usa-pamgifbskt.yousweeps.com Open in urlscan Pro
2606:4700:3035::ac43:9f41 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://usa-pamgifbskt.yousweeps.com/
Submission: On January 18 via manual (January 18th 2022, 2:52:43 am UTC) from US — Scanned from DE

Summary HTTP 72 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 15 domains to perform 72 HTTP transactions. The main IP is 2606:4700:3035::ac43:9f41, located in United States and belongs to CLOUDFLARENET, US. The main domain is usa-pamgifbskt.yousweeps.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.

This is the only time usa-pamgifbskt.yousweeps.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	2606:4700:303... 2606:4700:3035::ac43:9f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3036::6815:5598	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700:303... 2606:4700:3030::6815:1dac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3036::ac43:9525	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	54.80.208.120 54.80.208.120	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:223... 2600:9000:223d:f800:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	34.250.58.61 34.250.58.61	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::6815:50bd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:26b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	54.172.138.183 54.172.138.183	14618 (AMAZON-AES) (AMAZON-AES)
1	52.222.206.169 52.222.206.169	16509 (AMAZON-02) (AMAZON-02)
1	54.83.117.76 54.83.117.76	14618 (AMAZON-AES) (AMAZON-AES)
72	17

27 2606:4700:3035::ac43:9f41 (United States)

ASN13335 (CLOUDFLARENET, US)

usa-pamgifbskt.yousweeps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::6815:5598 (United States)

ASN13335 (CLOUDFLARENET, US)

app.superpush.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3030::6815:1dac (United States)

ASN13335 (CLOUDFLARENET, US)

lpapi.d-promo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
im.d-promo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:9525 (United States)

ASN13335 (CLOUDFLARENET, US)

apidata.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.80.208.120 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-208-120.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:f800:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.58.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-58-61.eu-west-1.compute.amazonaws.com

rdmroot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:50bd (United States)

ASN13335 (CLOUDFLARENET, US)

im.zalinco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:26b6 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.172.138.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-138-183.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.206.169 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-169.fra56.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.83.117.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-117-76.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	yousweeps.com usa-pamgifbskt.yousweeps.com	391 KB
10	d-promo.com lpapi.d-promo.com im.d-promo.com	1 MB
8	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 21577 cdn.trustedform.com — Cisco Umbrella Rank: 23188	36 KB
6	leadid.com create.leadid.com — Cisco Umbrella Rank: 13339	4 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 227	30 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 293 fonts.googleapis.com — Cisco Umbrella Rank: 47	87 KB
3	gstatic.com fonts.gstatic.com	106 KB
3	superpush.io app.superpush.io — Cisco Umbrella Rank: 106689	3 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 680	31 KB
1	trueleadid.com deviceid.trueleadid.com — Cisco Umbrella Rank: 2181	2 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net	2 KB
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 22663	39 KB
1	zalinco.com im.zalinco.com	14 KB
1	rdmroot.com rdmroot.com — Cisco Umbrella Rank: 912984	237 B
1	apidata.info apidata.info — Cisco Umbrella Rank: 788281	974 B
72	15

	Domain	Requested by
27	usa-pamgifbskt.yousweeps.com	usa-pamgifbskt.yousweeps.com ajax.googleapis.com cdn.trustedform.com
7	im.d-promo.com	usa-pamgifbskt.yousweeps.com cdn.trustedform.com ajax.googleapis.com
6	create.leadid.com	create.lidstatic.com deviceid.trueleadid.com
6	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
4	cdnjs.cloudflare.com	usa-pamgifbskt.yousweeps.com
3	fonts.gstatic.com	fonts.googleapis.com
3	lpapi.d-promo.com	usa-pamgifbskt.yousweeps.com ajax.googleapis.com
3	app.superpush.io	usa-pamgifbskt.yousweeps.com app.superpush.io
2	fonts.googleapis.com	ajax.googleapis.com usa-pamgifbskt.yousweeps.com
2	cdn.trustedform.com	usa-pamgifbskt.yousweeps.com api.trustedform.com
2	maxcdn.bootstrapcdn.com	usa-pamgifbskt.yousweeps.com
2	ajax.googleapis.com	usa-pamgifbskt.yousweeps.com
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	create.lidstatic.com	ajax.googleapis.com
1	im.zalinco.com	usa-pamgifbskt.yousweeps.com
1	rdmroot.com	ajax.googleapis.com
1	apidata.info	usa-pamgifbskt.yousweeps.com
72	18

This site contains links to these domains. Also see Links.

Domain
yousweeps.com
customercare.today

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.rdmroot.com AlphaSSL CA - SHA256 - G2	`2021-02-11` - `2022-03-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.trustedform.com Amazon	`2021-10-12` - `2022-11-09`	a year	crt.sh
cdn.trustedform.com Amazon	`2021-05-14` - `2022-06-12`	a year	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2021-04-30` - `2022-04-29`	a year	crt.sh
create.leadid.com Amazon	`2021-10-22` - `2022-11-19`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
deviceid.trueleadid.com Amazon	`2022-01-07` - `2023-02-05`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://usa-pamgifbskt.yousweeps.com/
Frame ID: 56A8B5BCAA553E4E7F6B3D67B9F7B83A
Requests: 66 HTTP requests in this frame

Frame: https://lpapi.d-promo.com/click/generate/?reqid=&oid=&aid=&cid=&sid=
Frame ID: 1A58553D0E1D24F617BAFC2E2710096E
Requests: 1 HTTP requests in this frame

Frame: https://rdmroot.com/p.ashx?o=&e=1019&t=&r=
Frame ID: 1B5D211CC7E36D6BF5D4AA1427C11B9A
Requests: 1 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=F8721D5E-6280-197D-DF68-9BBA7C51049E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593
Frame ID: BE071ED9A2A8E8D4218266B868811D62
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=F8721D5E-6280-197D-DF68-9BBA7C51049E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593
Frame ID: 5D57FBCCAD33CB73ACAEBC5E1F1214D3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Win a $100 Pampers gift basket

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
\bangular.{0,32}\.js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

72
Requests

99 %
HTTPS

71 %
IPv6

15
Domains

18
Subdomains

17
IPs

3
Countries

2084 kB
Transfer

3571 kB
Size

2
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://yousweeps.com/us/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: http://yousweeps.com/us/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://yousweeps.com/us/about-us/
Title: About us

Search URL Search Domain Scan URL

URL: https://yousweeps.com/sample-page/official-rules/
Title: Official Rules

Search URL Search Domain Scan URL

URL: https://yousweeps.com/us/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://yousweeps.com/us/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://customercare.today/us/
Title: Opt-out of data sale

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16424743573340.021582187113270868&invert_field_sensitivity=false HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16424743573340.021582187113270868&invert_field_sensitivity=false

72 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
usa-pamgifbskt.yousweeps.com/ 4 KB
2 KB 183ms
120ms Document
text/html 2606:4700:3035::ac43:9f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usa-pamgifbskt.yousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 9e888eec174f515412b2ba4d17701da6bd6ee03d153d437fda505ea0d98c3535

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 18 Jan 2022 02:52:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.33
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eWpsB3tAKCofAb304GJY%2BP%2FHwKSoXcLHzaVIHsC2Xfnng8Fpf3wiuA%2BXH7MrbfVWZo9fU65V9MsiqcwIe9UdjT9q5uCDiK490b8UbDpp0V7iW5Ob2eiQ1Bqt9GumwHEe7Khl0bF5M1KDI3lKIOt4SzMfRhrCsl3SQgLV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6cf4873c8d598883-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 superpushSDK.js Show response
app.superpush.io/static/ 4 KB
2 KB 127ms
38ms Script
application/javascript 2606:4700:3036::6815:5598
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.superpush.io/static/superpushSDK.js
Requested by: Host: usa-pamgifbskt.yousweeps.com
URL: https://usa-pamgifbskt.yousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5598 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5823698065824032a8bbe6ffeeec153bd6b73d496c2f54094bf2e4440123dbd4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Jun 2021 13:03:17 GMT
server: cloudflare
age: 3170
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OrwDiL0yf8%2Bs3wWw2ZTQ8XkqSJWUOkXMHrV6t8n4Senw1ymbuFggC1%2BPzfKhNZHZMnMVrhRZr%2FctTMQ4MFYEqSu2my4rqeqYnbYKlnJQmJhnDZsMeNUzmvWyFrNjSPPluIyQwxJ8axsbMmwHyCW8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6cf4873dff7276d2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-application-context: application:production:8082

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.0/ 84 KB
30 KB 83ms
37ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js

Requested by

Host: usa-pamgifbskt.yousweeps.com
URL: https://usa-pamgifbskt.yousweeps.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 03:21:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 516673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30211
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jan 2023 03:21:24 GMT

GET
H2 200 angular.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.5.8/ 156 KB
56 KB 64ms
18ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js

Requested by

Host: usa-pamgifbskt.yousweeps.com
URL: https://usa-pamgifbskt.yousweeps.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e92af41ea36051ffe9f3c83abec97cec2ac09cdaa2396863958e8b4bc8de5870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 09:54:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 493114
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56572
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jan 2023 09:54:03 GMT

GET
H2 200 angular-sanitize.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/ 6 KB
3 KB 96ms
36ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular-sanitize.min.js

Requested by

Host: usa-pamgifbskt.yousweeps.com
URL: https://usa-pamgifbskt.yousweeps.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1f4330a19f15a7da83142f5b49786c47e1669bac57076e021e714814a53238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 518340
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2728
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:55 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d27-16e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BywDM1NMntK31irp4RnFLwF9h%2Bon5uF%2FiWUyx9fpwAMA%2F%2BMBg%2FIVovzZJ9lofkQ0NLDeKs3ZkQaWub5ggqLJciq0JBaYHfaizFhZ0O1oJNXskeS%2FYKG84Az1jJuCQNhymBYiza5OomGOTJUWKtlN1oDX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6cf4873dcfbbf417-LHR
expires: Sun, 08 Jan 2023 02:52:37 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 102ms
41ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: usa-pamgifbskt.yousweeps.com
URL: https://usa-pamgifbskt.yousweeps.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617, 617
age: 7237905
cdn-cachedat: 2021-04-23 06:50:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a2379d074333cf4413d53f9c80127d83
cf-ray: 6cf4873dcd007515-LHR
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H2 200 postscribe.min.js Show response
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/ 17 KB
5 KB 95ms
35ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js

Requested by

Host: usa-pamgifbskt.yousweeps.com
URL: https://usa-pamgifbskt.yousweeps.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe95a4c752590b7e2d5296446643300206175ff9312c477057c1c9dec02e9f84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5369184
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4996
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03faa-43d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gMSVe54n9JMXVRtB1WTgm7FC9tFUfor4PK8YQgW27ajyDEMLJjRNRUm8MuXCZ9vRbeynwCRVmeaFI2u6QETZIU6CWKBPzuFYPxXC7EuDImZVjvp0%2FI9ivnj6t6jp13Y0Y7fHO2doT5FSRo8sbwPyUQeS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6cf4873dcfbcf417-LHR
expires: Sun, 08 Jan 2023 02:52:37 GMT

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.1/ 57 KB
17 KB 99ms
39ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.1/moment.min.js

Requested by

Host: usa-pamgifbskt.yousweeps.com
URL: https://usa-pamgifbskt.yousweeps.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73de4254959530e4d1d9bec586379184f96b4953dacf9cd5e5e2bdd7bfeceef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://usa-pamgifbskt.yousweeps.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 461433
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16919
timing-allow-origin: *
last-modified: Tue, 06 Oct 2020 12:01:40 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7c5ca4-e5ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfojGG8e7eiwjCjZ1tT3zLmDmxA0zep8%2FPXgEZx2lnh0CFIfKt7V299f%2B7ps0314c58Tm17nynFSnL056QJKPhHwzmhe00W9XC76wlc4s%2F%2FQUaucbLYBccogLf9%2B15HBTlICisy5irw%2Fqk8n6uXxGyyf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6cf4873dcfc98892-LHR
expires: Sun, 08 Jan 2023 02:52:37 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 96ms
36ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: usa-pamgifbskt.yousweeps.com
URL: https://usa-pamgifbskt.yousweeps.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617, 617
age: 7237905
cdn-cachedat: 2021-06-08 21:21:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: cf1a06d899b02e85f92a64a114be84a4
cf-ray: 6cf4873dccff7515-LHR
cdn-requestcountrycode: IN
cdn-requestpullsuccess: True

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 70 KB
5 KB 94ms
34ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: usa-pamgifbskt.yousweeps.com
URL: https://usa-pamgifbskt.yousweeps.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1060699
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4216
timing-allow-origin: *
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f5628a2-11846"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87pH9VRYGnE9J1eucvwIAfoDZ8fwwpxVaJ%2FmYcx9afzcNZCIbta%2FlPa6Ah5f07o6%2FowdbdGTTkgfMlTx2ILELOruCEJGL5DY%2FfkX%2FwbGvgWROq9ceMYtZW8d%2B5KQis1YDLVGPmIawF3mPHJDUp%2FqVRLl"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6cf4873dcfb9f417-LHR
expires: Sun, 08 Jan 2023 02:52:37 GMT

GET
H2 200 / Show response
lpapi.d-promo.com/flow/getByPageName/usa-pamgifbskt/ 43 KB
5 KB 160ms
56ms Script
application/javascript 2606:4700:3030::6815:1dac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lpapi.d-promo.com/flow/getByPageName/usa-pamgifbskt/
Requested by: Host: usa-pamgifbskt.yousweeps.com
URL: https://usa-pamgifbskt.yousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1dac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.25
Resource Hash: f19e749a3aef00631a1f83451b9f309fb57f49121caea78974743310aaa0323a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.25
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7lI%2FigbGnj8NbINzBX1JJgbH8BjHxpzWPsNS%2FanVZWtagGcO0jcxNeMfbDbBkLpGIakhco%2Brp4%2FXUGFgxms%2FUzIfB3E7D7i74dI%2FRTwmLyObeNphfAXWKuYpb%2BkqeZWZCQpspdN%2FUTc0hUGeLEWIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-credentials: true
cf-ray: 6cf4873e192276a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 flowpage.min.js Show response
usa-pamgifbskt.yousweeps.com/js/ 781 KB
169 KB 86ms
85ms Script
application/javascript 2606:4700:3035::ac43:9f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usa-pamgifbskt.yousweeps.com/js/flowpage.min.js?rel=1642147456211
Requested by: Host: usa-pamgifbskt.yousweeps.com
URL: https://usa-pamgifbskt.yousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c47190daca535a441d6669a54ebbbb0dab1ded19b2371f1d948895e36d4d7bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 14 Jan 2022 08:05:57 GMT
server: cloudflare
etag: W/"61e12ee5-c3539"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N6vRTzKzWGlGM6%2BnB3Kx6BnhbKRpdIGZsY9WrgFEnWRJqMtY%2B8aQwdBc6QMd2soXMmtwAdW4RVxLdfnmTe9PpLAM9jEZx%2B3gVvNZGK%2FO8jIVXw5OwHlF1arYturwNCQLKRluBNhI8oU1%2FQHlAVHIS2GpjlFOjlYKt4cA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6cf4873d6e358883-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
apidata.info/ 809 B
974 B 237ms
56ms Script
application/javascript 2606:4700:3036::ac43:9525
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://apidata.info/js
Requested by: Host: usa-pamgifbskt.yousweeps.com
URL: https://usa-pamgifbskt.yousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9525 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2782b8c8d8ed05abeebae68fd42bd9d3a436ca49ba78fe434530323a5abafd0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
access-control-allow-methods: POST, GET
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GfKa8jlQxDIdBu2xEwM1iPDzlBdPKjMW%2F3zY%2FO46z3ZSax%2BmsG1aV70e6m1x%2BAd%2FmaQmTIFIIakoxB7CGQQoaayttwxjF3TcSTio5H0QvtJSMdt6DRmnqqibF1QBeDwfMl7rs6TKF309QJ0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 6cf4873e8fe67702-LHR
access-control-allow-headers: X-Requested-With
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16424743573340.021582187113270868&invert_field_sensitivity=false
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16424743573340.021582187113270868&invert_field_sensitivity=false

14 KB
6 KB

197ms
138ms

Script
application/javascript

2600:9000:223d:f800:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16424743573340.021582187113270868&invert_field_sensitivity=false
Requested by: Host: usa-pamgifbskt.yousweeps.com
URL: https://usa-pamgifbskt.yousweeps.com/
Protocol: H2
Server: 2600:9000:223d:f800:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d11c52616084d0f3f8af4e920a99dd026c7a9b6e59744faf173c30b9499b9887

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:38 GMT
content-encoding: gzip
last-modified: Fri, 14 Jan 2022 17:00:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
etag: W/"c6af24349b363717baef3e1ed37f4171"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-amz-version-id: nEMFvOOmTmhkPxcpMUL_vxeoQLa1d0FL
x-amz-cf-id: EJ_tTywEZbDzp25vMY5kTbICUz1k_FtzFRIbk9IM4TYDy-_mJ4gqsw==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16424743573340.021582187113270868&invert_field_sensitivity=false
date: Tue, 18 Jan 2022 02:52:37 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

OPTIONS
H3 200 getApplicationKey
app.superpush.io/push/ Frame 0
0 77ms
46ms Preflight 2606:4700:3036::6815:5598
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.superpush.io/push/getApplicationKey?appId=29188c4e-e854-4f18-aa47-92c5c69ec789
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:5598 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://usa-pamgifbskt.yousweeps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 18 Jan 2022 02:52:37 GMT
content-length: 0
access-control-allow-headers: content-type
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
access-control-allow-origin: https://usa-pamgifbskt.yousweeps.com
vary: Origin
access-control-allow-credentials: true
x-application-context: application:production:8082
access-control-allow-methods: GET,HEAD,POST
access-control-max-age: 1800
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BDSpdXCf2KnZh8bNapzxsE%2Ft19xGfc88axPZu5N%2BtudcBt7ahjMK%2F7AVDTT30mHFsEb4jSsWBxBq%2BMlEZcwxy6nE2nOwIx1QDr1SndUYb36jE4CdijuPJQktsCkrUielKD0rTBUn6Pymc9XJ00DW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6cf4873f39c8755e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 getApplicationKey Show response
app.superpush.io/push/ 165 B
732 B 47ms
46ms XHR
application/json 2606:4700:3036::6815:5598
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.superpush.io/push/getApplicationKey?appId=29188c4e-e854-4f18-aa47-92c5c69ec789
Requested by: Host: app.superpush.io
URL: https://app.superpush.io/static/superpushSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:5598 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbe3db100f5e198a84a98d7820acf66f350ba70fbbcd0ea417e20d497f69b435

Request headers

Referer: https://usa-pamgifbskt.yousweeps.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: application/json

Response headers

date: Tue, 18 Jan 2022 02:52:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRuFVs1Oqjr2pr69HL%2BfkgfiGcuknUJKadsROsi66XQnT2i2%2BIjJ%2BoE2FoHiDPSQ9iFJHqyKFgSOz4W5SkZOAuMa3vxnNSgzKMPFTuOe%2BngCrJRT4k5IZYCxiQxSG8ATqpLeg1n1y4RhwSPZHqaP"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://usa-pamgifbskt.yousweeps.com
access-control-allow-credentials: true
cf-ray: 6cf4873f89fc755e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-application-context: application:production:8082

GET
H3 200 animations.css
usa-pamgifbskt.yousweeps.com/css/ 6 KB
1 KB 57ms
57ms Stylesheet
text/css 2606:4700:3035::ac43:9f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usa-pamgifbskt.yousweeps.com/css/animations.css
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec27d9b0599096807e0703fcb249974bed533bb210038cc8158a3a08a6b9209f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 14 Jan 2022 08:05:56 GMT
server: cloudflare
etag: W/"61e12ee4-1642"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y6is95r04g3tXsnvDsChMRF1pN70SlpY4mNUMP7ze37EDDCulcD%2FN5i2lMeh%2FSVke%2FqmMMX5T8J9x8tO8%2FLzfCOFdgnDVKtxRR97hnTW8YMXCENEePubYbvbA8aEnmATToXNUakeSRwV8iUDbrzSiNzhL3yZD4gDXzQ9"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6cf4873f1ccee640-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 template.css
usa-pamgifbskt.yousweeps.com/templates/surfeyo_3/css/ 20 KB
5 KB 60ms
60ms Stylesheet
text/css 2606:4700:3035::ac43:9f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usa-pamgifbskt.yousweeps.com/templates/surfeyo_3/css/template.css
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d3d2973796cb37efef46595d2323374699f79fd23b6a69de94bf83e0040e4d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 14 Jan 2022 08:05:58 GMT
server: cloudflare
etag: W/"61e12ee6-519d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFl5WGqx9GJfuzSbglueriQac9rHroPK0Ic0RRMJDrXpLyKx7XVuHv%2B4OVpMLsASTjmUl1HH5%2FGegz%2BptV8CUs8ZNtEIIGtkzs3HDVuEEqNdMsYc5JGnHKYVcqmZyVDiMVSV5vcQmSghUzfUgxrOqJ2xKi0p6ngCHvdF"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6cf4873f1ccfe640-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pikaday.css
usa-pamgifbskt.yousweeps.com/css/vendor/ 4 KB
2 KB 54ms
53ms Stylesheet
text/css 2606:4700:3035::ac43:9f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usa-pamgifbskt.yousweeps.com/css/vendor/pikaday.css
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c1e90dad6a7cf7aea83622e85032b766db7470604ea348dfa966cdf443bc7b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 14 Jan 2022 08:05:56 GMT
server: cloudflare
etag: W/"61e12ee4-1144"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2B%2BPRWfTwwwGeDJGgYuwNxmGXjJmvJ8BuF5obfoBnkIY33zd0rTs3rNCGpGOuM1qn%2Bz9Gn0qzSqn%2B%2Fm3MgEuUKkrdtgpHX5e6pSNcO4MxPBT1n7a0KEh4ildYJi4ZlunInOFj8ogNee71kd9UEMnp8pnnEUdc1S%2Be%2BOh"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6cf4873f1cd0e640-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 71ms
26ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,400,700

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af09c4a1045c825f2e421a5dbda7c284e165afebe05753d43394b97035058ba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 01:11:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 18 Jan 2022 02:52:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Jan 2022 02:52:37 GMT

GET
H3 200 preload-web.html Show response
usa-pamgifbskt.yousweeps.com/templates/surfeyo_3/ 4 KB
2 KB 61ms
61ms XHR
text/html 2606:4700:3035::ac43:9f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usa-pamgifbskt.yousweeps.com/templates/surfeyo_3/preload-web.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab58b4508ff9a40fa98a44aa77223754fd5de22d903c617998983ab0731ed280

Request headers

Accept: application/json, text/plain, */*
Referer: https://usa-pamgifbskt.yousweeps.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 14 Jan 2022 08:05:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZRAviArolZoUV7zndUWhexIzyPA%2BFw0I2Q66cSPoqt%2Bw4yWbP2aUSD%2BKPgWedIvrTrHFe7QM6hG%2FOxjmsXHnLz%2BDx6epnp3adKBPKQV6VBRQ5IfhHg8PqvmOpWjg024AEUZ6oCXS2Z%2FxT4SA8azWci9MLxQgOxisYr0K"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 6cf4873f2cd5e640-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 config.json Show response
usa-pamgifbskt.yousweeps.com/templates/surfeyo_3/ 12 B
547 B 57ms
57ms XHR
application/json 2606:4700:3035::ac43:9f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usa-pamgifbskt.yousweeps.com/templates/surfeyo_3/config.json
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 602e35a92eec4bc0a2ec6ae113f07bfc6933322fb69fe8dee416e5a67217e2a2

Request headers

Accept: application/json, text/plain, */*
Referer: https://usa-pamgifbskt.yousweeps.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:37 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 14 Jan 2022 08:05:58 GMT
server: cloudflare
etag: "61e12ee6-c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LGjSnzn%2Fdi32%2B4zWV8TmrQwDn%2FOXhoL78FzDNXN3oDJvsOefjdshX6%2B3Dx4oIQYkaHi%2F2rXgaied7ihEMCy6%2Bfuh4x4xq3x1%2FNjPDZ375qDF%2BE4tmq3IZLsRvHGvBNZZSYQ2PovbyFd7PcZIe4qcNDGmtj1TO41lcM8L"}],"group":"cf-nel","max_age":604800}
content-type: application/json
accept-ranges: bytes
cf-ray: 6cf4873f2cd6e640-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12

GET
H3 200 flowpage-web.html Show response
usa-pamgifbskt.yousweeps.com/templates/surfeyo_3/ 4 KB
1 KB 59ms
59ms XHR
text/html 2606:4700:3035::ac43:9f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usa-pamgifbskt.yousweeps.com/templates/surfeyo_3/flowpage-web.html?1642474357608
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7f70cc319a8ff574e01a88c87345b660b62ce6ebd8ecfee610ccbe0aabcf7a5

Request headers

Accept: application/json, text/plain, */*
Referer: https://usa-pamgifbskt.yousweeps.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 14 Jan 2022 08:05:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S9ELkhuseexphXUV%2BecPjK4RaXIjCu2%2F5x3JFn2537jq87EJ8O4SQ59p8NRs98u7YFjR7Zs8vQWOprp5ETMS8IVqVwDKsuUjHyrTm6aF9EMghW3qxkY2DbcJvNuELz%2F7NuThL6xQE1B7VmbOxZ9TtEyKx9K3HePd4mit"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 6cf4873f2cd7e640-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 / Show response
lpapi.d-promo.com/click/generate/ Frame 1A58 4 B
566 B 82ms
47ms Document
application/json 2606:4700:3030::6815:1dac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lpapi.d-promo.com/click/generate/?reqid=&oid=&aid=&cid=&sid=
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1dac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.25
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/

Response headers

date: Tue, 18 Jan 2022 02:52:37 GMT
content-type: application/json
vary: Accept-Encoding
x-powered-by: PHP/7.4.25
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WmeFvuF5isY4cjJyX3JLt6e4w1LaDh4tYz6ISCj0JXQppwwFtOj9%2Bd9yJ7WDWVkuy3rulJ0cE6Nw5y8%2FVi3S%2BinRBRD5gEdiwTMoPpY4KeGaiW89IwaZaepbq6ye5cdC9biZAkArqhuiz1VFtpZ6XA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6cf4873f8ff972d0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK p.ashx Show response
rdmroot.com/ Frame 1B5D 2 B
237 B 143ms
49ms Document
text/plain 34.250.58.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rdmroot.com/p.ashx?o=&e=1019&t=&r=
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.250.58.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-58-61.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6a4b804705e725b9f4fd4adf6500180b54cc5ddefed460e48d1be724fed155d6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/

Response headers

Cache-Control: private
Content-Length: 2
Content-Type: text/plain; charset=utf-8
Date: Tue, 18 Jan 2022 02:52:40 GMT
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: close

GET
H2 200 css
fonts.googleapis.com/ 2 KB
580 B 31ms
26ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,700

Requested by

Host: usa-pamgifbskt.yousweeps.com
URL: https://usa-pamgifbskt.yousweeps.com/templates/surfeyo_3/css/template.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

089822305b9af8e8bf8797060fa68e6d18068b4fd7e8938f30b125ab6f61a2b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/templates/surfeyo_3/css/template.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 01:06:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 18 Jan 2022 02:52:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Jan 2022 02:52:37 GMT

GET
H3 200 page-header-web.html Show response
usa-pamgifbskt.yousweeps.com/templates/surfeyo_3/ 3 KB
1 KB 53ms
53ms XHR
text/html 2606:4700:3035::ac43:9f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usa-pamgifbskt.yousweeps.com/templates/surfeyo_3/page-header-web.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df5c6c391d2920fad5ba73f2acf0ed4f47e96a55462209581526243ae51be066

Request headers

Accept: application/json, text/plain, */*
Referer: https://usa-pamgifbskt.yousweeps.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 14 Jan 2022 08:05:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BN5pqkComNm0%2FkqYI7OWCpjle3yNItPuVdGdjoEA9fC4IIqSi9%2BK6yd9Nhl0NV2s4O8bTWUlXhYkh42kAkzxeYokI4m9kY3JEkeTlT4iKpO7Qkv66XGj2Nlver5bO9Xkpb8zI7tLNbbR25EtDsW6u8o26rqNbLvOMfdJ"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 6cf4873f8d00e640-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 element-left.html Show response
usa-pamgifbskt.yousweeps.com/templates/surfeyo_3/ 1 KB
1001 B 50ms
50ms XHR
text/html 2606:4700:3035::ac43:9f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usa-pamgifbskt.yousweeps.com/templates/surfeyo_3/element-left.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a54489ebdaaecbbfcafcc0a8a5ea1177e6121ee0867edb7fa828aa0c913c3bda

Request headers

Accept: application/json, text/plain, */*
Referer: https://usa-pamgifbskt.yousweeps.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 14 Jan 2022 08:05:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xjln82dl76ce8wUktLpCc%2FSo8OJ%2Bh0SXRBZWTn5P9EE7KqeZvtDmkR5vcnX7A6GnSQNOV8RttrTF9Djl5EigdUOIbzj0az2%2BffS5SyKGOgkPS9YvUuHkapqFr1EQSeqdb7hROXJcWwuTy%2FKPdZL2I9G95pz8s1ACNLzT"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 6cf4873fad0be640-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 finish.png
usa-pamgifbskt.yousweeps.com/templates/surfeyo_3/images/ 42 KB
42 KB 78ms
78ms Image
image/png 2606:4700:3035::ac43:9f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa-pamgifbskt.yousweeps.com/templates/surfeyo_3/images/finish.png
Requested by: Host: usa-pamgifbskt.yousweeps.com
URL: https://usa-pamgifbskt.yousweeps.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b65040d2ef65e8133ea99d7b16001117c9806046e6a352b75895ff8cb0ae37ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:37 GMT
cf-cache-status: MISS
last-modified: Fri, 14 Jan 2022 08:05:58 GMT
server: cloudflare
etag: "61e12ee6-a7aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FifLTx2oVVVfCGC0IjgRYa%2F6GdhzLZKJlRw1VAmYAG3E%2FoE12he7pK%2F45KL7kZe7BwE9ya6mDt%2Bm3x781%2BunQpZnjbbnDhUPIp10a15IrputcALH3TNndHChxhZY3%2FgJ%2FKBRcXfS6%2FOYbbycGprfvIpQ1qhzrpbeU1eu"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6cf4873fbd0fe640-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42922

GET
H3 200 deliver.png
usa-pamgifbskt.yousweeps.com/templates/productdetailer/images/ 7 KB
8 KB 52ms
51ms Image
image/png 2606:4700:3035::ac43:9f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa-pamgifbskt.yousweeps.com/templates/productdetailer/images/deliver.png
Requested by: Host: usa-pamgifbskt.yousweeps.com
URL: https://usa-pamgifbskt.yousweeps.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7dc7c62f2f69c766de6bc0b32c7567cfdd2a7c851df58112f5e35a5b7bf2b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:37 GMT
cf-cache-status: MISS
last-modified: Fri, 14 Jan 2022 08:05:58 GMT
server: cloudflare
etag: "61e12ee6-1d0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eD8P9yANEpBb2y%2F0k8snyKL2PC%2BLuqxAhYeheo4fQ9RCqD6frj9f69LtDRB%2FhEyMHE4uJAiYEJ6wgaObnoyEFmcqUNG8fG6BLsPUQwgThHG6Lt2Yfo0%2BnpFAjeEBuiaFh212TZwAUCgo9TJtvgewX7BNDJyKheZDKiEE"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6cf4873fbd10e640-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7436

GET
H3 200 finish-icon.png
usa-pamgifbskt.yousweeps.com/templates/productdetailer/images/ 5 KB
5 KB 60ms
60ms Image
image/png 2606:4700:3035::ac43:9f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa-pamgifbskt.yousweeps.com/templates/productdetailer/images/finish-icon.png
Requested by: Host: usa-pamgifbskt.yousweeps.com
URL: https://usa-pamgifbskt.yousweeps.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6137553a8a5a7f310a8a8a2e5eb3de6f6ad1257803fb1156e4dee18f38cb7bc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:37 GMT
cf-cache-status: MISS
last-modified: Fri, 14 Jan 2022 08:05:58 GMT
server: cloudflare
etag: "61e12ee6-13a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbOWDNPRAXAUswuHOnUgo2ARVDXWbaCAyANCA%2FKarv39SoMrbu%2FT95II7d4PcZRxnkcPfzpjN7v8tKnnHRM4vG6djD0GY2XENYTLgxBwoGFZZo58aAQecQcZGHU5t73aAkHXMlrB49DJ1xUaLy%2BwPJjMxqRnsUOJc7ho"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6cf4873fbd12e640-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5031

GET
H2 200 1554279741_36467_154.png
im.d-promo.com/upload/ 376 KB
376 KB 111ms
73ms Image
image/png 2606:4700:3030::6815:1dac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.d-promo.com/upload/1554279741_36467_154.png
Requested by: Host: usa-pamgifbskt.yousweeps.com
URL: https://usa-pamgifbskt.yousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1dac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc55ea6f351f6e50dc2a9fc23621bc8c46017cfa68b37db95b13f2e87a0d7f51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:37 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 384770
last-modified: Wed, 03 Apr 2019 08:22:21 GMT
server: cloudflare
etag: "5ca46d3d-5df02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ylK5IfAJ2W3CeyiHqeKxinGGSDq3u4swBW%2FGAJsFOWQ6gcpP%2Fcvzw1DS2B4lJX151IRFWvI%2BpotEG89%2BEF%2Bygsh47eGRGEUFcvSNBiz1SL416L23DydTvX6Bv%2FZ8g27numsmOJf9AL7GlDb6bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6cf4873ffa5876a3-LHR

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v12/ 44 KB
44 KB 66ms
22ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://usa-pamgifbskt.yousweeps.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 21:17:17 GMT
x-content-type-options: nosniff
age: 20120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45416
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:09:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 17 Jan 2023 21:17:17 GMT

GET
H3 200 animate.css
usa-pamgifbskt.yousweeps.com/templates/surfeyo_2/css/ 73 KB
5 KB 80ms
80ms Stylesheet
text/css 2606:4700:3035::ac43:9f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usa-pamgifbskt.yousweeps.com/templates/surfeyo_2/css/animate.css
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95da3176e728e04616d92fe5f50f7ace2a0e52e4f012dba748a32f7745bcbc54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 14 Jan 2022 08:05:58 GMT
server: cloudflare
etag: W/"61e12ee6-1252b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HYf6ExhH3NkQd4uKcRuTkppko7YqjQlEwr0syck0ac0F1uQsDAYd26G%2BlZjlcTLGd%2BRW%2BDkDgOU58WdkeRt1P6sQkcnKhi8Dr9zSUjgeYtxILRVdYZENJsnrVdcHB2GONKjDn0HYdpPnj8mSU6RMwcvASgHFgBFIzcX5"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6cf4873fed22e640-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 %7B%7Bcms.image_3%7D%7D
usa-pamgifbskt.yousweeps.com/ 4 KB
4 KB 87ms
87ms Image
text/html 2606:4700:3035::ac43:9f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa-pamgifbskt.yousweeps.com/%7B%7Bcms.image_3%7D%7D
Requested by: Host: usa-pamgifbskt.yousweeps.com
URL: https://usa-pamgifbskt.yousweeps.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.33
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ItZ3EZbNz4%2FdgHJbcn%2FaW2nEogxo6ZvSX3dtt2wTBFxbOfR2fok%2B7X3uTS26%2B39TIi15QvAA689nfkSW3VzVjNbWerqzZuaLFd6LFlGTCfUkRplGN3Fq1x0WLuWbXxvUuGBKPaHI%2F4A9Io1BH8yRhhTmDGenmKpZ0PYG"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-credentials: true
cf-ray: 6cf4873fed27e640-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 31ms
17ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://usa-pamgifbskt.yousweeps.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:39:48 GMT
x-content-type-options: nosniff
age: 306769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 14 Jan 2023 13:39:48 GMT

GET
H2 200 1559724654_consumers-connect-presents_white.png
im.zalinco.com/upload/ 14 KB
14 KB 127ms
34ms Image
image/png 2606:4700:3037::6815:50bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.zalinco.com/upload/1559724654_consumers-connect-presents_white.png
Requested by: Host: usa-pamgifbskt.yousweeps.com
URL: https://usa-pamgifbskt.yousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:50bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 933b45258d24f63106a86b60d5655528779b502945af5ce29b1077eb955f64d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2946
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14059
last-modified: Wed, 05 Jun 2019 08:50:54 GMT
server: cloudflare
etag: "5cf7826e-36eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tA6V06ChtWnNB43uSqG57y3lBxR7bd6qiCT9uVnGIVhAO3oV06TXJ1bR2C4g2zgOsAZqJbrLXzbw4oXhYXqh9i5sO2YOYcfydEK2n5DARVGoORius5oQNn2VrdMQTXXHj2EAI5ILucE0Bnufug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6cf487408a2a7695-LHR

GET
H2 200 1554277505_Rstecz1.jpg
im.d-promo.com/upload/ 27 KB
28 KB 68ms
66ms Image
image/jpeg 2606:4700:3030::6815:1dac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.d-promo.com/upload/1554277505_Rstecz1.jpg
Requested by: Host: usa-pamgifbskt.yousweeps.com
URL: https://usa-pamgifbskt.yousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1dac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a452c4cb8996154d65e61e7c952e0ac9a03a39dfb9348bce797f03593bd0287

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:37 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28074
last-modified: Wed, 03 Apr 2019 07:45:06 GMT
server: cloudflare
etag: "5ca46482-6daa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwKEWOJgLh11Y1fKOAh52mywkhIiOpeTgZeUPZCEJofU0ngRDvErenQgiMoj9ZYOiaek1eyrbFZh%2FQITUH9SgbVKrc%2FEjvM08W8gQBQubvGjl2gpTGv7i9byG8y267Q7t1hZVPqtpQ30jCqLyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6cf4873ffa5676a3-LHR

GET
H2 200 1554279755_Pampera.png
im.d-promo.com/upload/ 37 KB
38 KB 86ms
86ms Image
image/png 2606:4700:3030::6815:1dac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.d-promo.com/upload/1554279755_Pampera.png
Requested by: Host: usa-pamgifbskt.yousweeps.com
URL: https://usa-pamgifbskt.yousweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1dac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc6ddc4927d637be23b5f4d47c26ce79243bcd8200866e014c5454976caa98db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:37 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38372
last-modified: Wed, 03 Apr 2019 08:22:35 GMT
server: cloudflare
etag: "5ca46d4b-95e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrfLOg%2F5dYXmYSPasXWc02ZuZ9jCDUUvV1i1FGyjhpHAyHamHlHXeYj6nSYREUh26SzqTI9XTmMajAHRxMXab7YfEvfKqEcsLoYccJNoMRrslRprp%2FfOtUejKhDMDzW14RA%2BYUg0whneZWNehg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6cf4873ffa7a76a3-LHR

GET
H3 200 info-footer.html Show response
usa-pamgifbskt.yousweeps.com/templates/surfeyo_3/ 443 B
723 B 48ms
47ms XHR
text/html 2606:4700:3035::ac43:9f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usa-pamgifbskt.yousweeps.com/templates/surfeyo_3/info-footer.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4814d7d10ff2f9745ddb722146d5248a03ef420ac1d6306a0158a97a66bd726f

Request headers

Accept: application/json, text/plain, */*
Referer: https://usa-pamgifbskt.yousweeps.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 14 Jan 2022 08:05:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OdOzlFnYTyD9h7m75VrmUBQS90U6qTrhz1pzBgplgmH2tMNjJQp6OjEaUcYh29HBRu9D4Znn8NqefsXLNphqRpKxqnp435RZMOsQUD0Xm2KW1HqhuU1e6Z7%2F0TrllnScOZoee4fZ7tq%2Fkp5nm1cpBVH%2F3bMLlUW1J8YE"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 6cf487416db6e640-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 animation-dataentry_start-web.html Show response
usa-pamgifbskt.yousweeps.com/templates/surfeyo_3/ 1 KB
875 B 44ms
44ms XHR
text/html 2606:4700:3035::ac43:9f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usa-pamgifbskt.yousweeps.com/templates/surfeyo_3/animation-dataentry_start-web.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a058edcd1565f2a25b88e901dffa892f087742ad17c5f149a536bb96c85c9e87

Request headers

Accept: application/json, text/plain, */*
Referer: https://usa-pamgifbskt.yousweeps.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 14 Jan 2022 08:05:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKDk6E8XqHu%2BtSxHlhMFJs2USHhdY1K6rqdG9evPRXHg4fOqm1aSc9TbUatTdmcU4fj2J3mA2xx%2FmSGW6Zg8kdc7wPhCw6p11rrXBisvm2B4zEEnXTXb1dx6LYa86D%2Fz8Ob4WA%2B4RytIv9%2F%2FBIaz8u0H4I3dff3sJ9cK"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 6cf487417db8e640-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 loader.gif
usa-pamgifbskt.yousweeps.com/images/ 32 KB
32 KB 56ms
55ms Image
image/gif 2606:4700:3035::ac43:9f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa-pamgifbskt.yousweeps.com/images/loader.gif
Requested by: Host: usa-pamgifbskt.yousweeps.com
URL: https://usa-pamgifbskt.yousweeps.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a08170e75cc7b7e9ceec58486200df29f0345a9e3072b79a3cdb243095e7ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:38 GMT
cf-cache-status: MISS
last-modified: Fri, 14 Jan 2022 08:05:57 GMT
server: cloudflare
etag: "61e12ee5-7fbd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hogWY6N3Kex9OUVXX3zOnljsBqnmyUye71n5cCTw79FAd%2BuzMbYf9rxuP%2FZf0SISyBlxPwM9bUq2o35nuYXmwwyb1DkISmeNNxngrW%2BwOiZo5JiBktOB%2FDDeJ2Mw%2Ba5oL27hfQcO%2BUwcDnQqTpCS%2F9l1hrh2w28v6VbK"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6cf48741cde8e640-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32701

GET
H3 200 tick_circ_anim.gif
usa-pamgifbskt.yousweeps.com/templates/surfeyo_3/images/ 9 KB
9 KB 50ms
49ms Image
image/gif 2606:4700:3035::ac43:9f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa-pamgifbskt.yousweeps.com/templates/surfeyo_3/images/tick_circ_anim.gif
Requested by: Host: usa-pamgifbskt.yousweeps.com
URL: https://usa-pamgifbskt.yousweeps.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0cbed8ea368ac5b14d43cb79c277e8360a9ecfc5b4a70151f7bae2a02a50d55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:38 GMT
cf-cache-status: MISS
last-modified: Fri, 14 Jan 2022 08:05:58 GMT
server: cloudflare
etag: "61e12ee6-2343"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lu3eHAlt%2FLUzhEVPWfBgbdskZEk2%2FsOkCPSAXPnjeUJk%2FK5S2fD7rsNuu%2BP7tsgV5zgIcuLMlgFQmx%2F1DjwBAaOTDPFX%2Bb1300ShMwnKG7vf%2BQMAsrjgeLUOb3X93BGOjs258yZmsQ7UKu9KRXQz8xMp2R3fn2JRagN%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6cf48741cdeae640-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9027

POST
H2 201 certs Show response
api.trustedform.com/ 494 B
705 B 309ms
104ms XHR
application/json 54.80.208.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16424743573340.021582187113270868&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.80.208.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-80-208-120.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 42515d05b73510e7162718507471169546e3f36577d5e4e60247e77315daeac2

Request headers

Referer: https://usa-pamgifbskt.yousweeps.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 18 Jan 2022 02:52:38 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 494

GET
H2 200 trustedform-1.7.0.js Show response
cdn.trustedform.com/ 82 KB
29 KB 26ms
26ms Script
application/javascript 2600:9000:223d:f800:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.7.0.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16424743573340.021582187113270868&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:f800:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f845eebe366cd7d03014329b5aa57054ac5819e5b05173f79c95418f6d695781

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: fBuICL.staGJ4CYOouIjeSK_oxlLmk7M
content-encoding: gzip
last-modified: Wed, 22 Dec 2021 23:13:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
etag: W/"ab0e503defd3373f6d8dca692b22e57c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
date: Tue, 18 Jan 2022 02:52:38 GMT
x-amz-cf-id: 9Ojnn-Ag3Cy09UagmqvflMNGbgs1oRRbpoVlIIviFp3YQnhGpu0QRw==

POST
H2 204 snapshot Show response
api.trustedform.com/certs/1ff491ffa4a69086cbc76e1e63e6c513ffe667a1/ 0
159 B 158ms
158ms XHR
text/plain 54.80.208.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/1ff491ffa4a69086cbc76e1e63e6c513ffe667a1/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.7.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.80.208.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-80-208-120.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usa-pamgifbskt.yousweeps.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 18 Jan 2022 02:52:38 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

GET
H3 200 1554279755_Pampera.png
im.d-promo.com/upload/ 37 KB
38 KB 177ms
177ms Image
image/png 2606:4700:3030::6815:1dac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.d-promo.com/upload/1554279755_Pampera.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.7.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1dac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc6ddc4927d637be23b5f4d47c26ce79243bcd8200866e014c5454976caa98db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:38 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38372
last-modified: Wed, 03 Apr 2019 08:22:35 GMT
server: cloudflare
etag: "5ca46d4b-95e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YvLpiUOLjmdZALGzA%2B4eqHG3zLHvUORURLMcaI7yldJVaVKWCvuzatAynwE9vF7rB2Eirpz3Q8e6fkbnIDOT9Bf4GxBAaJgVO5cKznWsTkn5uTw4ods8QZ0Yih1owroMduoO1Q0v9GCS0UQaVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6cf487449a3c72d0-LHR

GET
H3 200 1554279741_36467_154.png
im.d-promo.com/upload/ 376 KB
376 KB 66ms
65ms Image
image/png 2606:4700:3030::6815:1dac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.d-promo.com/upload/1554279741_36467_154.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.7.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1dac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc55ea6f351f6e50dc2a9fc23621bc8c46017cfa68b37db95b13f2e87a0d7f51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:38 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 384770
last-modified: Wed, 03 Apr 2019 08:22:21 GMT
server: cloudflare
etag: "5ca46d3d-5df02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TsHpcMRiqbwTPpFFtWeYPA5VLA8eGAsy%2B4mMqalCXWywjTF3NcSFBAeWRZHHWCKPuY%2B7TdL4Vopr2I0xJA1%2FYPx8PiX%2FgCs02SYxn65PGO30L67L6A1ZQ4G37jjBsUzwujG51LQqvDhQH5yNvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6cf487449a3d72d0-LHR

GET
H3 200 finish.png
usa-pamgifbskt.yousweeps.com/templates/surfeyo_3/images/ 42 KB
42 KB 61ms
59ms Image
image/png 2606:4700:3035::ac43:9f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa-pamgifbskt.yousweeps.com/templates/surfeyo_3/images/finish.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.7.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b65040d2ef65e8133ea99d7b16001117c9806046e6a352b75895ff8cb0ae37ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42922
last-modified: Fri, 14 Jan 2022 08:05:58 GMT
server: cloudflare
etag: "61e12ee6-a7aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=56iL5NdSp8a8kJIOaPE3Dc5gKVnJhuOEw%2FpraeTRFTNabKqPxRSbAVC5V8rzFre8LkWvKb83lZST3lFPJrFiOVfCQ%2BH8IMkiOsJzxSqwUicSlt8KpUHyBq5DFBiD8S2GcxJChWISKpObywqK5z%2B1kEY%2B52sAlLPz%2BFTU"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cf487449f98e640-LHR

GET
H3 200 loader.gif
usa-pamgifbskt.yousweeps.com/images/ 32 KB
32 KB 34ms
33ms Image
image/gif 2606:4700:3035::ac43:9f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa-pamgifbskt.yousweeps.com/images/loader.gif
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.7.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a08170e75cc7b7e9ceec58486200df29f0345a9e3072b79a3cdb243095e7ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32701
last-modified: Fri, 14 Jan 2022 08:05:57 GMT
server: cloudflare
etag: "61e12ee5-7fbd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9EXbLPAqyul8y9jHCty0ezZr6%2FORtGf2cvtvpOiuYV4Lck0fJHEy6wJX7u9skFMXj1i5rHxiAc4LS%2BZmku92c7wrixmZ01%2FxPFWK6fX8D5yC0Q5CU7IsIs2%2FUidEyDR52qcJmFGdyogR5hMFd86MlzsET65ZPGt2G3ip"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cf487449f99e640-LHR

GET
H3 200 tick_circ_anim.gif
usa-pamgifbskt.yousweeps.com/templates/surfeyo_3/images/ 9 KB
9 KB 36ms
36ms Image
image/gif 2606:4700:3035::ac43:9f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa-pamgifbskt.yousweeps.com/templates/surfeyo_3/images/tick_circ_anim.gif
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.7.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0cbed8ea368ac5b14d43cb79c277e8360a9ecfc5b4a70151f7bae2a02a50d55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9027
last-modified: Fri, 14 Jan 2022 08:05:58 GMT
server: cloudflare
etag: "61e12ee6-2343"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JsSiNT3k8hQ1Yuskm078%2Bx%2B7Tmf7gRaSXmTNO4BOLSzjKnKm0sploGvo5VLRJdXDATTm4Q1%2FSj9dKln1ZJrMA0pYz4%2BxQBFcec%2B6HDU%2BxWaSJWZZLPjnfc3k%2Fs69lloi2VqL3%2FScmWRaXQWup%2FieFk%2FeKaki5luLym58"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cf487449f9ae640-LHR

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/1ff491ffa4a69086cbc76e1e63e6c513ffe667a1/ 0
159 B 197ms
197ms XHR
text/plain 54.80.208.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/1ff491ffa4a69086cbc76e1e63e6c513ffe667a1/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.7.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.80.208.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-80-208-120.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usa-pamgifbskt.yousweeps.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 18 Jan 2022 02:52:38 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

GET
H3 200 dataentry-web.html Show response
usa-pamgifbskt.yousweeps.com/templates/surfeyo_3/ 1 KB
958 B 54ms
54ms XHR
text/html 2606:4700:3035::ac43:9f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usa-pamgifbskt.yousweeps.com/templates/surfeyo_3/dataentry-web.html?1642474359491
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 818867f18d7ecd7bf43954c828d05ba3f5e06a30d6b878ac25c6c4de9fa16cc4

Request headers

Accept: application/json, text/plain, */*
Referer: https://usa-pamgifbskt.yousweeps.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 14 Jan 2022 08:05:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMSxKmJMzuJ2GZVp7h98%2F%2BnttfgJ2wZ4CvFrAlEF9OYpZQU9NrdyPPF6KIZTzDhXiWAjhLrOQJtFY66iCNUYye8r8s8Zcj%2FbranIFLxT8ova21STv53t9JxnOUhXBrxb7fEwDi8zT7Jzm3xluiyjfz9%2FV0jmbJVD27jZ"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 6cf4874aea3ce640-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 a62329fc-b047-95ca-1835-43098649ff47.js Show response
create.lidstatic.com/campaign/ 123 KB
39 KB 473ms
388ms Script
text/javascript 2606:4700:10::6816:26b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:26b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d9ce70bafa5f50f2631549e1090853aa3fb09cc030e38873bc9087042e28698

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:40 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 12 Nov 2021 01:03:14 GMT
server: cloudflare
x-amz-request-id: FK8FZAMB0PV6KN8H
etag: W/"c1b63af7a7b19a763acad8d5c8cd9bbf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
x-amz-replication-status: COMPLETED
cf-ray: 6cf4874dbcbf75c3-LHR
x-amz-version-id: 5yLl2FQWzrJvU7eydGWwVP0icPOiI1rY
x-amz-id-2: ijmuwOp7AgXEzpt3RpIvwiZaazIBEDrYndTnbuFeWmF7LvzXtm/I1Aj0PsGwu0IYwBefzO02Qak=

GET
H3 200 / Show response
lpapi.d-promo.com/survey/getSurveyData/32_questions.json/ 256 KB
60 KB 100ms
63ms XHR
application/javascript 2606:4700:3030::6815:1dac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lpapi.d-promo.com/survey/getSurveyData/32_questions.json/
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1dac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.25
Resource Hash: d162d56f584a6aa22a1b82851af652e4ef7c70720f839a27056c7f3544ba9464

Request headers

Accept: application/json, text/plain, */*
Referer: https://usa-pamgifbskt.yousweeps.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.25
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uC0OqUL59Q%2BKMsyHHIBjZOtwvFewtnj52BuOdlmrd%2BreueQjvQGWg6LO3nTfl0t0SEHnVbOcr%2FQhEcT9o1J%2Fdz3NzFyXjhyy5TKpYIXDztZBRlQvkSUWG9UN3DEQlJnsBEDczwpHFuo3xEWI2LgDOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://usa-pamgifbskt.yousweeps.com
access-control-allow-credentials: true
cf-ray: 6cf4874d6f5888c1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 dataentry.css
usa-pamgifbskt.yousweeps.com/templates/surfeyo_3/css/ 5 KB
2 KB 68ms
68ms Stylesheet
text/css 2606:4700:3035::ac43:9f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usa-pamgifbskt.yousweeps.com/templates/surfeyo_3/css/dataentry.css
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64bbdf09b27cf8c455a61d7ff421e22399f7080793f2d352429d82c2af502fe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 14 Jan 2022 08:05:58 GMT
server: cloudflare
etag: W/"61e12ee6-14eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pxy3%2FFjrv3dazNk7k1uO6kF2iPEEnr5pwDuZObypB0DYkhLL52jKp3hK6qWzV458jABB6QUBg59INDDHTgCi32VbcYYtIP84dYi8Vsn82IxeQQlEF5PnlA7DiZC1FW1cLPhFPv%2FDoz9k2JVto1dlisRdmgqbpCoEGaS3"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6cf4874d3b36e640-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 1554279755_Pampera.png
im.d-promo.com/upload/ 37 KB
38 KB 38ms
38ms Image
image/png 2606:4700:3030::6815:1dac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.d-promo.com/upload/1554279755_Pampera.png
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1dac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc6ddc4927d637be23b5f4d47c26ce79243bcd8200866e014c5454976caa98db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38372
last-modified: Wed, 03 Apr 2019 08:22:35 GMT
server: cloudflare
etag: "5ca46d4b-95e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KaDSebw3mm8yhqFZVxT0xGekPV3SqIJ0B1jN%2Bc7Gzm17MdVDks8cehtvWtifIMooOC9reM5%2FwjE3Y3wXIOC5aXPckceNsJnSBbjK6eRQoCv7rd%2Fl0g%2BvpijAkBILi%2BNOSggUIt24Yb9x1X2RRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6cf4874d3e3d72d0-LHR

GET
H3 200 1554279741_36467_154.png
im.d-promo.com/upload/ 376 KB
376 KB 34ms
33ms Image
image/png 2606:4700:3030::6815:1dac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.d-promo.com/upload/1554279741_36467_154.png
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1dac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc55ea6f351f6e50dc2a9fc23621bc8c46017cfa68b37db95b13f2e87a0d7f51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 384770
last-modified: Wed, 03 Apr 2019 08:22:21 GMT
server: cloudflare
etag: "5ca46d3d-5df02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MzMmbwJxPqHPGTVnhHLBYodzacLfezL%2FqPxNlE9OzLNbyG8zvALMvOxF2pop0kw%2BEvM3N8DQk7RCuV3iiswtGquz0a5XsHmMYEhRcSM0qwRbTwYnDK3TOuFGXqr5gNULDgmoNCDPPcAZ%2BeExOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6cf4874d5e4b72d0-LHR

GET
H3 200 icon-safe-server-%7B%7Bflow.landing_page.settings.language%7D%7D.png
usa-pamgifbskt.yousweeps.com/templates/surfeyo_2/images/ 4 KB
4 KB 106ms
105ms Image
text/html 2606:4700:3035::ac43:9f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa-pamgifbskt.yousweeps.com/templates/surfeyo_2/images/icon-safe-server-%7B%7Bflow.landing_page.settings.language%7D%7D.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 18 Jan 2022 02:52:39 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.3.33
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrxnKeq02fqX4lx%2B1wErTp2kdcOW%2F97tcU1avtrXOL2C7FQtzFGxD8k7%2FPtT7pbzEm49jzjkFjYVLcAE9ODzDWjmsZdsLnS63ay06bJwXn33KO4dW7KoSXw5J62cG3XcSk75tzW7TOZpvcwkTKU9TIOtVWO1Y1OGkjho"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 6cf4874d8b50e640-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 icon-safe-server-en.png
usa-pamgifbskt.yousweeps.com/templates/surfeyo_2/images/ 4 KB
5 KB 65ms
65ms Image
image/png 2606:4700:3035::ac43:9f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa-pamgifbskt.yousweeps.com/templates/surfeyo_2/images/icon-safe-server-en.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7aa5cf393eb30425ff7614230bf655bc662664ea401fc5b2a113e0b78c8526d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:39 GMT
cf-cache-status: MISS
last-modified: Fri, 14 Jan 2022 08:05:58 GMT
server: cloudflare
etag: "61e12ee6-111f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EdSipLq9Ww9nw6lSmi6tO1J8G2f7Smob2J76HgRpVXXd%2BZrufB6XMYrP335FjadRgirlMj9xKw36Z6I3xA%2FXBl3Bs60FWxhNvUQBZJW%2BrRBL1MEv9T8%2B4doUKhv3i%2FoNPnC%2B016C4t0GOfK3uHlL4crf8ZzG63SRe5Xo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6cf4874d8b51e640-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4383

POST
H2 200 GenerateToken Show response
create.leadid.com/2.11.9/ 36 B
659 B 396ms
185ms XHR
text/plain 54.172.138.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=7397965b-b28c-41c8-8972-529634f0c044&_=791617145

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.138.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-138-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6c320601222594dc7f57997227dff3967b326041a4926a7cd5ffb401a404309e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://usa-pamgifbskt.yousweeps.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 18 Jan 2022 02:52:40 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame BE07 3 KB
2 KB 66ms
18ms Document
text/html 52.222.206.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=F8721D5E-6280-197D-DF68-9BBA7C51049E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.206.169 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-206-169.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/

Response headers

Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Fri, 19 Nov 2021 20:21:09 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Max-Age: 1728000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
P3P: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
Content-Encoding: gzip
Date: Mon, 17 Jan 2022 20:54:12 GMT
ETag: W/"61980735-dbb"
X-Cache: Hit from cloudfront
Via: 1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P3
X-Amz-Cf-Id: JygHz2vdA09NI9eEJowP9F4_nFZMm2vqcwys6NW6sg9lxsSw1L9KJg==
Age: 73632

POST
H2 200 SaveDom Show response
create.leadid.com/2.11.9/ 0
621 B 104ms
103ms XHR
text/plain 54.172.138.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=7397965b-b28c-41c8-8972-529634f0c044&token=F8721D5E-6280-197D-DF68-9BBA7C51049E&_=791617146

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.138.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-138-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://usa-pamgifbskt.yousweeps.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 18 Jan 2022 02:52:40 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
621 B 105ms
104ms XHR
text/plain 54.172.138.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=3&pid=7397965b-b28c-41c8-8972-529634f0c044&token=F8721D5E-6280-197D-DF68-9BBA7C51049E&_=791617147

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.138.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-138-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://usa-pamgifbskt.yousweeps.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 18 Jan 2022 02:52:40 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame 5D57 4 KB
2 KB 328ms
100ms Document
text/html 54.83.117.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=F8721D5E-6280-197D-DF68-9BBA7C51049E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=F8721D5E-6280-197D-DF68-9BBA7C51049E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.117.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-117-76.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d2m2wsoho8qq12.cloudfront.net/

Response headers

date: Tue, 18 Jan 2022 02:52:41 GMT
content-type: text/html
server: nginx
last-modified: Fri, 31 Dec 2021 14:51:34 GMT
etag: W/"61cf18f6-1049"
expires: Wed, 19 Jan 2022 02:52:41 GMT
cache-control: max-age=86400 public
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
content-encoding: gzip

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
622 B 414ms
213ms XHR
text/plain 54.172.138.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=4&pid=7397965b-b28c-41c8-8972-529634f0c044&token=F8721D5E-6280-197D-DF68-9BBA7C51049E&_=791617148

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.138.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-138-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://usa-pamgifbskt.yousweeps.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 18 Jan 2022 02:52:41 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.11.9/ Frame 5D57 0
626 B 309ms
105ms Script
text/javascript 54.172.138.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDeviceId.js?lac=B45AA041-3C06-BF07-E07C-262147A32593&lck=A62329FC-B047-95CA-1835-43098649FF47&methods=48&token=F8721D5E-6280-197D-DF68-9BBA7C51049E&uuid=d11133c1843b4a9bb8061f6ea6d4245c

Requested by

Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=F8721D5E-6280-197D-DF68-9BBA7C51049E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.138.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-138-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:41 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 events Show response
api.trustedform.com/certs/1ff491ffa4a69086cbc76e1e63e6c513ffe667a1/ 0
159 B 312ms
111ms XHR
text/plain 54.80.208.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/1ff491ffa4a69086cbc76e1e63e6c513ffe667a1/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.7.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.80.208.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-80-208-120.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usa-pamgifbskt.yousweeps.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 18 Jan 2022 02:52:41 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

POST
H2 204 events Show response
api.trustedform.com/certs/1ff491ffa4a69086cbc76e1e63e6c513ffe667a1/ 0
159 B 103ms
103ms XHR
text/plain 54.80.208.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/1ff491ffa4a69086cbc76e1e63e6c513ffe667a1/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.7.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.80.208.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-80-208-120.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usa-pamgifbskt.yousweeps.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 18 Jan 2022 02:52:42 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

GET
H3 200 select-bg-dark.jpg
usa-pamgifbskt.yousweeps.com/images/ 1 KB
2 KB 50ms
49ms Image
image/jpeg 2606:4700:3035::ac43:9f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa-pamgifbskt.yousweeps.com/images/select-bg-dark.jpg
Requested by: Host: usa-pamgifbskt.yousweeps.com
URL: https://usa-pamgifbskt.yousweeps.com/templates/surfeyo_3/css/template.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b40999a37bed029d5ab48ffa8665d60306003fedc5e86147f89ead41555d51f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa-pamgifbskt.yousweeps.com/templates/surfeyo_3/css/template.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 02:52:42 GMT
cf-cache-status: MISS
last-modified: Fri, 14 Jan 2022 08:05:57 GMT
server: cloudflare
etag: "61e12ee5-581"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=goppP8y%2F93%2BN7C0c1bp2UrZXKok%2FJAc%2BXWKn8%2FXOICW2iZlBc0107MiydpM0yhl%2BL9p7xd0gjQbg8ejP9BkRGX4JaKzkxIin%2FnjztageGd3uyuhmwhY%2FbQIaBrKBE6ghSIVfs2iI3qnB5yxYcUOuo%2FeyjngNa%2BPGJ7X9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6cf4875e1af0e640-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1409

GET
H3 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v12/ 46 KB
46 KB 43ms
18ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://usa-pamgifbskt.yousweeps.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 14:03:04 GMT
x-content-type-options: nosniff
age: 564578
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46988
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:11 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 11 Jan 2023 14:03:04 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
622 B 105ms
105ms XHR
text/plain 54.172.138.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=5&pid=7397965b-b28c-41c8-8972-529634f0c044&token=F8721D5E-6280-197D-DF68-9BBA7C51049E&_=791617149

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.138.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-138-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://usa-pamgifbskt.yousweeps.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 18 Jan 2022 02:52:42 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			usa-pamgifbskt.yousweeps.com/	1969-12-31 23:59:59	Name: leadid_token-B45AA041-3C06-BF07-E07C-262147A32593-A62329FC-B047-95CA-1835-43098649FF47 Value: F8721D5E-6280-197D-DF68-9BBA7C51049E
			.deviceid.trueleadid.com/	1970-01-25 20:28:19	Name: uuid Value: d11133c1843b4a9bb8061f6ea6d4245c

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://usa-pamgifbskt.yousweeps.com/#/ Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.trustedform.com
apidata.info
app.superpush.io
cdn.trustedform.com
cdnjs.cloudflare.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
fonts.googleapis.com
fonts.gstatic.com
im.d-promo.com
im.zalinco.com
lpapi.d-promo.com
maxcdn.bootstrapcdn.com
rdmroot.com
usa-pamgifbskt.yousweeps.com
2600:9000:223d:f800:1c:7f1a:6680:93a1
2606:4700:10::6816:26b6
2606:4700:3030::6815:1dac
2606:4700:3035::ac43:9f41
2606:4700:3036::6815:5598
2606:4700:3036::ac43:9525
2606:4700:3037::6815:50bd
2606:4700::6810:125e
2606:4700::6812:bcf
2a00:1450:4001:808::2003
2a00:1450:4001:812::200a
2a00:1450:4001:827::200a
34.250.58.61
52.222.206.169
54.172.138.183
54.80.208.120
54.83.117.76
089822305b9af8e8bf8797060fa68e6d18068b4fd7e8938f30b125ab6f61a2b9
13a08170e75cc7b7e9ceec58486200df29f0345a9e3072b79a3cdb243095e7ee
1d9ce70bafa5f50f2631549e1090853aa3fb09cc030e38873bc9087042e28698
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
2782b8c8d8ed05abeebae68fd42bd9d3a436ca49ba78fe434530323a5abafd0c
42515d05b73510e7162718507471169546e3f36577d5e4e60247e77315daeac2
4814d7d10ff2f9745ddb722146d5248a03ef420ac1d6306a0158a97a66bd726f
4c47190daca535a441d6669a54ebbbb0dab1ded19b2371f1d948895e36d4d7bf
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5823698065824032a8bbe6ffeeec153bd6b73d496c2f54094bf2e4440123dbd4
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
602e35a92eec4bc0a2ec6ae113f07bfc6933322fb69fe8dee416e5a67217e2a2
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
6137553a8a5a7f310a8a8a2e5eb3de6f6ad1257803fb1156e4dee18f38cb7bc1
64bbdf09b27cf8c455a61d7ff421e22399f7080793f2d352429d82c2af502fe6
6a4b804705e725b9f4fd4adf6500180b54cc5ddefed460e48d1be724fed155d6
6c320601222594dc7f57997227dff3967b326041a4926a7cd5ffb401a404309e
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
73de4254959530e4d1d9bec586379184f96b4953dacf9cd5e5e2bdd7bfeceef7
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
7a452c4cb8996154d65e61e7c952e0ac9a03a39dfb9348bce797f03593bd0287
7aa5cf393eb30425ff7614230bf655bc662664ea401fc5b2a113e0b78c8526d1
7d3d2973796cb37efef46595d2323374699f79fd23b6a69de94bf83e0040e4d2
818867f18d7ecd7bf43954c828d05ba3f5e06a30d6b878ac25c6c4de9fa16cc4
8c1e90dad6a7cf7aea83622e85032b766db7470604ea348dfa966cdf443bc7b2
8c7dc7c62f2f69c766de6bc0b32c7567cfdd2a7c851df58112f5e35a5b7bf2b8
933b45258d24f63106a86b60d5655528779b502945af5ce29b1077eb955f64d1
95da3176e728e04616d92fe5f50f7ace2a0e52e4f012dba748a32f7745bcbc54
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
9e888eec174f515412b2ba4d17701da6bd6ee03d153d437fda505ea0d98c3535
a058edcd1565f2a25b88e901dffa892f087742ad17c5f149a536bb96c85c9e87
a1f4330a19f15a7da83142f5b49786c47e1669bac57076e021e714814a53238f
a54489ebdaaecbbfcafcc0a8a5ea1177e6121ee0867edb7fa828aa0c913c3bda
ab58b4508ff9a40fa98a44aa77223754fd5de22d903c617998983ab0731ed280
af09c4a1045c825f2e421a5dbda7c284e165afebe05753d43394b97035058ba7
b40999a37bed029d5ab48ffa8665d60306003fedc5e86147f89ead41555d51f7
b65040d2ef65e8133ea99d7b16001117c9806046e6a352b75895ff8cb0ae37ae
bc55ea6f351f6e50dc2a9fc23621bc8c46017cfa68b37db95b13f2e87a0d7f51
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d11c52616084d0f3f8af4e920a99dd026c7a9b6e59744faf173c30b9499b9887
d162d56f584a6aa22a1b82851af652e4ef7c70720f839a27056c7f3544ba9464
d7f70cc319a8ff574e01a88c87345b660b62ce6ebd8ecfee610ccbe0aabcf7a5
dc6ddc4927d637be23b5f4d47c26ce79243bcd8200866e014c5454976caa98db
df5c6c391d2920fad5ba73f2acf0ed4f47e96a55462209581526243ae51be066
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e92af41ea36051ffe9f3c83abec97cec2ac09cdaa2396863958e8b4bc8de5870
ec27d9b0599096807e0703fcb249974bed533bb210038cc8158a3a08a6b9209f
f0cbed8ea368ac5b14d43cb79c277e8360a9ecfc5b4a70151f7bae2a02a50d55
f19e749a3aef00631a1f83451b9f309fb57f49121caea78974743310aaa0323a
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f845eebe366cd7d03014329b5aa57054ac5819e5b05173f79c95418f6d695781
fbe3db100f5e198a84a98d7820acf66f350ba70fbbcd0ea417e20d497f69b435
fe95a4c752590b7e2d5296446643300206175ff9312c477057c1c9dec02e9f84

usa-pamgifbskt.yousweeps.com Open in urlscan Pro 2606:4700:3035::ac43:9f41 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

72 Requests

99 %HTTPS

71 %IPv6

15 Domains

18 Subdomains

17 IPs

3 Countries

2084 kBTransfer

3571 kBSize

2 Cookies

7 Outgoing links

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

usa-pamgifbskt.yousweeps.com Open in urlscan Pro
2606:4700:3035::ac43:9f41 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

99 %
HTTPS

71 %
IPv6

15
Domains

18
Subdomains

17
IPs

3
Countries

2084 kB
Transfer

3571 kB
Size

2
Cookies

72 HTTP transactions
0 data transactions