ca-chikenfoodred.lpr.ohyousweeps.com Open in urlscan Pro
2606:4700:7::60 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://frstafflinks.com/?a=1850&oc=37786&c=71285&m=7&s1=241845&s2=66771daa16f0cf00016b3030
Effective URL:
https://ca-chikenfoodred.lpr.ohyousweeps.com/
Submission: On June 24 via api (June 24th 2024, 3:51:40 pm UTC) from US — Scanned from DE

Summary HTTP 52 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 5 countries across 9 domains to perform 52 HTTP transactions. The main IP is 2606:4700:7::60, located in United States and belongs to CLOUDFLARENET, US. The main domain is ca-chikenfoodred.lpr.ohyousweeps.com.
TLS certificate: Issued by GTS CA 1P5 on June 2nd 2024. Valid for: 3 months.

This is the only time ca-chikenfoodred.lpr.ohyousweeps.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	52.210.246.5 52.210.246.5	16509 (AMAZON-02) (AMAZON-02)
1 1	34.252.193.177 34.252.193.177	16509 (AMAZON-02) (AMAZON-02)
27	2606:4700:7::60 2606:4700:7::60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
6	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	52.54.233.190 52.54.233.190	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:223... 2600:9000:223d:7400:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
2	172.67.181.103 172.67.181.103	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	139.45.197.227 139.45.197.227	9002 (RETN-AS) (RETN-AS)
52	9

2 52.210.246.5 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-246-5.eu-west-1.compute.amazonaws.com

frstafflinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.193.177 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-193-177.eu-west-1.compute.amazonaws.com

znqroot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:4700:7::60 (United States)

ASN13335 (CLOUDFLARENET, US)

ca-chikenfoodred.lpr.ohyousweeps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

lpapi.ld-genie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.trk-consulatu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.54.233.190 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-233-190.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:7400:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.181.103 (United States)

ASN13335 (CLOUDFLARENET, US)

im.eu-imageo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

trk-consulatu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 139.45.197.227 (United Kingdom)

ASN9002 (RETN-AS, GB)

notix.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	ohyousweeps.com ca-chikenfoodred.lpr.ohyousweeps.com	523 KB
9	notix.io notix.io — Cisco Umbrella Rank: 25883	45 KB
7	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 24046 cdn.trustedform.com — Cisco Umbrella Rank: 29437	43 KB
4	trk-consulatu.com trk-consulatu.com — Cisco Umbrella Rank: 114333 event.trk-consulatu.com — Cisco Umbrella Rank: 272081	3 KB
3	ld-genie.com lpapi.ld-genie.com	15 KB
2	eu-imageo.com im.eu-imageo.com	869 KB
2	frstafflinks.com 2 redirects frstafflinks.com	836 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	964 B
1	znqroot.com 1 redirects znqroot.com	842 B
52	9

	Domain	Requested by
27	ca-chikenfoodred.lpr.ohyousweeps.com	ca-chikenfoodred.lpr.ohyousweeps.com
9	notix.io	ca-chikenfoodred.lpr.ohyousweeps.com notix.io
5	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
3	event.trk-consulatu.com	trk-consulatu.com
3	lpapi.ld-genie.com	ca-chikenfoodred.lpr.ohyousweeps.com
2	im.eu-imageo.com
2	cdn.trustedform.com	api.trustedform.com
2	frstafflinks.com	2 redirects
1	trk-consulatu.com	ca-chikenfoodred.lpr.ohyousweeps.com
1	fonts.googleapis.com	ca-chikenfoodred.lpr.ohyousweeps.com
1	znqroot.com	1 redirects
52	11

This site contains links to these domains. Also see Links.

Domain
ohyousweeps.com

Subject Issuer	Validity	Valid
lpr.ohyousweeps.com GTS CA 1P5	`2024-06-02` - `2024-08-31`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
ld-genie.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
eu-imageo.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
trk-consulatu.com WE1	`2024-06-20` - `2024-09-18`	3 months	crt.sh
notix.io R3	`2024-04-27` - `2024-07-26`	3 months	crt.sh
*.trustedform.com Amazon RSA 2048 M03	`2023-08-11` - `2024-09-07`	a year	crt.sh
cdn.trustedform.com Amazon RSA 2048 M03	`2024-02-13` - `2025-03-13`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Frame ID: 5CFCAB0096BC305FAA33B3BA2A288C39
Requests: 50 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Win a $100 KFC Gift card!

Page URL History Show full URLs

http://frstafflinks.com/?a=1850&oc=37786&c=71285&m=7&s1=241845&s2=66771daa16f0cf00016b3030 HTTP 307
https://frstafflinks.com/?a=1850&oc=37786&c=71285&m=7&s1=241845&s2=66771daa16f0cf00016b3030 HTTP 302
https://frstafflinks.com/?a=1850&oc=37786&c=71285&m=7&s1=241845&s2=66771daa16f0cf00016b3030&ch-redir=... HTTP 302
https://znqroot.com/?a=1850&oc=37786&c=71285&m=7&s1=241845&s2=66771daa16f0cf00016b3030&ch-redir=... HTTP 302
https://ca-chikenfoodred.lpr.ohyousweeps.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

52
Requests

98 %
HTTPS

30 %
IPv6

9
Domains

11
Subdomains

9
IPs

5
Countries

1509 kB
Transfer

2834 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://ohyousweeps.com/canada/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://frstafflinks.com/?a=1850&oc=37786&c=71285&m=7&s1=241845&s2=66771daa16f0cf00016b3030 HTTP 307
https://frstafflinks.com/?a=1850&oc=37786&c=71285&m=7&s1=241845&s2=66771daa16f0cf00016b3030 HTTP 302
https://frstafflinks.com/?a=1850&oc=37786&c=71285&m=7&s1=241845&s2=66771daa16f0cf00016b3030&ch-redir=1&ckmxid=cpspc15g00018j0ju9ng HTTP 302
https://znqroot.com/?a=1850&oc=37786&c=71285&m=7&s1=241845&s2=66771daa16f0cf00016b3030&ch-redir=1&ckmxid=cpspc15g00018j0ju9ng&ckmguid=c84f7eda-24fd-4ab8-9f7f-847d296b8cc8 HTTP 302
https://ca-chikenfoodred.lpr.ohyousweeps.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17192442938730.7353270632015716&invert_field_sensitivity=false HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17192442938730.7353270632015716&invert_field_sensitivity=false

52 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ca-chikenfoodred.lpr.ohyousweeps.com/
Redirect Chain

http://frstafflinks.com/?a=1850&oc=37786&c=71285&m=7&s1=241845&s2=66771daa16f0cf00016b3030
https://frstafflinks.com/?a=1850&oc=37786&c=71285&m=7&s1=241845&s2=66771daa16f0cf00016b3030
https://frstafflinks.com/?a=1850&oc=37786&c=71285&m=7&s1=241845&s2=66771daa16f0cf00016b3030&ch-redir=1&ckmxid=cpspc15g00018j0ju9ng
https://znqroot.com/?a=1850&oc=37786&c=71285&m=7&s1=241845&s2=66771daa16f0cf00016b3030&ch-redir=1&ckmxid=cpspc15g00018j0ju9ng&ckmguid=c84f7eda-24fd-4ab8-9f7f-847d296b8cc8
https://ca-chikenfoodred.lpr.ohyousweeps.com/

53 KB
10 KB

540ms
92ms

Document
text/html

2606:4700:7::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Next.js
Resource Hash: e03ba7d7ca605b48109bbff0c1f607d86cb997f53625ab51df1077abbe4aa7b1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: s-maxage=3600, stale-while-revalidate
cf-cache-status: MISS
cf-ray: 898de140ca5b3684-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 24 Jun 2024 15:51:33 GMT
server: cloudflare
vary: Accept-Encoding
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
x-do-orig-status: 200
x-nextjs-cache: HIT
x-powered-by: Next.js

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 235
Content-Type: text/html; charset=utf-8
Date: Mon, 24 Jun 2024 15:51:32 GMT
Location: https://ca-chikenfoodred.lpr.ohyousweeps.com/#/?reqid=2317351485&oid=31671&a=1850&cid=608414&s1=241845
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 c92405fb728e0c3f.css
ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/css/ 114 KB
20 KB 127ms
127ms Stylesheet
text/css 2606:4700:7::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/css/c92405fb728e0c3f.css
Requested by: Host: ca-chikenfoodred.lpr.ohyousweeps.com
URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51761027c3827b6b88ec1c7e38560edbd92e1422281d5ced264dffc63ab85e09

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:33 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
x-do-orig-status: 200
etag: W/"1c7ae-49773873e8"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 898de1417b6d3684-FRA

GET
H2 200 webpack-080081169bb57c98.js Show response
ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/ 6 KB
3 KB 114ms
114ms Script
application/javascript 2606:4700:7::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/webpack-080081169bb57c98.js
Requested by: Host: ca-chikenfoodred.lpr.ohyousweeps.com
URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c56c23ceba67e0880790b2b7c90c18d8b9a15f0e12fd61c98c4964c3ffa7522

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:33 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
x-do-orig-status: 200
etag: W/"1840-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 898de1417b743684-FRA

GET
H2 200 framework-92a422f151f77ddb.js Show response
ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/ 138 KB
44 KB 112ms
111ms Script
application/javascript 2606:4700:7::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/framework-92a422f151f77ddb.js
Requested by: Host: ca-chikenfoodred.lpr.ohyousweeps.com
URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c085969288e366f115fd6ba1c93ce5c3ffecb65f6298a770385e192872f96252

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:33 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
x-do-orig-status: 200
etag: W/"226b9-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 898de1424cb93684-FRA

GET
H2 200 main-3ddcad86c0b8c094.js Show response
ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/ 124 KB
36 KB 110ms
106ms Script
application/javascript 2606:4700:7::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/main-3ddcad86c0b8c094.js
Requested by: Host: ca-chikenfoodred.lpr.ohyousweeps.com
URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bca92b278d68953e3f3e9bd23b31caabd8f3286f2ffc6c72239db68b7e02377

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:33 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
x-do-orig-status: 200
etag: W/"1ee6b-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 898de1425cce3684-FRA

GET
H2 200 _app-2de5a29f8259c415.js Show response
ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/pages/ 305 KB
89 KB 158ms
154ms Script
application/javascript 2606:4700:7::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/pages/_app-2de5a29f8259c415.js
Requested by: Host: ca-chikenfoodred.lpr.ohyousweeps.com
URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbed4fac62181907d026fb7e4ed2e4de9f8f18239692828737e10a5f772a44d1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:33 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
x-do-orig-status: 200
etag: W/"4c354-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 898de1425cd03684-FRA

GET
H2 200 b637e9a5-445986cafd87aa11.js Show response
ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/ 85 KB
30 KB 206ms
202ms Script
application/javascript 2606:4700:7::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/b637e9a5-445986cafd87aa11.js
Requested by: Host: ca-chikenfoodred.lpr.ohyousweeps.com
URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f8286214f7f23287908ec2c6da7f8ea5ed67fef0bd3a7d70eead2411033b8dd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:33 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
x-do-orig-status: 200
etag: W/"152b1-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 898de1425cd13684-FRA

GET
H2 200 4870-ffe4bae46444420d.js Show response
ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/ 357 KB
113 KB 161ms
158ms Script
application/javascript 2606:4700:7::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/4870-ffe4bae46444420d.js
Requested by: Host: ca-chikenfoodred.lpr.ohyousweeps.com
URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 808eb1aa1ec1ee07e101b17e80454b47790ca3ad7079a19bf31edd6152fea2f2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:33 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
x-do-orig-status: 200
etag: W/"59508-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 898de1425cd23684-FRA

GET
H2 200 %5Blandingpage%5D-93cb87ca272d168d.js Show response
ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/pages/landingpages/ 88 KB
20 KB 160ms
158ms Script
application/javascript 2606:4700:7::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/pages/landingpages/%5Blandingpage%5D-93cb87ca272d168d.js
Requested by: Host: ca-chikenfoodred.lpr.ohyousweeps.com
URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fdce03581ff3c80e558493f365b4b65c46dacd4bdd507d9e00eefc964db4622

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:33 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
x-do-orig-status: 200
etag: W/"16035-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 898de1425cd43684-FRA

GET
H2 200 _buildManifest.js Show response
ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/nZI25246WG6ARLB5NwsGf/ 649 B
420 B 204ms
202ms Script
application/javascript 2606:4700:7::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/nZI25246WG6ARLB5NwsGf/_buildManifest.js
Requested by: Host: ca-chikenfoodred.lpr.ohyousweeps.com
URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf07a2a6a6c1c600afbfb8739b6f2a8bea34d72756b0ae300ece18ae75a7655b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:33 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
x-do-orig-status: 200
etag: W/"289-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 898de1425cd83684-FRA

GET
H2 200 _ssgManifest.js Show response
ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/nZI25246WG6ARLB5NwsGf/ 119 B
152 B 106ms
104ms Script
application/javascript 2606:4700:7::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/nZI25246WG6ARLB5NwsGf/_ssgManifest.js
Requested by: Host: ca-chikenfoodred.lpr.ohyousweeps.com
URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d74bdd6d4a41d352668bd82d267ab63420ecf7e805d0bc55ed885bb26789b72

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:33 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
x-do-orig-status: 200
etag: W/"77-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 898de1425cdb3684-FRA

GET
H2 200 css
fonts.googleapis.com/ 2 KB
964 B 139ms
49ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: ca-chikenfoodred.lpr.ohyousweeps.com
URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/css/c92405fb728e0c3f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f90de736f6ff83da489522cee313c012ce3309322e062293f92680c64489f151

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Jun 2024 15:51:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Jun 2024 14:00:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Jun 2024 15:51:33 GMT

GET
H2 200 cb1608f2.4b67b4d74d78a099.js Show response
ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/ 4 KB
2 KB 106ms
100ms Script
application/javascript 2606:4700:7::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/cb1608f2.4b67b4d74d78a099.js
Requested by: Host: ca-chikenfoodred.lpr.ohyousweeps.com
URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/webpack-080081169bb57c98.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ccf543350d6a4c5910bb8557058274fc37430426790eef4df9c1bf9aea667cd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:33 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
x-do-orig-status: 200
etag: W/"f1f-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 898de144a80f3684-FRA

GET
H2 200 2814.600547a8c4b34b37.js Show response
ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/ 42 KB
14 KB 126ms
121ms Script
application/javascript 2606:4700:7::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/2814.600547a8c4b34b37.js
Requested by: Host: ca-chikenfoodred.lpr.ohyousweeps.com
URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/webpack-080081169bb57c98.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1ab66a7491b6307e5fdc14fbd5b0de4ecac697c38c3ef15ff140b976dc00720

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:33 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
x-do-orig-status: 200
etag: W/"a81a-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 898de144a8143684-FRA

GET
H2 200 e8a71ef503c5cc21.css
ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/css/ 2 KB
645 B 106ms
101ms Stylesheet
text/css 2606:4700:7::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/css/e8a71ef503c5cc21.css
Requested by: Host: ca-chikenfoodred.lpr.ohyousweeps.com
URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/webpack-080081169bb57c98.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af8fdf6bc206540ea16c7d0eb9a03faad5409b6ec70e0f3b08579a13833e0a39

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:33 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
x-do-orig-status: 200
etag: W/"98e-49773873e8"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 898de144a80b3684-FRA

GET
H2 200 3265.90b408200e79bebb.js Show response
ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/ 12 KB
4 KB 118ms
113ms Script
application/javascript 2606:4700:7::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/3265.90b408200e79bebb.js
Requested by: Host: ca-chikenfoodred.lpr.ohyousweeps.com
URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/webpack-080081169bb57c98.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf6146e8d117267208f21f3e0cd443cc862b2f9610c1cbbb3b1629ef034d3bed

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:33 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
x-do-orig-status: 200
etag: W/"3194-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 898de144a8163684-FRA

GET
H3 200 / Show response
lpapi.ld-genie.com/survey/getSurveyData/72_questions.json/ 10 KB
3 KB 210ms
75ms XHR
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lpapi.ld-genie.com/survey/getSurveyData/72_questions.json/
Requested by: Host: ca-chikenfoodred.lpr.ohyousweeps.com
URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/pages/_app-2de5a29f8259c415.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.28
Resource Hash: 69e0216cea9eb2081b3c67d8610fb56be0f59b5771a9ee3b7a1e0377322fab9f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:34 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.28
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B3nNwaDMgD8Jl8AQCiEYoGQAnTXfKCUA6BAKf1NduzaoHvwQeiLkwpwUush9rNIMc8NXpcPqRtgZJZGqlvUZY7iY9eIdfCoZsuEGLuk%2FOSVyTTGEatM0KnB%2FsvxiaosvUre6SsU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://ca-chikenfoodred.lpr.ohyousweeps.com
access-control-allow-credentials: true
cf-ray: 898de145988f1e4d-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
lpapi.ld-genie.com/survey/getSurveyData/72_ads.json/ 184 KB
10 KB 235ms
102ms XHR
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lpapi.ld-genie.com/survey/getSurveyData/72_ads.json/
Requested by: Host: ca-chikenfoodred.lpr.ohyousweeps.com
URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/pages/_app-2de5a29f8259c415.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.28
Resource Hash: d5ae9338c0eda9b9cb49c56fd571dc785de1d0e5a8713e5796aa1d6388bca711

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:34 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.28
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pdvg6xaKfU7tDTakGd6E%2BzNJ2NCyFN0F89r7CV4yZ66XSQ9lhGnz2tCQJ7d1IYvJ2fH%2B2eGXC2v%2FKnqUmSBqpy1WBa2bWa18%2FyacC2U4sSyyLOafiNv6wxV59qDhr5k%2Bh2Ta00Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://ca-chikenfoodred.lpr.ohyousweeps.com
access-control-allow-credentials: true
cf-ray: 898de145988d1e4d-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
lpapi.ld-genie.com/survey/getSurveyData/72_cosponsors.json/ 9 KB
2 KB 214ms
83ms XHR
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lpapi.ld-genie.com/survey/getSurveyData/72_cosponsors.json/
Requested by: Host: ca-chikenfoodred.lpr.ohyousweeps.com
URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/pages/_app-2de5a29f8259c415.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.28
Resource Hash: 24fcd12d8fc82302f523acf7cd0e548d433286d7dc612856dd172b8646431243

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:34 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.28
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9L4K%2B63v9gD3nNOFsopDGWMOtgXV%2BZsRLx8nh%2BuWmQcQ7791uljOa4Z0Cpat%2F4yQWRjOL3WqZenJJ5%2FV7L1EoCSfAQXMQqLcJyYOeIOGmCsRjAmA6NZqWa7fKg%2FLb9DS3EQ2BEQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://ca-chikenfoodred.lpr.ohyousweeps.com
access-control-allow-credentials: true
cf-ray: 898de14598871e4d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 notifyAI.js Show response
ca-chikenfoodred.lpr.ohyousweeps.com/scripts/ 532 B
348 B 102ms
101ms Script
application/javascript 2606:4700:7::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/scripts/notifyAI.js
Requested by: Host: ca-chikenfoodred.lpr.ohyousweeps.com
URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/main-3ddcad86c0b8c094.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1462e67150facc091d6b0373d7178e59ba1d4acae61fa402a9c49b9d5df03226

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:33 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
x-do-orig-status: 200
etag: W/"214-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
cf-ray: 898de144d8523684-FRA

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17192442938730.7353270632015716&invert_field_sensitivity=false
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17192442938730.7353270632015716&invert_field_sensitivity=false

16 KB
6 KB

287ms
165ms

Script
application/javascript

2600:9000:223d:7400:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17192442938730.7353270632015716&invert_field_sensitivity=false
Protocol: H2
Server: 2600:9000:223d:7400:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5bd89bfca3ca1cb53de9cf357ddc8e0e2041837783db4d49995cfb5ddd4acbc9

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 24 Jun 2024 15:51:35 GMT
x-amz-version-id: USH.kGm.LW1lWf1QLkIlyNzwTMcmWmXb
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 20:45:19 GMT
server: AmazonS3
via: 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
etag: W/"7714c59720fe363c09fbb7ada2282741"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: BcHUa31sJkMx20x-mpGGIepRjCdk_x_NOhcA6slOHowiieos6jG80Q==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17192442938730.7353270632015716&invert_field_sensitivity=false
date: Mon, 24 Jun 2024 15:51:34 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 notix.js Show response
ca-chikenfoodred.lpr.ohyousweeps.com/scripts/ 257 B
247 B 104ms
102ms Script
application/javascript 2606:4700:7::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/scripts/notix.js
Requested by: Host: ca-chikenfoodred.lpr.ohyousweeps.com
URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/main-3ddcad86c0b8c094.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec17709236c10eb00355ac73cbcac28ee3bb80d13fba70f817fcd14c4afeea10

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:33 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
x-do-orig-status: 200
etag: W/"101-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
cf-ray: 898de144d8633684-FRA

GET
H3 200 1674217162_1660553584_KFC_card_mobile.png
im.eu-imageo.com/upload/ 105 KB
106 KB 190ms
101ms Other
image/png 172.67.181.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://im.eu-imageo.com/upload/1674217162_1660553584_KFC_card_mobile.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1589befc94d07a16317c0baff8e37fee8f79f9848af5e5138e7fcaf92ed19b1b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:34 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Jan 2023 12:19:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63ca86ca-1a497"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZVdKi%2FE2IVJDFBV6WWmjpVgbxeDYziWmlkSSwTx38H0LjFBshgIhLuh41vE7vhDlYsYkYy%2BwY3TM%2Bu76z84c0Byi2E5vuV48E6HTwxCqKfoM0%2BuArROrgGehjirmJrcyip7J"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 898de145dc283681-FRA
alt-svc: h3=":443"; ma=86400
content-length: 107671

GET
H2 200 8910.a14c5ff2f5f3bf45.js Show response
ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/ 1 KB
780 B 117ms
115ms Script
application/javascript 2606:4700:7::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/8910.a14c5ff2f5f3bf45.js
Requested by: Host: ca-chikenfoodred.lpr.ohyousweeps.com
URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/webpack-080081169bb57c98.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3173a996da5d9c0d9c981e92a33d3213387392e5af5b395546f23dedb2e39f38

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:34 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
x-do-orig-status: 200
etag: W/"483-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 898de14589673684-FRA

GET
H2 200 image
ca-chikenfoodred.lpr.ohyousweeps.com/_next/ 97 KB
97 KB 148ms
146ms Image
image/webp 2606:4700:7::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/image?url=https%3A%2F%2Fim.eu-imageo.com%2Fupload%2F1674217184_1660553577_KFC_card_new_web.png&w=750&q=100

Requested by

Host: ca-chikenfoodred.lpr.ohyousweeps.com
URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/main-3ddcad86c0b8c094.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e675cfe82832fc4c4eb5c0bde58fa1e6cd0e0399baf3fb928148b43699466eaf

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:34 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status: MISS
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
x-do-orig-status: 200
etag: 5nXP6Cgy-ExOtcC95Y+h5s0OA5m68-uSgUi0NplGbq8=
vary: Accept, Accept-Encoding
content-type: image/webp
x-nextjs-cache: HIT
cache-control: public, max-age=14400, must-revalidate
content-disposition: inline; filename="1674217184_1660553577_KFC_card_new_web.webp"
accept-ranges: bytes
cf-ray: 898de14589653684-FRA
content-length: 99500

GET
H3 200 1674217168_1660306312_kfc_background_small.png
im.eu-imageo.com/upload/ 762 KB
763 KB 317ms
266ms Image
image/png 172.67.181.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.eu-imageo.com/upload/1674217168_1660306312_kfc_background_small.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fc088f5e25bd449c9f0135f88f981461a6f0c84d224abe9ecfdc64b865d20ef

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:34 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Jan 2023 12:19:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63ca86d1-be9d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=njKn04be19irwEjcG7edMLLps%2F%2FceJwaZPUcouho3t8MVrdYhbi9Iul0RXBW5gakM07S9CbnBmrvVU70Lb%2F7AwGgggBwrL6QWNPNBtRZA%2BFRp%2FiZB5cYuC5tLqVVwP47WpeH"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 898de145dc293681-FRA
alt-svc: h3=":443"; ma=86400
content-length: 780757

GET
H2 200 7f53015bcc551548-s.p.woff2
ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/media/ 11 KB
11 KB 111ms
111ms Font
font/woff2 2606:4700:7::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/media/7f53015bcc551548-s.p.woff2
Requested by: Host: ca-chikenfoodred.lpr.ohyousweeps.com
URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/css/e8a71ef503c5cc21.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ce74486e1edf5e3a7f3d0235aff5fd17b7fa0c7832648ab170a516bb1b804a8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/css/e8a71ef503c5cc21.css
Origin: https://ca-chikenfoodred.lpr.ohyousweeps.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:34 GMT
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
x-do-orig-status: 200
etag: W/"2c4c-49773873e8"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 898de145a9993684-FRA
content-length: 11340

GET
H2 200 782.f6281939fb84b136.js Show response
ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/ 3 KB
1 KB 144ms
144ms Script
application/javascript 2606:4700:7::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/782.f6281939fb84b136.js
Requested by: Host: ca-chikenfoodred.lpr.ohyousweeps.com
URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/webpack-080081169bb57c98.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9349fa8542712ed687402839d801e01eb94029de5b68237b5d1759e11ca8dde

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:34 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
x-do-orig-status: 200
etag: W/"b9c-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 898de14599843684-FRA

GET
H2 200 7569.803336c3a23c48c4.js Show response
ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/ 13 KB
4 KB 103ms
102ms Script
application/javascript 2606:4700:7::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/7569.803336c3a23c48c4.js
Requested by: Host: ca-chikenfoodred.lpr.ohyousweeps.com
URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/webpack-080081169bb57c98.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78c90f94b3117eb4f1ebf0a6f361bcb24775075080dd1b92b7d488c5a83cc6bf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:34 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
x-do-orig-status: 200
etag: W/"3492-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 898de145a9913684-FRA

GET
H2 200 4978.bcca436e9066c3b9.js Show response
ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/ 11 KB
3 KB 112ms
111ms Script
application/javascript 2606:4700:7::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/4978.bcca436e9066c3b9.js
Requested by: Host: ca-chikenfoodred.lpr.ohyousweeps.com
URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/webpack-080081169bb57c98.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dfc8b3b5fff5ce68774c88b8a185bd971af8455037a16476c4c34500735a8d5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:34 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
x-do-orig-status: 200
etag: W/"2bf6-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 898de145a9933684-FRA

GET
H2 200 5883.43c47df5e048b5ad.js Show response
ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/ 7 KB
3 KB 101ms
100ms Script
application/javascript 2606:4700:7::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/5883.43c47df5e048b5ad.js
Requested by: Host: ca-chikenfoodred.lpr.ohyousweeps.com
URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/webpack-080081169bb57c98.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88a53df942874f5d8f400ae3e2d16891215341ef0416745b094d794afa0447f0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:34 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
x-do-orig-status: 200
etag: W/"1d29-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 898de145a9963684-FRA

GET
H2 200 image
ca-chikenfoodred.lpr.ohyousweeps.com/_next/ 2 KB
2 KB 118ms
117ms Image
image/webp 2606:4700:7::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/image?url=%2Fimages%2FiconSafeServer%2Ficon-safe-server-en.png&w=128&q=100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bede0fc788d4cf2791df98c948ec378178e4a6838e83f267f013f26c27f8599

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:34 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status: MISS
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
x-do-orig-status: 200
etag: a+3g-HiNTPJ5HfmMlI7DeBeOSmg46D8mfwE-JsJ-hZk=
vary: Accept, Accept-Encoding
content-type: image/webp
x-nextjs-cache: STALE
cache-control: public, max-age=60, must-revalidate
content-disposition: inline; filename="icon-safe-server-en.webp"
accept-ranges: bytes
cf-ray: 898de145b9c23684-FRA
content-length: 2104

GET
H3 200 z0grz0mex9 Show response
trk-consulatu.com/scripts/push/script/ 8 KB
3 KB 797ms
597ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk-consulatu.com/scripts/push/script/z0grz0mex9?url=ca-chikenfoodred.lpr.ohyousweeps.com&alturl=/

Requested by

Host: ca-chikenfoodred.lpr.ohyousweeps.com
URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/scripts/notifyAI.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

577a4876a1a082f0b8d6fe9805b002693c159e8ccc669b7d68a472cba87784bb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2520
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 24 Jun 2024 15:51:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q%2BWHlAF8ZAR7WVNKvyjubmV9AYpTneuFVnihYlNKoYH90FYMMIK6knPN4VdquJhc5wbIAJ0tKA%2Be2VwmJJyJX7laa4FtsTq6Tt0aBN3CqK%2FNy%2F7mbYCZlVDp3nrklu3KwmAFnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, must-revalidate
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
accept-ranges: bytes
cf-ray: 898de1491d519bf4-FRA
expires: 0

GET
H2 200 enot.min.js Show response
notix.io/ent/current/ 142 KB
43 KB 666ms
293ms Script
application/javascript 139.45.197.227
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/ent/current/enot.min.js
Requested by: Host: ca-chikenfoodred.lpr.ohyousweeps.com
URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/scripts/notix.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.227 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6ccf4be26c7c79133eaf94c9c64a2ace27574e72d4c40c3c2011479cadca1f55

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 15:51:34 GMT
content-encoding: gzip
last-modified: Wed, 13 Mar 2024 11:17:39 GMT
server: nginx
etag: W/"65f18b53-2380d"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 4706.7dfdb27535b9ef48.js Show response
ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/ 2 KB
1 KB 122ms
121ms Script
application/javascript 2606:4700:7::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/4706.7dfdb27535b9ef48.js
Requested by: Host: ca-chikenfoodred.lpr.ohyousweeps.com
URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/chunks/webpack-080081169bb57c98.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2291844da1448941b6e56b4e1cf44ac9125c19a19aabb8404bce15880a85d074

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:34 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
x-do-orig-status: 200
etag: W/"749-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 898de1468ae43684-FRA

GET
DATA 200
OK truncated
/ 185 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92c2683be6b442107242edb6de07ac4c349abdbee834ef7c46af6ec7d46c2eb8

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 cf62dc41c37ae213-s.p.woff2
ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/media/ 11 KB
11 KB 134ms
129ms Font
font/woff2 2606:4700:7::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/media/cf62dc41c37ae213-s.p.woff2
Requested by: Host: ca-chikenfoodred.lpr.ohyousweeps.com
URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/css/e8a71ef503c5cc21.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6e8aec7ccc3eb5c11b1b26ddb6d10bffafd6c57f9841e8c8d2a7a869ff696d5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/_next/static/css/e8a71ef503c5cc21.css
Origin: https://ca-chikenfoodred.lpr.ohyousweeps.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:34 GMT
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: e02ce3e9-caf2-4aab-9da2-bb2d95e3cf0c
x-do-orig-status: 200
etag: W/"2d14-49773873e8"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 898de146fba53684-FRA
content-length: 11540

POST
H2 201 certs Show response
api.trustedform.com/ 475 B
686 B 357ms
118ms XHR
application/json 52.54.233.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17192442938730.7353270632015716&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.54.233.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-233-190.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 508b6644467450d8a743f6ffb6b053461e2a8a58ab453dd102dbdcaf8659773d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Jun 2024 15:51:34 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

GET
H2 200 settings Show response
notix.io/ 106 B
375 B 62ms
62ms Fetch
application/json 139.45.197.227
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/settings?appId=1004e05c0628e2395124a3dabc0d9c0&ver=0.16.4

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.227 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

521afc73611a7d8a747dd3690f24d7277d30a51618ebe5faec2ca64a0bfea103

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 15:51:34 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ca-chikenfoodred.lpr.ohyousweeps.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 106

POST
H2 200 event
notix.io/ 15 B
283 B 52ms
50ms Ping
application/json 139.45.197.227
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/event

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.227 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 24 Jun 2024 15:51:34 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ca-chikenfoodred.lpr.ohyousweeps.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 15

OPTIONS
H2 200 event
notix.io/ 0
0 140ms
49ms Preflight
text/plain 139.45.197.227
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/event
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.227 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ca-chikenfoodred.lpr.ohyousweeps.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ca-chikenfoodred.lpr.ohyousweeps.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Mon, 24 Jun 2024 15:51:34 GMT
server: nginx

POST
H2 200 event
notix.io/ 15 B
283 B 54ms
53ms Ping
application/json 139.45.197.227
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/event

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.227 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 24 Jun 2024 15:51:34 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ca-chikenfoodred.lpr.ohyousweeps.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 15

POST
H2 200 event
notix.io/ 15 B
283 B 48ms
46ms Ping
application/json 139.45.197.227
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/event

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.227 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 24 Jun 2024 15:51:34 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ca-chikenfoodred.lpr.ohyousweeps.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 15

OPTIONS
H2 200 event
notix.io/ 0
0 83ms
49ms Preflight
text/plain 139.45.197.227
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/event
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.227 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ca-chikenfoodred.lpr.ohyousweeps.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ca-chikenfoodred.lpr.ohyousweeps.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Mon, 24 Jun 2024 15:51:34 GMT
server: nginx

OPTIONS
H2 200 event
notix.io/ 0
0 79ms
50ms Preflight
text/plain 139.45.197.227
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/event
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.227 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ca-chikenfoodred.lpr.ohyousweeps.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ca-chikenfoodred.lpr.ohyousweeps.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Mon, 24 Jun 2024 15:51:34 GMT
server: nginx

GET
H2 200 trustedform-1.9.17.js Show response
cdn.trustedform.com/ 94 KB
36 KB 49ms
49ms Script
application/javascript 2600:9000:223d:7400:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.9.17.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17192442938730.7353270632015716&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:7400:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f3261b41b272b75587ac413fafb9b6ffd836858578557f32bea87b143dd0169

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: yPCS4iNdfsh5BqX6qtsN5d5eM3wY99Uk
content-encoding: gzip
via: 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
date: Mon, 24 Jun 2024 15:51:11 GMT
last-modified: Thu, 06 Jun 2024 20:45:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 24
etag: W/"8bed3069af20b4729a119828224df24b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: SQle5tci71eRshpvdnBoCFuOWhoQEalvR5zqVNIzpDiun9iWN22tUw==

POST
H2 204 snapshot Show response
api.trustedform.com/certs/855bd37e8cd8c9d6df232abbaefd2a9a5d0702c1/ 0
159 B 166ms
165ms XHR
text/plain 52.54.233.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/855bd37e8cd8c9d6df232abbaefd2a9a5d0702c1/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.17.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.54.233.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-233-190.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 24 Jun 2024 15:51:35 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/855bd37e8cd8c9d6df232abbaefd2a9a5d0702c1/ 0
159 B 226ms
225ms XHR
text/plain 52.54.233.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/855bd37e8cd8c9d6df232abbaefd2a9a5d0702c1/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.17.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.54.233.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-233-190.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 24 Jun 2024 15:51:35 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
DATA 200
OK truncated
/ 10 KB
10 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript

OPTIONS
H3 200 57dkwyrvdw
event.trk-consulatu.com/register/event_log/ 0
0 502ms
442ms Preflight 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-consulatu.com/register/event_log/57dkwyrvdw

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ca-chikenfoodred.lpr.ohyousweeps.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 898de151db5237c8-FRA
content-length: 0
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date: Mon, 24 Jun 2024 15:51:36 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qbDhvttcBdSLrhQtKZYjcvr8BtfmAKgODC8y5A54oGlyMfiPSrQsS4v%2FNmt17TovQumBQic%2FU8ug7CKHUkHlG51cOnuhIN0aANTlC348%2BfelmmrQZAioIblqCJZM5A6ZuP5cmdII12AL%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H3 200 57dkwyrvdw
event.trk-consulatu.com/register/event_log/ 0
0 178ms
175ms Fetch 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-consulatu.com/register/event_log/57dkwyrvdw

Requested by

Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/z0grz0mex9?url=ca-chikenfoodred.lpr.ohyousweeps.com&alturl=/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/json

Response headers

expires: 0
date: Mon, 24 Jun 2024 15:51:36 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0QC90RJ1B0mpsAS%2BZ1cPz1I6WwPSizkMWqRrLGlTRjVilmkQKA1h8rSQ9XOdsMfgF6WwWiexyABgo1mQhBFJjlg%2Bd7mDZARfS829xzkvDTeHA41F6Gn254baFuwHEW3N3nLold6UN50R4w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray: 898de154afa737c8-FRA
x-pushplatformapp-params

POST
H2 200 event
notix.io/ 15 B
283 B 50ms
49ms Ping
application/json 139.45.197.227
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/event

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.227 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 24 Jun 2024 15:51:36 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ca-chikenfoodred.lpr.ohyousweeps.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 15

POST
H2 204 events Show response
api.trustedform.com/certs/855bd37e8cd8c9d6df232abbaefd2a9a5d0702c1/ 0
159 B 119ms
118ms XHR
text/plain 52.54.233.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/855bd37e8cd8c9d6df232abbaefd2a9a5d0702c1/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.17.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.54.233.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-233-190.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 24 Jun 2024 15:51:36 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H3 200 57dkwyrvdw
event.trk-consulatu.com/register/event_log/ 0
0 151ms
150ms Fetch 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-consulatu.com/register/event_log/57dkwyrvdw

Requested by

Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/z0grz0mex9?url=ca-chikenfoodred.lpr.ohyousweeps.com&alturl=/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://ca-chikenfoodred.lpr.ohyousweeps.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/json

Response headers

expires: 0
date: Mon, 24 Jun 2024 15:51:38 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ncCAG2grWQodrv2RiYl8O20DR84xpc5uaMoEDKJJPpVFQGI5M%2Brjnl4AODyc2jvKk0iqNcj7jSCjm7EqvVaLLf2uuGCMOT16jXZ8yK9qyqUtTuQpt7h3oJm3Q3x0J%2Fc%2BniFWLbxALy5A0A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray: 898de15eac8437c8-FRA
x-pushplatformapp-params

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.znqroot.com/	1969-12-31 23:59:59	Name: sid Value: lUJgV33ZZILESQ+okhys+kMcTf86EB5tw3Jz0PFkAfVRVECWh26m2Q==
.znqroot.com/	1970-01-21 07:10:04	Name: trk Value: JCKvd3fNi2ALvdSeuQ8aRUMcTf86EB5tw3Jz0PFkAfVRVECWh26m2Q==
.znqroot.com/	1970-01-20 21:36:57	Name: c31671 Value: lUJgV33ZZIIine7LDUgCnoJF2rSIDDpe6d+HA6FOiPdHPbG2aEuKfw==
.ca-chikenfoodred.lpr.ohyousweeps.com/	1970-01-20 21:34:06	Name: __cf_bm Value: 8bQ14WZ8UCxYHH1S7Zy2vUmuGE.s7kYXsUsM1LvMf.Y-1719244294-1.0.1.1-UDVpVgyKtzEwzVx6jmB0np0uLYlsRaaMPMjfGVIQ1pQ1zL97cdroJzvuMPq9VwTKmZWMILu7XiNBECMNggsqVQ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://ca-chikenfoodred.lpr.ohyousweeps.com/#/?reqid=2317351485&oid=31671&a=1850&cid=608414&s1=241845 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.trustedform.com
ca-chikenfoodred.lpr.ohyousweeps.com
cdn.trustedform.com
event.trk-consulatu.com
fonts.googleapis.com
frstafflinks.com
im.eu-imageo.com
lpapi.ld-genie.com
notix.io
trk-consulatu.com
znqroot.com
139.45.197.227
172.67.181.103
188.114.96.3
188.114.97.3
2600:9000:223d:7400:1c:7f1a:6680:93a1
2606:4700:7::60
2a00:1450:4001:829::200a
34.252.193.177
52.210.246.5
52.54.233.190
0c56c23ceba67e0880790b2b7c90c18d8b9a15f0e12fd61c98c4964c3ffa7522
0dfc8b3b5fff5ce68774c88b8a185bd971af8455037a16476c4c34500735a8d5
1462e67150facc091d6b0373d7178e59ba1d4acae61fa402a9c49b9d5df03226
1589befc94d07a16317c0baff8e37fee8f79f9848af5e5138e7fcaf92ed19b1b
1ce74486e1edf5e3a7f3d0235aff5fd17b7fa0c7832648ab170a516bb1b804a8
1f3261b41b272b75587ac413fafb9b6ffd836858578557f32bea87b143dd0169
2291844da1448941b6e56b4e1cf44ac9125c19a19aabb8404bce15880a85d074
24fcd12d8fc82302f523acf7cd0e548d433286d7dc612856dd172b8646431243
3173a996da5d9c0d9c981e92a33d3213387392e5af5b395546f23dedb2e39f38
508b6644467450d8a743f6ffb6b053461e2a8a58ab453dd102dbdcaf8659773d
51761027c3827b6b88ec1c7e38560edbd92e1422281d5ced264dffc63ab85e09
521afc73611a7d8a747dd3690f24d7277d30a51618ebe5faec2ca64a0bfea103
577a4876a1a082f0b8d6fe9805b002693c159e8ccc669b7d68a472cba87784bb
5bd89bfca3ca1cb53de9cf357ddc8e0e2041837783db4d49995cfb5ddd4acbc9
69e0216cea9eb2081b3c67d8610fb56be0f59b5771a9ee3b7a1e0377322fab9f
6bede0fc788d4cf2791df98c948ec378178e4a6838e83f267f013f26c27f8599
6ccf4be26c7c79133eaf94c9c64a2ace27574e72d4c40c3c2011479cadca1f55
6ccf543350d6a4c5910bb8557058274fc37430426790eef4df9c1bf9aea667cd
6fdce03581ff3c80e558493f365b4b65c46dacd4bdd507d9e00eefc964db4622
78c90f94b3117eb4f1ebf0a6f361bcb24775075080dd1b92b7d488c5a83cc6bf
7d74bdd6d4a41d352668bd82d267ab63420ecf7e805d0bc55ed885bb26789b72
808eb1aa1ec1ee07e101b17e80454b47790ca3ad7079a19bf31edd6152fea2f2
88a53df942874f5d8f400ae3e2d16891215341ef0416745b094d794afa0447f0
8bca92b278d68953e3f3e9bd23b31caabd8f3286f2ffc6c72239db68b7e02377
92c2683be6b442107242edb6de07ac4c349abdbee834ef7c46af6ec7d46c2eb8
9f8286214f7f23287908ec2c6da7f8ea5ed67fef0bd3a7d70eead2411033b8dd
9fc088f5e25bd449c9f0135f88f981461a6f0c84d224abe9ecfdc64b865d20ef
a6e8aec7ccc3eb5c11b1b26ddb6d10bffafd6c57f9841e8c8d2a7a869ff696d5
af8fdf6bc206540ea16c7d0eb9a03faad5409b6ec70e0f3b08579a13833e0a39
b9349fa8542712ed687402839d801e01eb94029de5b68237b5d1759e11ca8dde
c085969288e366f115fd6ba1c93ce5c3ffecb65f6298a770385e192872f96252
cf07a2a6a6c1c600afbfb8739b6f2a8bea34d72756b0ae300ece18ae75a7655b
cf6146e8d117267208f21f3e0cd443cc862b2f9610c1cbbb3b1629ef034d3bed
d5ae9338c0eda9b9cb49c56fd571dc785de1d0e5a8713e5796aa1d6388bca711
dbed4fac62181907d026fb7e4ed2e4de9f8f18239692828737e10a5f772a44d1
e03ba7d7ca605b48109bbff0c1f607d86cb997f53625ab51df1077abbe4aa7b1
e1ab66a7491b6307e5fdc14fbd5b0de4ecac697c38c3ef15ff140b976dc00720
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e675cfe82832fc4c4eb5c0bde58fa1e6cd0e0399baf3fb928148b43699466eaf
ec17709236c10eb00355ac73cbcac28ee3bb80d13fba70f817fcd14c4afeea10
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
f90de736f6ff83da489522cee313c012ce3309322e062293f92680c64489f151

ca-chikenfoodred.lpr.ohyousweeps.com Open in urlscan Pro 2606:4700:7::60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

98 %HTTPS

30 %IPv6

9 Domains

11 Subdomains

9 IPs

5 Countries

1509 kBTransfer

2834 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ca-chikenfoodred.lpr.ohyousweeps.com Open in urlscan Pro
2606:4700:7::60 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

98 %
HTTPS

30 %
IPv6

9
Domains

11
Subdomains

9
IPs

5
Countries

1509 kB
Transfer

2834 kB
Size

4
Cookies

52 HTTP transactions
2 data transactions