ca-drinkme.lpr.ohyousweeps.com Open in urlscan Pro
172.66.0.96 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ca-drinkme.lpr.ohyousweeps.com/#/?reqid=2312471389&oid=26730&a=2869&cid=582640&s1=192
Effective URL:
https://ca-drinkme.lpr.ohyousweeps.com/
Submission: On April 10 via manual (April 10th 2024, 2:06:13 pm UTC) from CA — Scanned from CA

Summary HTTP 59 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 59 HTTP transactions. The main IP is 172.66.0.96, located in United States and belongs to CLOUDFLARENET, US. The main domain is ca-drinkme.lpr.ohyousweeps.com.
TLS certificate: Issued by GTS CA 1P5 on April 4th 2024. Valid for: 3 months.

This is the only time ca-drinkme.lpr.ohyousweeps.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
33	172.66.0.96 172.66.0.96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.253.122.95 172.253.122.95	15169 (GOOGLE) (GOOGLE)
3	104.21.24.108 104.21.24.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	44.220.109.84 44.220.109.84	14618 (AMAZON-AES) (AMAZON-AES)
2	3.162.3.78 3.162.3.78	16509 (AMAZON-02) (AMAZON-02)
2	104.21.20.14 104.21.20.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.110.3 172.64.110.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	139.45.197.253 139.45.197.253	9002 (RETN-AS) (RETN-AS)
4	172.64.111.3 172.64.111.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
59	10

33 172.66.0.96 (United States)

ASN13335 (CLOUDFLARENET, US)

ca-drinkme.lpr.ohyousweeps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.122.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.21.24.108 (None, )

ASN13335 (CLOUDFLARENET, US)

lpapi.ld-genie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.220.109.84 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-220-109-84.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.162.3.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-78.yul62.r.cloudfront.net

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.20.14 (None, )

ASN13335 (CLOUDFLARENET, US)

im.us-imageo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.110.3 (United States)

ASN13335 (CLOUDFLARENET, US)

trk-consulatu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 139.45.197.253 (United Kingdom)

ASN9002 (RETN-AS, GB)

notix.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.111.3 (United States)

ASN13335 (CLOUDFLARENET, US)

event.trk-consulatu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	ohyousweeps.com ca-drinkme.lpr.ohyousweeps.com	598 KB
10	notix.io notix.io — Cisco Umbrella Rank: 13586	45 KB
6	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 34298 cdn.trustedform.com — Cisco Umbrella Rank: 42099	37 KB
5	trk-consulatu.com trk-consulatu.com — Cisco Umbrella Rank: 86631 event.trk-consulatu.com — Cisco Umbrella Rank: 191265	3 KB
3	ld-genie.com lpapi.ld-genie.com	12 KB
2	us-imageo.com im.us-imageo.com	825 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 116	964 B
59	7

	Domain	Requested by
33	ca-drinkme.lpr.ohyousweeps.com	ca-drinkme.lpr.ohyousweeps.com cdn.trustedform.com
10	notix.io	ca-drinkme.lpr.ohyousweeps.com notix.io
4	event.trk-consulatu.com	trk-consulatu.com
4	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
3	lpapi.ld-genie.com	ca-drinkme.lpr.ohyousweeps.com
2	im.us-imageo.com
2	cdn.trustedform.com	api.trustedform.com
1	trk-consulatu.com	ca-drinkme.lpr.ohyousweeps.com
1	fonts.googleapis.com	ca-drinkme.lpr.ohyousweeps.com
59	9

This site contains links to these domains. Also see Links.

Domain
ohyousweeps.com

Subject Issuer	Validity	Valid
lpr.ohyousweeps.com GTS CA 1P5	`2024-04-04` - `2024-07-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
ld-genie.com GTS CA 1P5	`2024-03-10` - `2024-06-08`	3 months	crt.sh
us-imageo.com E1	`2024-03-10` - `2024-06-08`	3 months	crt.sh
trk-consulatu.com GTS CA 1P5	`2024-02-23` - `2024-05-23`	3 months	crt.sh
notix.io R3	`2024-02-17` - `2024-05-17`	3 months	crt.sh
*.trustedform.com Amazon RSA 2048 M03	`2023-08-11` - `2024-09-07`	a year	crt.sh
cdn.trustedform.com Amazon RSA 2048 M03	`2024-02-13` - `2025-03-13`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ca-drinkme.lpr.ohyousweeps.com/
Frame ID: 0C05565F0E8F00EAAC35E099051A3D49
Requests: 54 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

59
Requests

98 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

10
IPs

3
Countries

1531 kB
Transfer

2749 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://ohyousweeps.com/canada/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17127579658960.9822687067229354&invert_field_sensitivity=false HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17127579658960.9822687067229354&invert_field_sensitivity=false

59 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ca-drinkme.lpr.ohyousweeps.com/ 52 KB
10 KB 225ms
46ms Document
text/html 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-drinkme.lpr.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Next.js
Resource Hash: c0f30a4dacb48725b14e59742a7a0fe4f2016614fa71391236e56557e6765130

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-CA,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 48
cache-control: s-maxage=3600, stale-while-revalidate
cf-cache-status: HIT
cf-ray: 87234ba4a86754cd-YYZ
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 10 Apr 2024 14:06:05 GMT
server: cloudflare
vary: Accept-Encoding
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
x-do-orig-status: 200
x-nextjs-cache: HIT
x-powered-by: Next.js

GET
H2 200 1d4ce4381dd2f116.css
ca-drinkme.lpr.ohyousweeps.com/_next/static/css/ 102 KB
17 KB 47ms
46ms Stylesheet
text/css 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/css/1d4ce4381dd2f116.css
Requested by: Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d22dd29b426b567746e06dc9fe7b47f416446351faaf77186ccb8df230eea10

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
age: 10914
x-do-orig-status: 200
etag: W/"198e1-49773873e8"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 87234ba508f054cd-YYZ

GET
H2 200 webpack-aa5832847b8cd712.js Show response
ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/ 6 KB
3 KB 41ms
40ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/webpack-aa5832847b8cd712.js
Requested by: Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: beb4fe85c592d699013d9f90a391d3054232238acd104cb048da1a3a77f37466

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
age: 10914
x-do-orig-status: 200
etag: W/"1790-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 87234ba508f254cd-YYZ

GET
H2 200 framework-92a422f151f77ddb.js Show response
ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/ 138 KB
45 KB 43ms
39ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/framework-92a422f151f77ddb.js
Requested by: Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c085969288e366f115fd6ba1c93ce5c3ffecb65f6298a770385e192872f96252

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
age: 10914
x-do-orig-status: 200
etag: W/"226b9-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 87234ba5190f54cd-YYZ

GET
H2 200 main-3ddcad86c0b8c094.js Show response
ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/ 124 KB
37 KB 53ms
50ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/main-3ddcad86c0b8c094.js
Requested by: Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bca92b278d68953e3f3e9bd23b31caabd8f3286f2ffc6c72239db68b7e02377

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
age: 11000
x-do-orig-status: 200
etag: W/"1ee6b-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 87234ba5191054cd-YYZ

GET
H2 200 _app-e6a846649f2594b6.js Show response
ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/pages/ 247 KB
75 KB 70ms
67ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/pages/_app-e6a846649f2594b6.js
Requested by: Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ee79bacd4b4b5c930531b56894fe8f0357ab0be15297e6dbdd2373141af6a40

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
age: 10914
x-do-orig-status: 200
etag: W/"3dc69-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 87234ba5191254cd-YYZ

GET
H2 200 b637e9a5-445986cafd87aa11.js Show response
ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/ 85 KB
31 KB 70ms
68ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/b637e9a5-445986cafd87aa11.js
Requested by: Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f8286214f7f23287908ec2c6da7f8ea5ed67fef0bd3a7d70eead2411033b8dd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
age: 10914
x-do-orig-status: 200
etag: W/"152b1-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 87234ba5191354cd-YYZ

GET
H2 200 4870-ffe4bae46444420d.js Show response
ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/ 357 KB
111 KB 71ms
69ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/4870-ffe4bae46444420d.js
Requested by: Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 808eb1aa1ec1ee07e101b17e80454b47790ca3ad7079a19bf31edd6152fea2f2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
age: 11000
x-do-orig-status: 200
etag: W/"59508-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 87234ba5191554cd-YYZ

GET
H2 200 %5Blandingpage%5D-2b918097ad9abfe0.js Show response
ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/pages/landingpages/ 73 KB
18 KB 70ms
68ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/pages/landingpages/%5Blandingpage%5D-2b918097ad9abfe0.js
Requested by: Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4339b71e4e7a6bc272075e73198fd35e9a45991ebe1d9dec0b0b6a4cc6854ea1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
age: 10914
x-do-orig-status: 200
etag: W/"123f2-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 87234ba5291654cd-YYZ

GET
H2 200 _buildManifest.js Show response
ca-drinkme.lpr.ohyousweeps.com/_next/static/TLa5M7iklNlPMmxsa6PIs/ 649 B
422 B 51ms
50ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/TLa5M7iklNlPMmxsa6PIs/_buildManifest.js
Requested by: Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6338fc4c7325bf749ea815cca9fc94dcfe5446b5f4ff27b49213631ab8589b4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
age: 10914
x-do-orig-status: 200
etag: W/"289-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 87234ba5291754cd-YYZ

GET
H2 200 _ssgManifest.js Show response
ca-drinkme.lpr.ohyousweeps.com/_next/static/TLa5M7iklNlPMmxsa6PIs/ 119 B
153 B 50ms
49ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/TLa5M7iklNlPMmxsa6PIs/_ssgManifest.js
Requested by: Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d74bdd6d4a41d352668bd82d267ab63420ecf7e805d0bc55ed885bb26789b72

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
age: 10914
x-do-orig-status: 200
etag: W/"77-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 87234ba5291854cd-YYZ

GET
H2 200 css
fonts.googleapis.com/ 2 KB
964 B 144ms
57ms Stylesheet
text/css 172.253.122.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/css/1d4ce4381dd2f116.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f95.1e100.net

Software

ESF /

Resource Hash

f90de736f6ff83da489522cee313c012ce3309322e062293f92680c64489f151

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Apr 2024 14:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Apr 2024 13:14:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Apr 2024 14:06:05 GMT

GET
H2 200 cb1608f2.91b2fbcd905b094c.js Show response
ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/ 4 KB
2 KB 63ms
62ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/cb1608f2.91b2fbcd905b094c.js
Requested by: Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/webpack-aa5832847b8cd712.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bd3c737bffeaef8ea072dae3ae5157db96be1d5aa11355926495b01ea348716

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
age: 10912
x-do-orig-status: 200
etag: W/"11d7-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 87234ba6cb8e54cd-YYZ

GET
H2 200 2814.600547a8c4b34b37.js Show response
ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/ 42 KB
15 KB 57ms
56ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/2814.600547a8c4b34b37.js
Requested by: Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/webpack-aa5832847b8cd712.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1ab66a7491b6307e5fdc14fbd5b0de4ecac697c38c3ef15ff140b976dc00720

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
age: 10912
x-do-orig-status: 200
etag: W/"a81a-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 87234ba6cb9254cd-YYZ

GET
H2 200 ffcceef0bdb89207.css
ca-drinkme.lpr.ohyousweeps.com/_next/static/css/ 1 KB
518 B 55ms
55ms Stylesheet
text/css 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/css/ffcceef0bdb89207.css
Requested by: Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/webpack-aa5832847b8cd712.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb9f4f94a17e3726e2a7feaa2d2bff01b52a814ef269f8bea7c051e602efe3b2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
age: 10912
x-do-orig-status: 200
etag: W/"5e4-49773873e8"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 87234ba6cb9554cd-YYZ

GET
H2 200 4847.f5dc2b1862e6a077.js Show response
ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/ 12 KB
4 KB 49ms
48ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/4847.f5dc2b1862e6a077.js
Requested by: Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/webpack-aa5832847b8cd712.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53bfb9a64de40c2138e4cc89346316582449cee246b5838d61e1badc96891a8a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
age: 10912
x-do-orig-status: 200
etag: W/"307c-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 87234ba6cb9654cd-YYZ

GET
H2 200 / Show response
lpapi.ld-genie.com/survey/getSurveyData/72_questions.json/ 7 KB
2 KB 310ms
240ms XHR
application/javascript 104.21.24.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lpapi.ld-genie.com/survey/getSurveyData/72_questions.json/
Requested by: Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/pages/_app-e6a846649f2594b6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.28
Resource Hash: 41df66f0b4d297332809e2d8938fe650adde9c577268a9f2c453c2aadbeff057

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.28
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g35AYPWWMONU480CmPBKx8uGOqqbBQw7oOHtrLSQiq4mnfHP9uAiOIm6MlxFiwlZ9TYqBpo24njkmr5Yb5%2B%2BnSgSg%2FC2nzeLecz%2B2mudQzT6P8d57qIObX90ZFwmk7x5i%2BLO%2Bjg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://ca-drinkme.lpr.ohyousweeps.com
access-control-allow-credentials: true
cf-ray: 87234ba74fb15491-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
lpapi.ld-genie.com/survey/getSurveyData/72_ads.json/ 162 KB
8 KB 330ms
260ms XHR
application/javascript 104.21.24.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lpapi.ld-genie.com/survey/getSurveyData/72_ads.json/
Requested by: Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/pages/_app-e6a846649f2594b6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.28
Resource Hash: 8d10c26b877135fa40dab5327e6e906337197a47847c00ff57b42eca73582b9b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.28
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Isf4o%2Fmx1e4w8nHDUk6MCHi%2FjuRb0s3aMEGZMj2drA7TRNUajknxPSoIbdJrzTivEkgyn4jaDOV3pTKDsDSqRchfO4gEMKezarb6lf8CAOsq%2BlW%2BOAcxkh3AOI%2BjyImW05PL9X4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://ca-drinkme.lpr.ohyousweeps.com
access-control-allow-credentials: true
cf-ray: 87234ba74fb45491-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
lpapi.ld-genie.com/survey/getSurveyData/72_cosponsors.json/ 9 KB
2 KB 308ms
239ms XHR
application/javascript 104.21.24.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lpapi.ld-genie.com/survey/getSurveyData/72_cosponsors.json/
Requested by: Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/pages/_app-e6a846649f2594b6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.28
Resource Hash: 08a99671824a64e16cf410ed21555b857f6df05a48f4285b4a2c37611ce050ce

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.28
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OIbybM3vjNy8fcTcvnRrqxtSslG2P72X6dbu0pp4jKaBpbJV4OAfCbRGnTZw0Xgx6d7l5VNTfuN%2BuqyJ2teXDZMX4xeGz0ggMm5RhrUX87s4Pk0hBdgD5Lr%2FSPkoKjQwKwJNaS0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://ca-drinkme.lpr.ohyousweeps.com
access-control-allow-credentials: true
cf-ray: 87234ba74fb35491-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 404 undefined
ca-drinkme.lpr.ohyousweeps.com/ 2 KB
809 B 331ms
330ms Other
text/html 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-drinkme.lpr.ohyousweeps.com/undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Next.js
Resource Hash: 64f20793fec70cd9226325d235d90f0fa698e25c9956bf8cf9a0a59576d34925

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:06 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
x-do-orig-status: 404
x-powered-by: Next.js
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 87234ba6ebbe54cd-YYZ

GET
H2 200 notifyAI.js Show response
ca-drinkme.lpr.ohyousweeps.com/scripts/ 532 B
354 B 158ms
158ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-drinkme.lpr.ohyousweeps.com/scripts/notifyAI.js
Requested by: Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/main-3ddcad86c0b8c094.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1462e67150facc091d6b0373d7178e59ba1d4acae61fa402a9c49b9d5df03226

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
x-do-orig-status: 200
etag: W/"214-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
cf-ray: 87234ba6ebcb54cd-YYZ

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17127579658960.9822687067229354&invert_field_sensitivity=false
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17127579658960.9822687067229354&invert_field_sensitivity=false

8 KB
3 KB

996ms
64ms

Script
application/javascript

3.162.3.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17127579658960.9822687067229354&invert_field_sensitivity=false
Protocol: H2
Server: 3.162.3.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-78.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 35cbf6a6e5e7ff72ebb142669e1727de048df4fc13fc9fb5d9bd2d8334de7a71

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Apr 2024 14:06:08 GMT
x-amz-version-id: wfT.1UDmcvoWxmr67CfqG4zKmfhVltQE
content-encoding: gzip
last-modified: Thu, 28 Mar 2024 21:16:57 GMT
server: AmazonS3
via: 1.1 4e4d9ea09cd9de42a68977a2ab50f752.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P2
etag: W/"e11406d1e7ba652ddbe0623e1207c210"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: CWnbIaYZPe6BGh6ZjrbpHX2_Xr-R_5i9sWGZzi_njzwoBYEq35sBhw==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17127579658960.9822687067229354&invert_field_sensitivity=false
date: Wed, 10 Apr 2024 14:06:06 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H3 200 1595947721_concept_mobile.png
im.us-imageo.com/upload/ 129 KB
130 KB 561ms
467ms Other
image/png 104.21.20.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://im.us-imageo.com/upload/1595947721_concept_mobile.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.20.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df7b282c0dada7821a77a888e2762c3ab3c20d21f4d368ef2d90a2e9f3af81cd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:06 GMT
cf-cache-status: MISS
last-modified: Tue, 28 Jul 2020 14:48:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f203ac9-205c3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5g3BDPY%2FgQsgFYlG%2FjmtVP6WvA5LGRT2klmLXbRCEkM8Sng3E10a%2B7GeIpfIbjU69myU5K3GRfemcwjcCc%2BkofzvCnkE%2BqUHfvzweCEMFGoHv%2FQNdt4iwnyTlNKeFiZMdWeX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 87234ba7881ea1e7-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 132547

GET
H2 200 notix.js Show response
ca-drinkme.lpr.ohyousweeps.com/scripts/ 257 B
247 B 156ms
155ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-drinkme.lpr.ohyousweeps.com/scripts/notix.js
Requested by: Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/main-3ddcad86c0b8c094.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec17709236c10eb00355ac73cbcac28ee3bb80d13fba70f817fcd14c4afeea10

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
x-do-orig-status: 200
etag: W/"101-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
cf-ray: 87234ba6fbe554cd-YYZ

GET
H2 200 3641.676a155c3cf970bf.js Show response
ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/ 3 KB
2 KB 44ms
44ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/3641.676a155c3cf970bf.js
Requested by: Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/webpack-aa5832847b8cd712.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d78a1c01592c16be47c51664abcd99cb6070b5c71c2e51e4cd82304d04eeb88

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
age: 10911
x-do-orig-status: 200
etag: W/"bc2-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 87234ba74c3354cd-YYZ

GET
H2 200 6384.91a9fc33a5c0640c.js Show response
ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/ 4 KB
2 KB 42ms
42ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/6384.91a9fc33a5c0640c.js
Requested by: Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/webpack-aa5832847b8cd712.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6186e89f6be1d5a79c1333ea1eb3060461d2a8d12e67d5d9cfcdee0fea8bda5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
age: 10911
x-do-orig-status: 200
etag: W/"1139-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 87234ba74c3454cd-YYZ

GET
H2 200 4923.759d252eb2005761.js Show response
ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/ 7 KB
3 KB 66ms
66ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/4923.759d252eb2005761.js
Requested by: Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/webpack-aa5832847b8cd712.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a972b46c9e0fff510716826ae7b4f113cd50d9b25fb66bee16e415c9be77cdba

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
age: 10911
x-do-orig-status: 200
etag: W/"1d23-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 87234ba74c3654cd-YYZ

GET
H2 200 8910.a14c5ff2f5f3bf45.js Show response
ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/ 1 KB
840 B 58ms
58ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/8910.a14c5ff2f5f3bf45.js
Requested by: Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/webpack-aa5832847b8cd712.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3173a996da5d9c0d9c981e92a33d3213387392e5af5b395546f23dedb2e39f38

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
age: 10911
x-do-orig-status: 200
etag: W/"483-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 87234ba74c3854cd-YYZ

GET
H2 200 image
ca-drinkme.lpr.ohyousweeps.com/_next/ 9 KB
9 KB 50ms
49ms Image
image/webp 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ca-drinkme.lpr.ohyousweeps.com/_next/image?url=https%3A%2F%2Fim.us-imageo.com%2Fupload%2F1561383747_yellow-banner-en.png&w=640&q=75

Requested by

Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/main-3ddcad86c0b8c094.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcc14e3741434b43b3497f47b3f05537628233345adabe1bb080bf490ee9739e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:05 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status: HIT
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
age: 10998
x-do-orig-status: 200
x-nextjs-cache: HIT
content-disposition: inline; filename="1561383747_yellow-banner-en.webp"
content-length: 8980
server: cloudflare
etag: 3MFON0FDS0OzSX9Hs-BVN2KCMzRa2r4bsIC-SQ7pc54=
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 87234ba74c3a54cd-YYZ

GET
H2 200 image
ca-drinkme.lpr.ohyousweeps.com/_next/ 82 KB
82 KB 62ms
62ms Image
image/webp 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ca-drinkme.lpr.ohyousweeps.com/_next/image?url=https%3A%2F%2Fim.us-imageo.com%2Fupload%2F1595947712_concept_web.png&w=640&q=75

Requested by

Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/main-3ddcad86c0b8c094.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d9921fe5f5032ffce9795c565b3a6666308d0a9c88763e03ff5bfd298b4a241

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:05 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status: HIT
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
age: 10998
x-do-orig-status: 200
x-nextjs-cache: STALE
content-disposition: inline; filename="1595947712_concept_web.webp"
content-length: 83524
server: cloudflare
etag: nZkh-l9QMv-Ol5XFZbOmZmMI0KnIh2PgP-W-0pi0okE=
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 87234ba74c3c54cd-YYZ

GET
H3 200 1595425343_bg_conceptcoca.png
im.us-imageo.com/upload/ 695 KB
695 KB 109ms
67ms Image
image/png 104.21.20.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.us-imageo.com/upload/1595425343_bg_conceptcoca.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.20.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77d5f457eadf8532d5cff3724acbfe127b1b19b734badaf854d8c21a02455bc9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3422
alt-svc: h3=":443"; ma=86400
content-length: 711440
last-modified: Wed, 22 Jul 2020 13:42:23 GMT
server: cloudflare
etag: "5f18423f-adb10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kt%2F3IyZLqxRMwNOTxzEFRJ%2F6gdmZTCaTiFxxVtjXUmk0t8ZsELYTfHKgekFFt6jgj4jn%2BH2118j7aHthmKcVLL1GTJ9GiH8fOdiiL5mBSt%2BJbzztE%2FAY5Q2tsn3BcMgjvt1b"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 87234ba78824a1e7-YYZ

GET
H2 200 eafabf029ad39a43-s.p.woff2
ca-drinkme.lpr.ohyousweeps.com/_next/static/media/ 8 KB
8 KB 43ms
43ms Font
font/woff2 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/media/eafabf029ad39a43-s.p.woff2
Requested by: Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/css/ffcceef0bdb89207.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dc5d0c52428fe1696264907a1054ebbaac07f8cbe45832c105f819c2ae397c0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/css/ffcceef0bdb89207.css
Origin: https://ca-drinkme.lpr.ohyousweeps.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:05 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
age: 10910
x-do-orig-status: 200
etag: W/"1edc-49773873e8"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 87234ba74c3e54cd-YYZ
content-length: 7900

GET
H2 200 b957ea75a84b6ea7-s.p.woff2
ca-drinkme.lpr.ohyousweeps.com/_next/static/media/ 8 KB
8 KB 38ms
38ms Font
font/woff2 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/media/b957ea75a84b6ea7-s.p.woff2
Requested by: Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/css/ffcceef0bdb89207.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 197a3cbd7290c242c5c765268cdd69a9a39867fdc80cd13071f243a81c56fb76

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/css/ffcceef0bdb89207.css
Origin: https://ca-drinkme.lpr.ohyousweeps.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:05 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
age: 10910
x-do-orig-status: 200
etag: W/"1ea8-49773873e8"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 87234ba74c4c54cd-YYZ
content-length: 7848

GET
H2 200 image
ca-drinkme.lpr.ohyousweeps.com/_next/ 9 KB
9 KB 43ms
43ms Image
image/webp 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ca-drinkme.lpr.ohyousweeps.com/_next/image?url=https%3A%2F%2Fim.us-imageo.com%2Fupload%2F1561383747_yellow-banner-en.png&w=1920&q=75

Requested by

Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/main-3ddcad86c0b8c094.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcc14e3741434b43b3497f47b3f05537628233345adabe1bb080bf490ee9739e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:06 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status: HIT
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
age: 10998
x-do-orig-status: 200
x-nextjs-cache: STALE
content-disposition: inline; filename="1561383747_yellow-banner-en.webp"
content-length: 8980
server: cloudflare
etag: 3MFON0FDS0OzSX9Hs-BVN2KCMzRa2r4bsIC-SQ7pc54=
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 87234ba78c9954cd-YYZ

GET
H2 200 7569.5bfd0b15aaab6307.js Show response
ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/ 13 KB
4 KB 66ms
66ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/7569.5bfd0b15aaab6307.js
Requested by: Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/webpack-aa5832847b8cd712.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc9221eb8793451fc3da88ed11057572176a8523db857638af0d24b21de2dbd3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
age: 10911
x-do-orig-status: 200
etag: W/"32d9-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 87234ba7bcde54cd-YYZ

GET
H2 200 2273.3770f82f7cbee1eb.js Show response
ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/ 4 KB
2 KB 51ms
51ms Script
application/javascript 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/2273.3770f82f7cbee1eb.js
Requested by: Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/_next/static/chunks/webpack-aa5832847b8cd712.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 242adb7814a99d768b1958248d31f205bc26d41784cc2eedc564271ce7d7d981

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
age: 10911
x-do-orig-status: 200
etag: W/"1030-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 87234ba7bce154cd-YYZ

GET
H3 200 z0grz0mex9 Show response
trk-consulatu.com/scripts/push/script/ 7 KB
3 KB 203ms
45ms Script
application/javascript 172.64.110.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk-consulatu.com/scripts/push/script/z0grz0mex9?url=ca-drinkme.lpr.ohyousweeps.com&alturl=/

Requested by

Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/scripts/notifyAI.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.110.3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c818c62a7dddeae3cf6684f3df661970792a13a0f56b9ff20c47275199aa210f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:06 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3686
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 10 Apr 2024 13:04:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z6v9Z32zguDxylI%2BI2F81TMLL3yAw0N8IlR8cSeOe3XNSWeaNtxv65aIrhhZYEj%2Fm6RW78OzlNr%2B8mEX0Lct%2FdK1yIgY%2FKgAsaKNFZAjmkRcmO9%2FQ9t%2B8Yx4cJ4vebV%2FqhzDrg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, must-revalidate
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray: 87234ba8fe4d436c-EWR
expires: 0

GET
H2 200 enot.min.js Show response
notix.io/ent/current/ 142 KB
43 KB 1850ms
229ms Script
application/javascript 139.45.197.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/ent/current/enot.min.js
Requested by: Host: ca-drinkme.lpr.ohyousweeps.com
URL: https://ca-drinkme.lpr.ohyousweeps.com/scripts/notix.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6ccf4be26c7c79133eaf94c9c64a2ace27574e72d4c40c3c2011479cadca1f55

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 14:06:07 GMT
content-encoding: gzip
last-modified: Wed, 13 Mar 2024 11:17:38 GMT
server: nginx
etag: W/"65f18b52-2380d"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 image
ca-drinkme.lpr.ohyousweeps.com/_next/ 156 B
319 B 36ms
35ms Image
image/webp 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ca-drinkme.lpr.ohyousweeps.com/_next/image?url=%2Fimages%2FgreaterThan.png&w=16&q=75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9db286fe51de8324ee88339a4f87e929f5670ca9d0a79471ae50ade6083f896

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:06 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status: HIT
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
age: 48
x-do-orig-status: 200
x-nextjs-cache: STALE
content-disposition: inline; filename="greaterThan.webp"
content-length: 156
server: cloudflare
etag: ydsob+Ud6DJO6IM5pPh+kp9WcMqdCnlHGuUK3mCD+JY=
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=60, must-revalidate
accept-ranges: bytes
cf-ray: 87234ba83d7954cd-YYZ

POST
H3 200 57dkwyrvdw
event.trk-consulatu.com/register/event_log/ 0
0 55ms
55ms Fetch 172.64.111.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-consulatu.com/register/event_log/57dkwyrvdw

Requested by

Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/z0grz0mex9?url=ca-drinkme.lpr.ohyousweeps.com&alturl=/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.111.3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: application/json

Response headers

expires: 0
date: Wed, 10 Apr 2024 14:06:07 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lcj5na%2BkL%2FDpS%2BvNPYMkLNPTxwxS2dJTU8rLJKY5T66%2BTMNstOH%2BBP%2BFniNtH0g84RmTJWCVp0tA2ue5nTvFDW%2FpGRZtyCYemIMcMSF2CjhC6VVLE6dJ5U2KZg8NYXBl9RLiv9eJbqRRTw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray: 87234baf9bad4267-EWR
x-pushplatformapp-params

OPTIONS
H3 200 57dkwyrvdw
event.trk-consulatu.com/register/event_log/ 0
0 469ms
54ms Preflight 172.64.111.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-consulatu.com/register/event_log/57dkwyrvdw

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.111.3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ca-drinkme.lpr.ohyousweeps.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 87234baf3b304267-EWR
content-length: 0
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date: Wed, 10 Apr 2024 14:06:07 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0JjOrjz9xzumKWE%2BU8hTXh4k2Le%2BrLCiRMNsSfzNES5anfVIaplLg8gfxcRaaQDuxOorDv7zmy0kcgRpephpYCSYf8b06t7TKtXCDjMXYvssWCQs0Y%2Fz9%2B9767G1GcJjCj6x1chRtP1Z3w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H2 201 certs Show response
api.trustedform.com/ 475 B
686 B 124ms
43ms XHR
application/json 44.220.109.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17127579658960.9822687067229354&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.220.109.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-220-109-84.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: ce6e30cee80b4e35065ab0e67bcccfe7dce3ce450b2afb7c6c6dda44f95060fd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Apr 2024 14:06:07 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

GET
H2 200 trustedform-1.9.4.js Show response
cdn.trustedform.com/ 84 KB
33 KB 38ms
38ms Script
application/javascript 3.162.3.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.9.4.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17127579658960.9822687067229354&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-78.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: daec1d32a4f211884695930cbc2443467f28e7bd1b1ae1afb7f2eb16349aacfe

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 99pp4qPmo76AUtojH7nmQZ_9ll2PZAe4
content-encoding: gzip
via: 1.1 4e4d9ea09cd9de42a68977a2ab50f752.cloudfront.net (CloudFront)
date: Wed, 10 Apr 2024 14:05:52 GMT
last-modified: Thu, 28 Mar 2024 21:16:58 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-P2
age: 24
etag: W/"f46641519eee44fe450f02ae72e64a74"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: XzBZsVD-zzcnfF3MFCF8jaQNwWKxwdJcSX-N0xnabwkufuxiAPklFw==

POST
H2 204 snapshot Show response
api.trustedform.com/certs/a27cfb86c2e0b08c9000ee4b4d4db7c40d99a041/ 0
159 B 43ms
43ms XHR
text/plain 44.220.109.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/a27cfb86c2e0b08c9000ee4b4d4db7c40d99a041/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.220.109.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-220-109-84.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 10 Apr 2024 14:06:07 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H2 200 image
ca-drinkme.lpr.ohyousweeps.com/_next/ 9 KB
9 KB 42ms
41ms Image
image/webp 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ca-drinkme.lpr.ohyousweeps.com/_next/image?url=https%3A%2F%2Fim.us-imageo.com%2Fupload%2F1561383747_yellow-banner-en.png&w=640&q=75

Requested by

Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcc14e3741434b43b3497f47b3f05537628233345adabe1bb080bf490ee9739e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:07 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status: HIT
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
age: 11000
x-do-orig-status: 200
x-nextjs-cache: HIT
content-disposition: inline; filename="1561383747_yellow-banner-en.webp"
content-length: 8980
server: cloudflare
etag: 3MFON0FDS0OzSX9Hs-BVN2KCMzRa2r4bsIC-SQ7pc54=
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 87234bb22b9b54cd-YYZ

GET
H2 200 image
ca-drinkme.lpr.ohyousweeps.com/_next/ 82 KB
82 KB 36ms
35ms Image
image/webp 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ca-drinkme.lpr.ohyousweeps.com/_next/image?url=https%3A%2F%2Fim.us-imageo.com%2Fupload%2F1595947712_concept_web.png&w=640&q=75

Requested by

Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d9921fe5f5032ffce9795c565b3a6666308d0a9c88763e03ff5bfd298b4a241

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:07 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status: HIT
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
age: 11000
x-do-orig-status: 200
x-nextjs-cache: STALE
content-disposition: inline; filename="1595947712_concept_web.webp"
content-length: 83524
server: cloudflare
etag: nZkh-l9QMv-Ol5XFZbOmZmMI0KnIh2PgP-W-0pi0okE=
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 87234bb22b9d54cd-YYZ

GET
H2 200 image
ca-drinkme.lpr.ohyousweeps.com/_next/ 9 KB
9 KB 49ms
49ms Image
image/webp 172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ca-drinkme.lpr.ohyousweeps.com/_next/image?url=https%3A%2F%2Fim.us-imageo.com%2Fupload%2F1561383747_yellow-banner-en.png&w=1920&q=75

Requested by

Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcc14e3741434b43b3497f47b3f05537628233345adabe1bb080bf490ee9739e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:07 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status: HIT
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
age: 10999
x-do-orig-status: 200
x-nextjs-cache: STALE
content-disposition: inline; filename="1561383747_yellow-banner-en.webp"
content-length: 8980
server: cloudflare
etag: 3MFON0FDS0OzSX9Hs-BVN2KCMzRa2r4bsIC-SQ7pc54=
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 87234bb22ba054cd-YYZ

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/a27cfb86c2e0b08c9000ee4b4d4db7c40d99a041/ 0
159 B 45ms
45ms XHR
text/plain 44.220.109.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/a27cfb86c2e0b08c9000ee4b4d4db7c40d99a041/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.220.109.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-220-109-84.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 10 Apr 2024 14:06:07 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
DATA 200
OK truncated
/ 10 KB
10 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 settings Show response
notix.io/ 106 B
371 B 118ms
118ms Fetch
application/json 139.45.197.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/settings?appId=1004e05c0628e2395124a3dabc0d9c0&ver=0.16.4

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

521afc73611a7d8a747dd3690f24d7277d30a51618ebe5faec2ca64a0bfea103

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:06:08 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ca-drinkme.lpr.ohyousweeps.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 106

POST
H2 200 event
notix.io/ 15 B
279 B 116ms
115ms Ping
application/json 139.45.197.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/event

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 10 Apr 2024 14:06:08 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ca-drinkme.lpr.ohyousweeps.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 15

OPTIONS
H2 200 event
notix.io/ 0
0 594ms
114ms Preflight
text/plain 139.45.197.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/event
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ca-drinkme.lpr.ohyousweeps.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ca-drinkme.lpr.ohyousweeps.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Wed, 10 Apr 2024 14:06:08 GMT
server: nginx

OPTIONS
H2 200 event
notix.io/ 0
0 473ms
115ms Preflight
text/plain 139.45.197.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/event
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ca-drinkme.lpr.ohyousweeps.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ca-drinkme.lpr.ohyousweeps.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Wed, 10 Apr 2024 14:06:08 GMT
server: nginx

POST
H2 200 event
notix.io/ 15 B
279 B 117ms
115ms Ping
application/json 139.45.197.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/event

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 10 Apr 2024 14:06:08 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ca-drinkme.lpr.ohyousweeps.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 15

POST
H2 200 event
notix.io/ 15 B
279 B 117ms
116ms Ping
application/json 139.45.197.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/event

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 10 Apr 2024 14:06:08 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ca-drinkme.lpr.ohyousweeps.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 15

OPTIONS
H2 200 event
notix.io/ 0
0 472ms
115ms Preflight
text/plain 139.45.197.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/event
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ca-drinkme.lpr.ohyousweeps.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ca-drinkme.lpr.ohyousweeps.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Wed, 10 Apr 2024 14:06:08 GMT
server: nginx

OPTIONS
H3 200 57dkwyrvdw
event.trk-consulatu.com/register/event_log/ 0
0 55ms
54ms Preflight 172.64.111.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-consulatu.com/register/event_log/57dkwyrvdw

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.111.3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ca-drinkme.lpr.ohyousweeps.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 87234bbaa9d54267-EWR
content-length: 0
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date: Wed, 10 Apr 2024 14:06:09 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C9e8ypH%2FuLvQ03s100hN%2F4ej1YFkCbRAD4MrfsHLiIxhWUYGLr%2Ff%2FFHpoPQ1bsxDFYlwu3WuymZ0Crm688pOBU2kqF9AxhD01GppSlwYHIhCUcHwaqV8EJ4KOVIt01QV1HTtBAb%2Fj9eMrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H3 200 57dkwyrvdw
event.trk-consulatu.com/register/event_log/ 0
0 55ms
55ms Fetch 172.64.111.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-consulatu.com/register/event_log/57dkwyrvdw

Requested by

Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/z0grz0mex9?url=ca-drinkme.lpr.ohyousweeps.com&alturl=/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.111.3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: application/json

Response headers

expires: 0
date: Wed, 10 Apr 2024 14:06:09 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ypq79rDTpR1%2F7JJaAxTVQWW89tpAUNv3oy%2Fd7o3F9%2B%2BzY2vV7KuJCevawtjXdH54rd7fp7nAam0mgkmymszRtKa%2BSHAHJtfM155so4rNIKYVMIgb0DXXcj9qxl2EGtkVmeV8FCozFIvybA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray: 87234bbafa434267-EWR
x-pushplatformapp-params

POST
H2 200 event
notix.io/ 15 B
279 B 116ms
115ms Ping
application/json 139.45.197.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/event

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ca-drinkme.lpr.ohyousweeps.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 10 Apr 2024 14:06:10 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ca-drinkme.lpr.ohyousweeps.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 15

OPTIONS
H2 200 event
notix.io/ 0
0 115ms
114ms Preflight
text/plain 139.45.197.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/event
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ca-drinkme.lpr.ohyousweeps.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ca-drinkme.lpr.ohyousweeps.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Wed, 10 Apr 2024 14:06:10 GMT
server: nginx

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ca-drinkme.lpr.ohyousweeps.com/	1970-01-20 19:45:59	Name: __cf_bm Value: reRh7Z4gHT07CKyBEnKg7ZhcqloZVLG5tYn4Vo0Yx9I-1712757967-1.0.1.1-KIUxMTeD5APv_F5ToTzS7h4jAzWItBdlZJr5zEgl_qU.1oAzjtdhE7WfKwMGt5jHgwXd1tCYptXOeGqHX6uSMg

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ca-drinkme.lpr.ohyousweeps.com/undefined Message: Failed to load resource: the server responded with a status of 404 ()
other	error	URL: https://ca-drinkme.lpr.ohyousweeps.com/#/?reqid=2312471389&oid=26730&a=2869&cid=582640&s1=192 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.trustedform.com
ca-drinkme.lpr.ohyousweeps.com
cdn.trustedform.com
event.trk-consulatu.com
fonts.googleapis.com
im.us-imageo.com
lpapi.ld-genie.com
notix.io
trk-consulatu.com
104.21.20.14
104.21.24.108
139.45.197.253
172.253.122.95
172.64.110.3
172.64.111.3
172.66.0.96
3.162.3.78
44.220.109.84
08a99671824a64e16cf410ed21555b857f6df05a48f4285b4a2c37611ce050ce
1462e67150facc091d6b0373d7178e59ba1d4acae61fa402a9c49b9d5df03226
197a3cbd7290c242c5c765268cdd69a9a39867fdc80cd13071f243a81c56fb76
1bd3c737bffeaef8ea072dae3ae5157db96be1d5aa11355926495b01ea348716
242adb7814a99d768b1958248d31f205bc26d41784cc2eedc564271ce7d7d981
3173a996da5d9c0d9c981e92a33d3213387392e5af5b395546f23dedb2e39f38
35cbf6a6e5e7ff72ebb142669e1727de048df4fc13fc9fb5d9bd2d8334de7a71
3dc5d0c52428fe1696264907a1054ebbaac07f8cbe45832c105f819c2ae397c0
41df66f0b4d297332809e2d8938fe650adde9c577268a9f2c453c2aadbeff057
4339b71e4e7a6bc272075e73198fd35e9a45991ebe1d9dec0b0b6a4cc6854ea1
4ee79bacd4b4b5c930531b56894fe8f0357ab0be15297e6dbdd2373141af6a40
521afc73611a7d8a747dd3690f24d7277d30a51618ebe5faec2ca64a0bfea103
53bfb9a64de40c2138e4cc89346316582449cee246b5838d61e1badc96891a8a
64f20793fec70cd9226325d235d90f0fa698e25c9956bf8cf9a0a59576d34925
6ccf4be26c7c79133eaf94c9c64a2ace27574e72d4c40c3c2011479cadca1f55
6d78a1c01592c16be47c51664abcd99cb6070b5c71c2e51e4cd82304d04eeb88
77d5f457eadf8532d5cff3724acbfe127b1b19b734badaf854d8c21a02455bc9
7d74bdd6d4a41d352668bd82d267ab63420ecf7e805d0bc55ed885bb26789b72
808eb1aa1ec1ee07e101b17e80454b47790ca3ad7079a19bf31edd6152fea2f2
8bca92b278d68953e3f3e9bd23b31caabd8f3286f2ffc6c72239db68b7e02377
8d10c26b877135fa40dab5327e6e906337197a47847c00ff57b42eca73582b9b
9d22dd29b426b567746e06dc9fe7b47f416446351faaf77186ccb8df230eea10
9d9921fe5f5032ffce9795c565b3a6666308d0a9c88763e03ff5bfd298b4a241
9f8286214f7f23287908ec2c6da7f8ea5ed67fef0bd3a7d70eead2411033b8dd
a972b46c9e0fff510716826ae7b4f113cd50d9b25fb66bee16e415c9be77cdba
b6338fc4c7325bf749ea815cca9fc94dcfe5446b5f4ff27b49213631ab8589b4
bb9f4f94a17e3726e2a7feaa2d2bff01b52a814ef269f8bea7c051e602efe3b2
beb4fe85c592d699013d9f90a391d3054232238acd104cb048da1a3a77f37466
c085969288e366f115fd6ba1c93ce5c3ffecb65f6298a770385e192872f96252
c0f30a4dacb48725b14e59742a7a0fe4f2016614fa71391236e56557e6765130
c6186e89f6be1d5a79c1333ea1eb3060461d2a8d12e67d5d9cfcdee0fea8bda5
c818c62a7dddeae3cf6684f3df661970792a13a0f56b9ff20c47275199aa210f
c9db286fe51de8324ee88339a4f87e929f5670ca9d0a79471ae50ade6083f896
cc9221eb8793451fc3da88ed11057572176a8523db857638af0d24b21de2dbd3
ce6e30cee80b4e35065ab0e67bcccfe7dce3ce450b2afb7c6c6dda44f95060fd
daec1d32a4f211884695930cbc2443467f28e7bd1b1ae1afb7f2eb16349aacfe
dcc14e3741434b43b3497f47b3f05537628233345adabe1bb080bf490ee9739e
df7b282c0dada7821a77a888e2762c3ab3c20d21f4d368ef2d90a2e9f3af81cd
e1ab66a7491b6307e5fdc14fbd5b0de4ecac697c38c3ef15ff140b976dc00720
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec17709236c10eb00355ac73cbcac28ee3bb80d13fba70f817fcd14c4afeea10
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
f90de736f6ff83da489522cee313c012ce3309322e062293f92680c64489f151

ca-drinkme.lpr.ohyousweeps.com Open in urlscan Pro 172.66.0.96 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

59 Requests

98 %HTTPS

0 %IPv6

7 Domains

9 Subdomains

10 IPs

3 Countries

1531 kBTransfer

2749 kBSize

1 Cookies

1 Outgoing links

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ca-drinkme.lpr.ohyousweeps.com Open in urlscan Pro
172.66.0.96 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

98 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

10
IPs

3
Countries

1531 kB
Transfer

2749 kB
Size

1
Cookies

59 HTTP transactions
1 data transactions