x-content-type-options: nosniff
age: 542623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 15:14:37 GMT

GET
H2 200 teaser-web.html Show response
ca-phone13pr.lp.ohyousweeps.com/templates/empty/ 2 KB
872 B 24ms
24ms XHR
text/html 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/templates/empty/teaser-web.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: d35e19a200b9f7b65ca518a7cf30cfda8f4c00f62d581a741dd158f93b3ed442

Request headers

Accept: application/json, text/plain, */*
Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
content-encoding: br
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2024 13:51:54 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: W/"661e827a-8b7"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html
x-amz-cf-id: lsoM-1Qod2md1rHre1f72MI8bIGFcFFOlsMrfDwFHtWKTVAV1PCuZA==

GET
H2 200 teaser.css
ca-phone13pr.lp.ohyousweeps.com/templates/empty/css/ 1 KB
790 B 48ms
48ms Stylesheet
text/css 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/templates/empty/css/teaser.css
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4c32347e6c21f6f049a5022d83fdf269094224e161c784f88b6d733f88d92985

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
content-encoding: br
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2024 13:51:54 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: W/"661e827a-513"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: OyvKIxre9xIcQGyQ9nVSi-KxcVVwtegJPEjR13abluuOf2LMK3Pp9g==

HEAD
H2 200 en_CA.html Show response
ca-phone13pr.lp.ohyousweeps.com/directives/teaser-interest-questions/empty/ 0
298 B 36ms
36ms XHR
text/html 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/directives/teaser-interest-questions/empty/en_CA.html
Requested by: Host: ca-phone13pr.lp.ohyousweeps.com
URL: https://ca-phone13pr.lp.ohyousweeps.com/js/flowpage.directives.min.js?rel=1710173169036
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
content-encoding: br
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2024 13:51:52 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: W/"661e8278-c8a"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html
x-amz-cf-id: wF8-7hZlBhBOCqHSlETW8cGoXSdbcaeCTtnwiDq95Cl_VmvG3msFxg==

GET
H2 200 en_CA.html Show response
ca-phone13pr.lp.ohyousweeps.com/directives/teaser-interest-questions/empty/ 3 KB
1 KB 43ms
42ms XHR
text/html 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/directives/teaser-interest-questions/empty/en_CA.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 16a391a8ff89a43e454c4ef6a39de00e5c5a0bee5f125792b3382e5a31c8e9ac

Request headers

Accept: application/json, text/plain, */*
Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:21 GMT
content-encoding: br
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2024 13:51:52 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: W/"661e8278-c8a"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html
x-amz-cf-id: dEeqalaPuppsECMW1ki36tOZ6-qvvZzPQcWOUPqE5iTiR1836TAGTg==

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 37ms
36ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ca-phone13pr.lp.ohyousweeps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 07:58:24 GMT
x-content-type-options: nosniff
age: 568797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 07:58:24 GMT

GET
H2 200 %7B%7Bcms.image_2%7D%7D
ca-phone13pr.lp.ohyousweeps.com/ 44 KB
44 KB 28ms
27ms Image
text/html 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/%7B%7Bcms.image_2%7D%7D
Requested by: Host: ca-phone13pr.lp.ohyousweeps.com
URL: https://ca-phone13pr.lp.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx / PHP/7.3.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
content-encoding: gzip
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-C1
age: 1
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-credentials: true
x-amz-cf-id: E4FRiuuAntzVW1P-V9DzIqlCPgyQSHFeNZ0kH8rmFDRtf0-c8veGxw==

GET
H3 200 1631696591_prizeimage.png
im.eu-imageo.com/upload/ 277 KB
0 0ms
0ms Image
image/png 172.67.181.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.eu-imageo.com/upload/1631696591_prizeimage.png
Requested by: Host: ca-phone13pr.lp.ohyousweeps.com
URL: https://ca-phone13pr.lp.ohyousweeps.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc8f446354159009c60de8c3fd1d5fa8a9ebeddbfdef4175f7b748400ff8566e

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Sep 2021 09:03:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6141b6cf-455d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X6IGJ6kSXXtXa6ipZrp4SryKTpVVElGLzaS02RxJuijofsgdtQc36%2FDQiv7PFWMqimx%2Bm6%2Bua%2FVTaSx1jdlsVIj21P3kTzlogpvbZgEHnft9ECN8iYT92aRAwjJlQE1UIEvv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8ab05eab7a107188-FRA
alt-svc: h3=":443"; ma=86400
content-length: 284112

GET
H2 200 input-field.html Show response
ca-phone13pr.lp.ohyousweeps.com/directives/ 5 KB
1 KB 31ms
30ms XHR
text/html 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/directives/input-field.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 850512d8a9c30f414af5202b1d5fd72c873cea8ca292e711fe0abe29957fe47f

Request headers

Accept: application/json, text/plain, */*
Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:21 GMT
content-encoding: br
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2024 13:51:52 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: W/"661e8278-1372"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html
x-amz-cf-id: OfLqSGQkyGwDy3RioFcd3zsttfPzQOQzVxRkZI-UYV1OmggwO2NlSQ==

GET
H2 200 prepopulated-confirm-screen.html Show response
ca-phone13pr.lp.ohyousweeps.com/directives/ 2 KB
1 KB 24ms
24ms XHR
text/html 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/directives/prepopulated-confirm-screen.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 1e391ddb46ae506ab13f3993a6f8af22362aadddbb03e4584c845f3519711eb7

Request headers

Accept: application/json, text/plain, */*
Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:21 GMT
content-encoding: br
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2024 13:51:52 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: W/"661e8278-9e8"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html
x-amz-cf-id: QsN3Y5x3w90SysMW9QqQ7Opruiof7yfCZxVAo3GOuJ9KRbojr0YxJg==

GET
H2 200 icon-gender-male.png
ca-phone13pr.lp.ohyousweeps.com/templates/surfeyo_3/images/ 2 KB
2 KB 39ms
38ms Image
image/png 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/templates/surfeyo_3/images/icon-gender-male.png
Requested by: Host: ca-phone13pr.lp.ohyousweeps.com
URL: https://ca-phone13pr.lp.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 73b34fff24e408eff047da493bf2f26fb5f530632b79593f4b0f5d798eda37d3

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:21 GMT
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2024 13:51:54 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: "661e827a-7e1"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2017
x-amz-cf-id: CgsLxGPbSUUFu15PfEgcu4B5qXoCNdvK4vmbTTU8qBo0zQaHNoAPbA==

GET
H2 200 icon-gender-female.png
ca-phone13pr.lp.ohyousweeps.com/templates/surfeyo_3/images/ 2 KB
2 KB 46ms
46ms Image
image/png 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/templates/surfeyo_3/images/icon-gender-female.png
Requested by: Host: ca-phone13pr.lp.ohyousweeps.com
URL: https://ca-phone13pr.lp.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: c4ec3b1b2b37ecc8f6b7cae9a626c121067d23589aa1ffc67977db3f756df9b0

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:21 GMT
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2024 13:51:54 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: "661e827a-8ca"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2250
x-amz-cf-id: ch3sW8TDOktZqxwF0WdfkiCNvJszg9Uoa1haoCAJxm29s3XNNxAzwQ==

GET
H2 200 terms-optin.html Show response
ca-phone13pr.lp.ohyousweeps.com/directives/ 1 KB
699 B 32ms
31ms XHR
text/html 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/directives/terms-optin.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: b160140247b361529ad3f5f26446b4b6afbd72e9ff1004beb23c7d5b46c6c105

Request headers

Accept: application/json, text/plain, */*
Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:21 GMT
content-encoding: br
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2024 13:51:52 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: W/"661e8278-440"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html
x-amz-cf-id: 98DEKGrH1pkmyfj6M_rzzPjxNrOF0CDSIdq0CPd-7ke-OHc21dcpWA==

GET
H2 200 icon_password.png
ca-phone13pr.lp.ohyousweeps.com/templates/vod_3/img/ 863 B
1 KB 23ms
22ms Image
image/png 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/templates/vod_3/img/icon_password.png
Requested by: Host: ca-phone13pr.lp.ohyousweeps.com
URL: https://ca-phone13pr.lp.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: c09186f2f15ec5cf081385148f0e6aa5ea225a268f1fd9a48aa1a19c395de09f

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:21 GMT
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2024 13:51:54 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: "661e827a-35f"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 863
x-amz-cf-id: 6wDFrv3LyGjZ5YWAmnAABgP9rSvp7HSY94N9ww1E32MwqZQP_3V6ew==

GET
H2 200 icon_email.png
ca-phone13pr.lp.ohyousweeps.com/templates/vod_3/img/ 1 KB
1 KB 26ms
26ms Image
image/png 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/templates/vod_3/img/icon_email.png
Requested by: Host: ca-phone13pr.lp.ohyousweeps.com
URL: https://ca-phone13pr.lp.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 9034554d05b1baf60532ed325d8b644e8adb1a646e02f75dc779235d34198126

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:21 GMT
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2024 13:51:54 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: "661e827a-42c"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1068
x-amz-cf-id: XP5OMGzpIiM42_sQmyhDh4VFKCOwh1g8nNxVIk9C1hlU3-beWbCR1g==

GET
H2 200 fcm-v1-module.019781ec7a1c97363e85.bundle.js Show response
cdn.pushnami.com/js/modules/ 46 KB
15 KB 45ms
9ms Script
application/javascript 18.244.18.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushnami.com/js/modules/fcm-v1-module.019781ec7a1c97363e85.bundle.js
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-36.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b41d7402cbdab32acba31cfdd479730c74b7527fa7c881b0486098bd1a895607

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: DKNNXfrKVNQFoskvuTtbaAOVbVs0JYVO
content-encoding: gzip
via: 1.1 49c384ab63de091c5f4d1534f8845d0c.cloudfront.net (CloudFront)
date: Mon, 29 Jul 2024 21:38:20 GMT
last-modified: Fri, 10 May 2024 21:23:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 1206
x-amz-server-side-encryption: AES256
etag: W/"09467cbbdfbe0b4f7131476215348a19"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 5Wd7xMv-Z3PkRXbNr7kA-hTbPNIqpIqCdDDfuR18_yl1mporVgVOYQ==

GET
H2 200 hub
api.pushnami.com/scripts/v1/ Frame D6C9 0
0 31ms
9ms Document
text/html 143.204.215.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushnami.com/scripts/v1/hub

Requested by

Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-43.fra53.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *
X-Content-Security-Policy	default-src 'unsafe-inline' *

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: *
age: 3016
cache-control: no-cache
content-encoding: gzip
content-security-policy: default-src 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Mon, 29 Jul 2024 21:08:05 GMT
vary: accept-encoding
via: 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
x-amz-cf-id: Nw1v1QaZ4jNTEEPrddHFDfdQq82JKQdhwNunTcdN3s8Qs-fXWtxhqg==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *

POST
H2 201 certs Show response
api.trustedform.com/ 475 B
686 B 325ms
110ms XHR
application/json 34.194.182.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17222903004740.2558180467894271&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.194.182.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-182-216.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: ccec83ad32a27362a3d47423413e3953ad3d01c41bcf9722e5903d4181a25115

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 29 Jul 2024 21:58:21 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

GET
H2 204 favicon.ico
ca-phone13pr.lp.ohyousweeps.com/ 0
203 B 22ms
22ms Other
text/plain 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:21 GMT
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: G9LLNqdX9q76-iekGGQngF_1mvI6H26mz7tlGEBDENQxt3lZsFRZhQ==
x-cache: Miss from cloudfront

GET
H2 200 psfpv4_client_1.127.0_e635d15fed1bba64bcfc375a4468927b5cfd1fa83d36caf33495503752a5802d.js Show response
cdn.pushnami.com/js/exp/ 333 KB
333 KB 9ms
9ms Script
application/javascript 18.244.18.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushnami.com/js/exp/psfpv4_client_1.127.0_e635d15fed1bba64bcfc375a4468927b5cfd1fa83d36caf33495503752a5802d.js
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-36.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e635d15fed1bba64bcfc375a4468927b5cfd1fa83d36caf33495503752a5802d

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: NlEppi12426TRiJf4wJ7U.D8DZNlC8J6
content-encoding: utf-8
via: 1.1 49c384ab63de091c5f4d1534f8845d0c.cloudfront.net (CloudFront)
date: Mon, 29 Jul 2024 21:01:52 GMT
x-amz-cf-pop: FRA56-P11
age: 3391
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 340495
last-modified: Mon, 15 Jul 2024 19:49:28 GMT
server: AmazonS3
etag: "59a087ecce25cfbd2bad1093afe259ef"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
x-amz-cf-id: GkwlFqtcuZ34SV7LlC1FbVl0u589cyuKXbsOiKCQxJT9NUOVBZCKmg==

GET
H2 200 trustedform-1.9.19.js Show response
cdn.trustedform.com/ 95 KB
37 KB 22ms
22ms Script
application/javascript 2600:9000:223d:d400:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.9.19.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17222903004740.2558180467894271&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:d400:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97da14e5c59cc2e91f9b195b9e47dd2910676bba1d36163eda6772177d45dfd7

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: dn36s5qnbUbedTNiHyUpxJxHKIw1ge4R
content-encoding: gzip
via: 1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
date: Mon, 29 Jul 2024 21:58:15 GMT
last-modified: Thu, 18 Jul 2024 20:05:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 9
etag: W/"f269b2b703191a28feefdf7757384ba2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Q_xTQTQFAkRWDihuT3yzEPMVI_FZVMGpWY-DBDO9ch0RCoPCnp1PqA==

POST
H2 204 snapshot Show response
api.trustedform.com/certs/5dc20196beeadbe24178bcd4e264b1aa9071ca5b/ 0
159 B 236ms
232ms XHR
text/plain 34.194.182.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/5dc20196beeadbe24178bcd4e264b1aa9071ca5b/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.19.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.194.182.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-182-216.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 29 Jul 2024 21:58:21 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/5dc20196beeadbe24178bcd4e264b1aa9071ca5b/ 0
159 B 224ms
222ms XHR
text/plain 34.194.182.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/5dc20196beeadbe24178bcd4e264b1aa9071ca5b/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.19.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.194.182.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-182-216.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 29 Jul 2024 21:58:21 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H3 200 1561383747_yellow-banner-en.png
im.us-imageo.com/upload/ 18 KB
0 1ms
1ms Image
image/png 172.67.190.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.us-imageo.com/upload/1561383747_yellow-banner-en.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6346556c46447018f7c3e32f9e0ee261fa5d524d60872441796a3b7f3707b1f6

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
cf-cache-status: MISS
last-modified: Mon, 24 Jun 2019 13:42:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5d10d343-462d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ucJuEVpjTvQrvii6RcIjwWFvWlDr%2F4F5YN1fkMI0e%2FdiyI9c%2B0bybCEqaQYVsxJ4SXkaUzB15nB7a7gDcHY%2BZuc92K4hXrunGTAuwzHc3reHbD0TA9DzYZovHqHK14A51TBq"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8ab05eac1e8618f7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 17965

GET
H3 200 1631696591_prizeimage.png
im.eu-imageo.com/upload/ 277 KB
0 1ms
1ms Image
image/png 172.67.181.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.eu-imageo.com/upload/1631696591_prizeimage.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc8f446354159009c60de8c3fd1d5fa8a9ebeddbfdef4175f7b748400ff8566e

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:20 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Sep 2021 09:03:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6141b6cf-455d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X6IGJ6kSXXtXa6ipZrp4SryKTpVVElGLzaS02RxJuijofsgdtQc36%2FDQiv7PFWMqimx%2Bm6%2Bua%2FVTaSx1jdlsVIj21P3kTzlogpvbZgEHnft9ECN8iYT92aRAwjJlQE1UIEvv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8ab05eab7a107188-FRA
alt-svc: h3=":443"; ma=86400
content-length: 284112

GET
H2 200 icon-gender-male.png
ca-phone13pr.lp.ohyousweeps.com/templates/surfeyo_3/images/ 2 KB
0 1ms
1ms Image
image/png 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/templates/surfeyo_3/images/icon-gender-male.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 73b34fff24e408eff047da493bf2f26fb5f530632b79593f4b0f5d798eda37d3

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:21 GMT
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2024 13:51:54 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: "661e827a-7e1"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2017
x-amz-cf-id: CgsLxGPbSUUFu15PfEgcu4B5qXoCNdvK4vmbTTU8qBo0zQaHNoAPbA==

GET
H2 200 icon-gender-female.png
ca-phone13pr.lp.ohyousweeps.com/templates/surfeyo_3/images/ 2 KB
0 1ms
1ms Image
image/png 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca-phone13pr.lp.ohyousweeps.com/templates/surfeyo_3/images/icon-gender-female.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: c4ec3b1b2b37ecc8f6b7cae9a626c121067d23589aa1ffc67977db3f756df9b0

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 21:58:21 GMT
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2024 13:51:54 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: "661e827a-8ca"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2250
x-amz-cf-id: ch3sW8TDOktZqxwF0WdfkiCNvJszg9Uoa1haoCAJxm29s3XNNxAzwQ==

GET
DATA 200
OK truncated
/ 10 KB
10 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript

POST
H2 201 data Show response
psp.pushnami.com/psfp/ 61 B
221 B 108ms
106ms Fetch
application/json 35.174.37.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/psfp/data
Requested by: Host: cdn.pushnami.com
URL: https://cdn.pushnami.com/js/exp/psfpv4_client_1.127.0_e635d15fed1bba64bcfc375a4468927b5cfd1fa83d36caf33495503752a5802d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.174.37.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-37-13.compute-1.amazonaws.com
Software: / Express
Resource Hash: 00329a93032d29e864f129c8382f17b76d6586faf460a6233901eda5c62ec9ea

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/octet-stream

Response headers

access-control-allow-origin: *
date: Mon, 29 Jul 2024 21:58:22 GMT
x-powered-by: Express
content-length: 61
etag: W/"3d-NVdXTBzE2R2ymknIBOEnNY3esV4"
content-type: application/json; charset=utf-8

OPTIONS
H2 204 data
psp.pushnami.com/psfp/ Frame 0
0 335ms
109ms Preflight 35.174.37.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/psfp/data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.174.37.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-37-13.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ca-phone13pr.lp.ohyousweeps.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Mon, 29 Jul 2024 21:58:22 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

POST
H2 204 events Show response
api.trustedform.com/certs/5dc20196beeadbe24178bcd4e264b1aa9071ca5b/ 0
159 B 111ms
109ms XHR
text/plain 34.194.182.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/5dc20196beeadbe24178bcd4e264b1aa9071ca5b/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.19.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.194.182.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-182-216.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 29 Jul 2024 21:58:22 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 200 psp Show response
psp.pushnami.com/api/ 2 B
152 B 277ms
275ms Fetch
text/html 35.174.37.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.174.37.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-37-13.compute-1.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://ca-phone13pr.lp.ohyousweeps.com/
key: 62a7807cf9e9090013c65cc7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Mon, 29 Jul 2024 21:58:22 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/html; charset=utf-8

GET
H2 200 check
fpc.pushnami.com/psfp/a15f84ac-2d2c-497b-bc2e-269097ba72c9/ 0
0 324ms
110ms Fetch 54.236.212.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fpc.pushnami.com/psfp/a15f84ac-2d2c-497b-bc2e-269097ba72c9/check?websiteId=62a7807cf9e9090013c65cc6&psfpv4=304fef78-2e5e-50c9-bc50-ecd7d0e8594e
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.236.212.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-212-43.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://ca-phone13pr.lp.ohyousweeps.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 29 Jul 2024 21:58:22 GMT
content-length: 0
vary: Origin
x-request-id: INolFDxr6OvdkALlD0K2aAZIhV1ZVxKV

OPTIONS
H2 204 psp
psp.pushnami.com/api/ Frame 0
0 111ms
110ms Preflight 35.174.37.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.174.37.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-37-13.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://ca-phone13pr.lp.ohyousweeps.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: key
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Mon, 29 Jul 2024 21:58:22 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 137ms
135ms Fetch
text/html 52.21.124.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.124.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-124-220.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://ca-phone13pr.lp.ohyousweeps.com/
key: 62a7807cf9e9090013c65cc7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Mon, 29 Jul 2024 21:58:23 GMT
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
content-length: 2
content-type: text/html; charset=utf-8

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 311ms
101ms Preflight 52.21.124.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.124.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-124-220.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://ca-phone13pr.lp.ohyousweeps.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Mon, 29 Jul 2024 21:58:23 GMT

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 104ms
102ms Fetch
text/html 52.21.124.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.124.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-124-220.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://ca-phone13pr.lp.ohyousweeps.com/
key: 62a7807cf9e9090013c65cc7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Mon, 29 Jul 2024 21:58:24 GMT
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
content-length: 2
content-type: text/html; charset=utf-8

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://ca-phone13pr.lp.ohyousweeps.com/#/ Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

affslinksfirst.com
ajax.googleapis.com
api.pushnami.com
api.trustedform.com
ca-phone13pr.lp.ohyousweeps.com
cdn.pushnami.com
cdn.trustedform.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
fpc.pushnami.com
im.eu-imageo.com
im.us-imageo.com
lpapi.ld-genie.com
maxcdn.bootstrapcdn.com
psp.pushnami.com
trc.pushnami.com
104.17.25.14
104.18.10.207
143.204.215.43
143.204.215.68
172.67.181.103
172.67.190.205
18.244.18.36
188.114.96.3
2600:9000:223d:d400:1c:7f1a:6680:93a1
2a00:1450:4001:810::200a
2a00:1450:4001:812::2003
2a00:1450:4001:829::200a
34.194.182.216
35.174.37.13
52.21.124.220
52.215.242.10
54.236.212.43
65.9.66.106
00329a93032d29e864f129c8382f17b76d6586faf460a6233901eda5c62ec9ea
0de3590637f82796c112fb9667776d8cbcfe4c15ff71838159c3018d95dd68b1
16a391a8ff89a43e454c4ef6a39de00e5c5a0bee5f125792b3382e5a31c8e9ac
1e391ddb46ae506ab13f3993a6f8af22362aadddbb03e4584c845f3519711eb7
24051281c43b4638239d604bbdc49165fb45430016dd42d1112ec76a771aeae0
25babacbcf3cf55f90deb348ce32888a9321761bec53dd9c3dcd8bb3c2bedc36
3a8fc51a8e86de4d545eabc23bae9700f3d7d021e9c2b834b40b54be94d31d5f
43cc909b864265ea763bb9fc89fc789162ce43bb5054998f2c72586442326b55
45976a621181ee7fd8bf20fa6df22ba74aa4dbee43439c40f5dce33d3adfe5dc
498fe301d99911563563edc1f20bff040a0bbe6977f4cd32d0c358ff3b39ecfd
4c32347e6c21f6f049a5022d83fdf269094224e161c784f88b6d733f88d92985
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5cc30e23d368c5816aa4b36c989745be525f8267687fa44325df773d49e91213
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
602e35a92eec4bc0a2ec6ae113f07bfc6933322fb69fe8dee416e5a67217e2a2
6346556c46447018f7c3e32f9e0ee261fa5d524d60872441796a3b7f3707b1f6
6cde2e24bb939b1286c77147eed40cc96f48e208bb127f5949975f48380ce43d
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
722057e5e3a26318fa71f5be8f80ac22fddcc2e951f729f3443961657febc940
73b34fff24e408eff047da493bf2f26fb5f530632b79593f4b0f5d798eda37d3
73de4254959530e4d1d9bec586379184f96b4953dacf9cd5e5e2bdd7bfeceef7
7d3e17064f52b11f950a5472b280dbf379ee382d00f03ad365b495e525bf9e31
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
850512d8a9c30f414af5202b1d5fd72c873cea8ca292e711fe0abe29957fe47f
858e251745aa486a840abcd75cee65bd95d3b56b4d882c3d301bb81394ee06e6
8c1e90dad6a7cf7aea83622e85032b766db7470604ea348dfa966cdf443bc7b2
9034554d05b1baf60532ed325d8b644e8adb1a646e02f75dc779235d34198126
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
95da3176e728e04616d92fe5f50f7ace2a0e52e4f012dba748a32f7745bcbc54
97da14e5c59cc2e91f9b195b9e47dd2910676bba1d36163eda6772177d45dfd7
a1f4330a19f15a7da83142f5b49786c47e1669bac57076e021e714814a53238f
b160140247b361529ad3f5f26446b4b6afbd72e9ff1004beb23c7d5b46c6c105
b41d7402cbdab32acba31cfdd479730c74b7527fa7c881b0486098bd1a895607
bc8f446354159009c60de8c3fd1d5fa8a9ebeddbfdef4175f7b748400ff8566e
bec178028692f94f6e52c4310e6fb58da4b5dca8e168c3dd6770e7d61f065e0e
c09186f2f15ec5cf081385148f0e6aa5ea225a268f1fd9a48aa1a19c395de09f
c4ec3b1b2b37ecc8f6b7cae9a626c121067d23589aa1ffc67977db3f756df9b0
c7dfa9afb5a42ed8ed2a2e4e0cc37dfbd8892625e61197cfcc0c5a127a2d6433
ccec83ad32a27362a3d47423413e3953ad3d01c41bcf9722e5903d4181a25115
d0e423a53ff4fdc166a86dc2f409684ed5529cb951216657df7b90fc4f42723f
d35e19a200b9f7b65ca518a7cf30cfda8f4c00f62d581a741dd158f93b3ed442
db05788e5cf5e46720a37c4fbafab53adb78818840921d1146e2a96e9da8040d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e635d15fed1bba64bcfc375a4468927b5cfd1fa83d36caf33495503752a5802d
e67fb55a18d8128ec419dfd070516d112bbe08978d2685b5844b1655dd00c7d4
e92af41ea36051ffe9f3c83abec97cec2ac09cdaa2396863958e8b4bc8de5870
ec27d9b0599096807e0703fcb249974bed533bb210038cc8158a3a08a6b9209f
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fe95a4c752590b7e2d5296446643300206175ff9312c477057c1c9dec02e9f84

ca-phone13pr.lp.ohyousweeps.com Open in urlscan Pro 65.9.66.106 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

73 Requests

99 %HTTPS

22 %IPv6

11 Domains

17 Subdomains

19 IPs

5 Countries

1521 kBTransfer

3160 kBSize

0 Cookies

1 Outgoing links

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ca-phone13pr.lp.ohyousweeps.com Open in urlscan Pro
65.9.66.106 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

99 %
HTTPS

22 %
IPv6

11
Domains

17
Subdomains

19
IPs

5
Countries

1521 kB
Transfer

3160 kB
Size

0
Cookies

73 HTTP transactions
1 data transactions