Report - www.jamrbykn.com/f97f94190e402736acfcd0d42529a21501f8e08b-0-0-0/55119

Report Overview

Submitted URL
www.jamrbykn.com/f97f94190e402736acfcd0d42529a21501f8e08b-0-0-0/55119_/CntFsYumlb8JKPWkGv4g1FgYgfYohYAD
IP
162.247.155.175
ASN
#30235 TWINSERVERS
Submitted
2022-09-12 19:08:31
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.5 kB	142.250.74.3
maxcdn.bootstrapcdn.com	724	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	804 B	1.8 kB	104.18.10.207
cdn.trustedform.com	24659	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	873 B	1.0 kB	54.230.111.91
ocsp2.globalsign.com	1544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	5.7 kB	104.18.21.226
letscashnow.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	506 B	544 B	54.217.67.12
api.trustedform.com	23021	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.5 kB	9.3 kB	34.197.244.247
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	396 B	746 B	142.250.74.10
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
create.leadid.com	14598	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	1.6 kB	52.20.13.104
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.25
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	980 B	94 kB	142.250.74.163
fpc.pushnami.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	475 B	185 B	3.212.12.14
create.lidstatic.com	24133	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	422 B	557 B	104.22.39.182
deviceid.trueleadid.com	2097	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	658 B	332 B	3.210.54.31
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	6.2 kB	95.101.11.115
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.8 kB	54.230.245.118
api.pushnami.com	3782	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	22 kB	54.230.111.75
lpapi.d-promo.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	539 B	684 B	172.67.149.140
rdroot.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.3 kB	52.18.240.70
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	64 kB	34.120.237.76
psp.pushnami.com	16030	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	15 kB	54.145.115.118
us-cashisgood.yousweeps.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	467 B	696 B	104.21.34.106
www.jamrbykn.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	942 B	657 B	162.247.155.175
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	797 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	44.236.232.139
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	395 B	58 kB	142.250.74.106
trc.pushnami.com	3888	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	617 B	52.6.142.0
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.35
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	33 kB	104.17.25.14
im.pblinq.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	424 B	16 kB	104.21.86.26

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-12	medium	jamrbykn.com	Sinkholed
2022-09-12	medium	jamrbykn.com	Sinkholed

JavaScript (24)

	URL	Size	First Seen	Last Seen
	us-cashisgood.yousweeps.com/#/?reqid=2264309202&oid=27966&a=2500&cid=564501&s1=722112	17 B	2023-03-07	2023-08-12
Pretty URL us-cashisgood.yousweeps.com/#/?reqid=2264309202&oid=27966&a=2500&cid=564501&s1=722112 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:13 Last Seen2023-08-12 15:26:27 Times Seen44 Hash 57424c9968a90e1b7daf28827aba6bbe b2e28d38d485ebe36a05fd389671dd089988d5f3 0b0d30f529e887cb2717a00aac8805d08fe709b564d796397a21c3e8c8e637c2 Loading...

	cdn.trustedform.com/trustedform-1.8.27.js	101 kB	2023-03-07	2023-03-17
Pretty URL cdn.trustedform.com/trustedform-1.8.27.js IP 54.230.111.91 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-03-17 12:38:12 Times Seen1 Hash 2f557edcc84fd346c897a4d565e57ac0 b0d9e3bb1be35693c8fa4fbeb1fba3d74df3f651 67a63477cbc6cfaa632e9b56ba4c8a247f34504534b58705906f36a1627c2458 Loading...

	deviceid.trueleadid.com/iframe.html?token=43255767-F36D-A1FA-CFB0-FD0677838F57&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593	4.1 kB	2023-03-07	2023-04-05
Pretty URL deviceid.trueleadid.com/iframe.html?token=43255767-F36D-A1FA-CFB0-FD0677838F57&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593 IP 3.210.54.31 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 02:09:14 Times Seen431 Hash 1d08eacf8810260f7f983057db5300af a6fa3b482a165ab84c34b418bee093c439f74034 61ea1ea5a132046ca584940a34a1eae6c007dc56062d2a76cf0dea486a52048b Loading...

	www.jamrbykn.com/f97f94190e402736acfcd0d42529a21501f8e08b-0-0-0/55119_/CntFsYumlb8JKPWkGv4g1FgYgfYohYAD	98 B	2023-03-07	2023-03-07
Pretty URL www.jamrbykn.com/f97f94190e402736acfcd0d42529a21501f8e08b-0-0-0/55119_/CntFsYumlb8JKPWkGv4g1FgYgfYohYAD IP 162.247.155.175 ASN #30235 TWINSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:22:24 Last Seen2023-03-07 15:22:24 Times Seen1 Hash 161dd4b4ddb085eba4e520628982a840 fe3c1e435dc15fd687b03b2d7b81795268e65434 26a8776e79b4f7f253f69591da7937fa008d4da0efcf0ea56bfc5ba4b866051b Loading...

	cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular-sanitize.min.js	5.9 kB	2023-03-07	2024-04-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular-sanitize.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:13 Last Seen2024-04-19 15:52:17 Times Seen159 Hash 1ed87cdd5af63f804fb0889392dd3917 a2cf7a550d45293d04e79128e920b5452266da8a a1f4330a19f15a7da83142f5b49786c47e1669bac57076e021e714814a53238f Loading...

	us-cashisgood.yousweeps.com/#/?reqid=2264309202&oid=27966&a=2500&cid=564501&s1=722112	48 kB	2023-03-07	2023-03-07
Pretty URL us-cashisgood.yousweeps.com/#/?reqid=2264309202&oid=27966&a=2500&cid=564501&s1=722112 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:22:24 Last Seen2023-03-07 15:22:24 Times Seen1 Hash 8685ecd66c945aa96f63e720e7b7d437 060793274d8876511230c917a57d3583cb2bb56c d1bd8f756ab4d02e685d0a4da21a311178350cbecb63e4f778cddd49dc61ee73 Loading...

	create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2	126 kB	2023-03-07	2023-12-30
Pretty URL create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2 IP 104.22.39.182 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:58:16 Last Seen2023-12-30 23:55:01 Times Seen54 Hash c1b63af7a7b19a763acad8d5c8cd9bbf b1ebcba41e881002a857fefa58a1e3f8fcf7d48f 1d9ce70bafa5f50f2631549e1090853aa3fb09cc030e38873bc9087042e28698 Loading...

	cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.1/moment.min.js	59 kB	2023-03-07	2024-04-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.1/moment.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:47 Last Seen2024-04-19 13:33:24 Times Seen1064 Hash 5c158b940513c7dc2ebd901455e9b63d f992a08c86f88b10abd35fae20d468ec52c824e6 73de4254959530e4d1d9bec586379184f96b4953dacf9cd5e5e2bdd7bfeceef7 Loading...

	us-cashisgood.yousweeps.com/#/?reqid=2264309202&oid=27966&a=2500&cid=564501&s1=722112	578 B	2023-03-07	2023-03-10
Pretty URL us-cashisgood.yousweeps.com/#/?reqid=2264309202&oid=27966&a=2500&cid=564501&s1=722112 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:58:16 Last Seen2023-03-10 10:51:37 Times Seen1 Hash 3dfcdf2dae9823b3819126c3d0611f8a bc563598898e1e695ec0440c3a1365f2b4ec6f8b 17b203e7c782101d08ef59f3170a09080d6563b599ec1bfdef2e94572ede2c34 Loading...

	api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16630096897520.45102322553745033&invert_field_sensitivity=false	8.1 kB	2023-03-07	2023-03-17
Pretty URL api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16630096897520.45102322553745033&invert_field_sensitivity=false IP 34.197.244.247 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-03-17 12:38:12 Times Seen1 Hash 97d91c9803cec4e7981c0f415c2c1923 ed508735ac5818f50c57414d11efd642708e54de 607020848525f662633b5a3d9c7826462e6dab9b39967e0ee572c91a83f7f9b1 Loading...

	api.pushnami.com/scripts/v1/hub	2.2 kB	2023-03-07	2023-04-05
Pretty URL api.pushnami.com/scripts/v1/hub IP 54.230.111.75 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:18 Last Seen2023-04-05 02:09:14 Times Seen248 Hash 4f3d09e06f20622c845f37aa0ef256d1 49fe8f902accecd54149545b5ccfe345d58d4ad9 36b8028fa60ceb91035f7663de0d56ba8ff9b8d6f3c1e0b7ade9d3c13ec74807 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js	37 kB	2023-03-07	2024-04-19
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-04-19 21:53:28 Times Seen54364 Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js	86 kB	2023-03-07	2024-04-19
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-04-19 21:13:16 Times Seen7384 Hash 05e51b1db558320f1939f9789ccf5c8f c72c1735b4d903d90dd51225ebefb8c74ebbc51f 702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb Loading...

	apidata.info/js	816 B	2023-03-07	2023-03-10
Pretty URL apidata.info/js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:13 Last Seen2023-03-10 10:51:37 Times Seen1 Hash 8b94aeaebcdf0be8b79897d3f6245cdf cf8e1e6546b01ac00d07119b09c70a76b35c6255 faa5e681645cf7d6f5d75ae505c2a0563f48c4781f06982f7e2c474de7612917 Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 21:56:20 Times Seen36967547 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	us-cashisgood.yousweeps.com/#/?reqid=2264309202&oid=27966&a=2500&cid=564501&s1=722112	175 B	2023-03-07	2023-08-09
Pretty URL us-cashisgood.yousweeps.com/#/?reqid=2264309202&oid=27966&a=2500&cid=564501&s1=722112 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:58:16 Last Seen2023-08-09 20:18:57 Times Seen38 Hash 50d4cb9e18f90d5263dc4d9e8be0ea75 636b7bd7839b78c60a32f846f89d10418bc968f5 ec4b8dbbe570006f55975304a78143e0bf393c6c8671fb9194ffa857af5150d6 Loading...

	us-cashisgood.yousweeps.com/#/?reqid=2264309202&oid=27966&a=2500&cid=564501&s1=722112	21 B	2023-03-07	2023-12-29
Pretty URL us-cashisgood.yousweeps.com/#/?reqid=2264309202&oid=27966&a=2500&cid=564501&s1=722112 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:58:16 Last Seen2023-12-29 09:10:02 Times Seen48 Hash d9827b843297cf975fc4490be0c72327 8fcb2f4fa93e779c474a1f12c7536b3b6a089331 0f3a6499f665b7ee41c69a76fe4ab50f56461f488caddaa977817033de62d097 Loading...

	api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7	253 kB	2023-03-07	2023-03-07
Pretty URL api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7 IP 54.230.111.75 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:58:16 Last Seen2023-03-07 15:22:24 Times Seen1 Hash d061352159b161db5b72ce057bea2977 cff5bac456d69201951da51fff827cb211dfc0dd aa4d2b80c7ab5ca7e020305c0128ab76addc453acc0ae2fe2ae147716de7069d Loading...

	d2m2wsoho8qq12.cloudfront.net/iframe.html?token=43255767-F36D-A1FA-CFB0-FD0677838F57&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593	3.4 kB	2023-03-07	2023-04-05
Pretty URL d2m2wsoho8qq12.cloudfront.net/iframe.html?token=43255767-F36D-A1FA-CFB0-FD0677838F57&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 02:09:14 Times Seen430 Hash dd90e68a27b15b3378f44fa576f7cde5 64a9f1d55a2ff24678318bd48fde93fcec154397 5127171a2622e36e3899b78eaea4e123fffbc640879520918c6a3b79b0548037 Loading...

	us-cashisgood.yousweeps.com/#/?reqid=2264309202&oid=27966&a=2500&cid=564501&s1=722112	636 B	2023-03-07	2023-12-30
Pretty URL us-cashisgood.yousweeps.com/#/?reqid=2264309202&oid=27966&a=2500&cid=564501&s1=722112 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:58:16 Last Seen2023-12-30 23:54:59 Times Seen62 Hash aa282ba19977a474904c0351fcb9c78d 4402f24232292e77966db1f5cfff8dd4807c8d9b a691d0083f3bf0381bee8a92c2aaf66da05c9623ef5d28eb619f5d309fae64a5 Loading...

	us-cashisgood.yousweeps.com/#/?reqid=2264309202&oid=27966&a=2500&cid=564501&s1=722112	105 B	2023-03-07	2024-02-05
Pretty URL us-cashisgood.yousweeps.com/#/?reqid=2264309202&oid=27966&a=2500&cid=564501&s1=722112 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:13 Last Seen2024-02-05 21:12:21 Times Seen68 Hash b4ec9fb58f2891f65ac977d5c560f024 58d4ac4f0550381fa83738fafb447c79e0d86237 e6fc206947358c9deb51fdd681605e9be6acf7167128d22330edec17718ee2ae Loading...

	cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js	17 kB	2023-03-07	2024-02-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:13 Last Seen2024-02-19 23:28:32 Times Seen238 Hash 9dc30a5f28951b5f0623ac993885a2af 5c031b6959fef792df316f42575262425a1f2bfb fe95a4c752590b7e2d5296446643300206175ff9312c477057c1c9dec02e9f84 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 5923e6a91fd004cc0815f0a5494f6368	14 B	2023-03-07	2024-04-18
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-04-18 12:28:01 Times Seen2526 Hash 5923e6a91fd004cc0815f0a5494f6368 6f0cc8f774ac9d8240ffe81a9c659c9612d7bb70 0510de046e8325540849bad09f31eaaa3e9256fafd330c5d57327dc948812a33 Loading...

	#2 Eval - b0ff4ba2bdf42f924abd36fca0e85fa7	13 B	2023-03-07	2024-04-14
Pretty Observations First Seen2023-03-07 01:10:13 Last Seen2024-04-14 18:47:55 Times Seen265 Hash b0ff4ba2bdf42f924abd36fca0e85fa7 32fc2eebe350d0737365eda180408156c1060b1f 4ecb5086bdca7011673e0fce3e8c3248e0291e0544e5ab5ac1e32bbbcc0d6045 Loading...

HTTP Transactions (70)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 12 Sep 2022 18:44:01 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: P0l1cO6rlQpelyV8yKBhTnPSooX_Z342CYb4S7IAOc5pKPv7RgBLuw==
Age: 1459

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7465
Expires: Mon, 12 Sep 2022 21:12:45 GMT
Date: Mon, 12 Sep 2022 19:08:20 GMT
Connection: keep-alive

www.jamrbykn.com/f97f94190e402736acfcd0d42529a21501f8e08b-0-0-0/55119_/CntFsYumlb8JKPWkGv4g1FgYgfYohYAD

162.247.155.175

302 Found

0 B

URL HTTP/1.1
www.jamrbykn.com/f97f94190e402736acfcd0d42529a21501f8e08b-0-0-0/55119_/CntFsYumlb8JKPWkGv4g1FgYgfYohYAD
IP
162.247.155.175:0
ASN
#30235 TWINSERVERS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /f97f94190e402736acfcd0d42529a21501f8e08b-0-0-0/55119_/CntFsYumlb8JKPWkGv4g1FgYgfYohYAD HTTP/1.1
Host: www.jamrbykn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Mon, 12 Sep 2022 19:08:20 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Server: Apache
Location: https://www.jamrbykn.com/f97f94190e402736acfcd0d42529a21501f8e08b-0-0-0/55119_/CntFsYumlb8JKPWkGv4g1FgYgfYohYAD

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1uhwWN8w2eztcAS1WycTkDHxVuaUW-Dsz84ST86HslF1ANBGTlb2SQ==
age: 42668
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 19:08:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4f7fb38d851f1f71042424c48bacbb0e
531de5708aa4ffbddfb239d71d375cd21e893e80
bd6b833a4d7bd96e1e9916ea331ea28291c33d8b0578b7478a5b13ddc259a4ef

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD6B833A4D7BD96E1E9916EA331EA28291C33D8B0578B7478A5B13DDC259A4EF"
Last-Modified: Mon, 12 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21556
Expires: Tue, 13 Sep 2022 01:07:36 GMT
Date: Mon, 12 Sep 2022 19:08:20 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 12 Sep 2022 18:56:07 GMT
Expires: Mon, 12 Sep 2022 19:52:25 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: K5Nam-O9zEyGt8sWLoyvK6_2dk0C4bVpy4C3id9n98eHHwMppjOkkA==
Age: 733

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cb674936db4af4be99c3c397eff8c6ae
de79d76bac3fae5799b0ff35ecc19360595dfb06
992b884b64f9f6fdb76a6ba91c48fed329325b95b99d8003b282879a52093c08

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5309
Cache-Control: max-age=138415
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 19:08:20 GMT
Etag: "631ee896-1d7"
Expires: Wed, 14 Sep 2022 09:35:15 GMT
Last-Modified: Mon, 12 Sep 2022 08:06:46 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

www.jamrbykn.com/f97f94190e402736acfcd0d42529a21501f8e08b-0-0-0/55119_/CntFsYumlb8JKPWkGv4g1FgYgfYohYAD

162.247.155.175

200 OK

138 B

URL HTTP/1.1
www.jamrbykn.com/f97f94190e402736acfcd0d42529a21501f8e08b-0-0-0/55119_/CntFsYumlb8JKPWkGv4g1FgYgfYohYAD
IP
162.247.155.175:0
ASN
#30235 TWINSERVERS

File type
HTML document, ASCII text, with no line terminators
Size
138 B (138 bytes)
Hash
97675a4714cdc582c0210e6650d29f73
041724096c7fa1081be8ad64e2acd840503aff73
b6f5cf17e444f8e5951bcf6bb1db6d65c8017eb6a271d84df2191fe2f89d9bcf

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /f97f94190e402736acfcd0d42529a21501f8e08b-0-0-0/55119_/CntFsYumlb8JKPWkGv4g1FgYgfYohYAD HTTP/1.1
Host: www.jamrbykn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 19:08:20 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 138
Server: Apache
Set-Cookie: uid29078=881041640-20220912150820-a19b151533921ed8b292c023586fd730-; domain=jamrbykn.com; path=/; SameSite=None; Secure

push.services.mozilla.com/

44.236.232.139

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.236.232.139:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9iNTI3yvlKTqw+Ox90oKxQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZOA/ZLy224M0hjlgrvzHZahjp0o=

ocsp2.globalsign.com/gsalphasha2g2

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
ded84fb4c364e650d395a4bc0f0c7ebc
d087df45ead903f6c7c608bec56b811e3ab69c6c
47f9da26d05ff4ebba512685b27be9864864fd8d0ef7eae7886ec75ffdadd72d

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 19:08:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Fri, 16 Sep 2022 17:22:11 GMT
ETag: "d087df45ead903f6c7c608bec56b811e3ab69c6c"
Last-Modified: Mon, 12 Sep 2022 17:22:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749aee675a06b500-OSL

letscashnow.com/?a=2500&oc=34077&c=66196&m=7&s1=722112&s2=881041640

54.217.67.12

302 Found

256 B

URL HTTP/1.1
letscashnow.com/?a=2500&oc=34077&c=66196&m=7&s1=722112&s2=881041640
IP
54.217.67.12:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
256 B (256 bytes)
Hash
7831d5695ea0cf7b1ba7b33260cd05e3
8ac30a4e27606910b34a7a416ea67d755a7fe9c2
ac14d03c2f1fb8db12f8535d28af86ae9d6b15abe89cb061d48713947cdd907d

HTTP Headers

GET /?a=2500&oc=34077&c=66196&m=7&s1=722112&s2=881041640 HTTP/1.1
Host: letscashnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jamrbykn.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 256
Content-Type: text/html; charset=utf-8
Date: Mon, 12 Sep 2022 19:08:21 GMT
Location: https://rdroot.com/?a=2500&oc=34077&c=66196&m=7&s1=722112&s2=881041640&ckmguid=448ff410-eeba-4832-b883-89ef04e35223
Connection: close

ocsp2.globalsign.com/gsalphasha2g2

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
81e9a4198661e08eeb68aa766911e842
bae5844668b1d1555ba827a773c49468f9fa782c
cba111c6d1a5953c1a35d85eb1460e15f2100aeb71e85dc7cc314ae14d139ad4

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 19:08:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Fri, 16 Sep 2022 17:42:07 GMT
ETag: "bae5844668b1d1555ba827a773c49468f9fa782c"
Last-Modified: Mon, 12 Sep 2022 17:42:08 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749aee699d4eb500-OSL

rdroot.com/?a=2500&oc=34077&c=66196&m=7&s1=722112&s2=881041640&ckmguid=448ff410-eeba-4832-b883-89ef04e35223

52.18.240.70

302 Found

226 B

URL HTTP/1.1
rdroot.com/?a=2500&oc=34077&c=66196&m=7&s1=722112&s2=881041640&ckmguid=448ff410-eeba-4832-b883-89ef04e35223
IP
52.18.240.70:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
226 B (226 bytes)
Hash
de3518e29d54dce17f1ac7239907729a
7dfe3b96ea25d006cabb04b5142b0c6d3228c09d
06ac5249cd95a76f273140e2b3b30820e88ba07e2395a981dbb3ae9af1ab1961

HTTP Headers

GET /?a=2500&oc=34077&c=66196&m=7&s1=722112&s2=881041640&ckmguid=448ff410-eeba-4832-b883-89ef04e35223 HTTP/1.1
Host: rdroot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jamrbykn.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 226
Content-Type: text/html; charset=utf-8
Date: Mon, 12 Sep 2022 19:08:23 GMT
Location: https://us-cashisgood.yousweeps.com/#/?reqid=2264309202&oid=27966&a=2500&cid=564501&s1=722112
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=UfIQ8L4xDkQKm6rgxD7EmDCIQ6PNCv2F72E00xqDCkuPtrBEVTAC0w==; domain=.rdroot.com; path=/; SameSite=None; secure; HttpOnly
trk=OT3L0LwEDgf5AVkKZ9LJXzCIQ6PNCv2F72E00xqDCkuPtrBEVTAC0w==; domain=.rdroot.com; expires=Thu, 12-Sep-2024 19:08:23 GMT; path=/; SameSite=None; secure; HttpOnly
c27966=UfIQ8L4xDkTT9LF0JjD+L0KGBkEAeAHPwKNgNkmnUGcj9OjSIkVNxw==; domain=.rdroot.com; expires=Wed, 14-Sep-2022 19:08:23 GMT; path=/; SameSite=None; secure; HttpOnly
Connection: close

cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular-sanitize.min.js

104.17.25.14

200 OK

2.7 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular-sanitize.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1253)
Size
2.7 kB (2728 bytes)
Hash
025d2eaf19c48f83eeb6368c60839484
4fa72f281c2b33fe0dece1ddf6cbe7fc2d27b18b
c740dd02a6a218bcc30200e2e1ce78b635b30907ee1f4239a21b3706d81b6a29

HTTP Headers

GET /ajax/libs/angular.js/1.5.8/angular-sanitize.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://us-cashisgood.yousweeps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 12 Sep 2022 19:08:22 GMT
content-type: application/javascript; charset=utf-8
content-length: 2728
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d27-16e5"
last-modified: Mon, 04 May 2020 16:04:55 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 736407
expires: Sat, 02 Sep 2023 19:08:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dfGy8Oih9nTbzzo%2FJDNmCx1FshbeIW3MhvoDB5%2Bl7GEueVtqvx3IkyfOejs5X6tY3lQqM7cspQXWZtbHF%2FX%2FfBfGFim7dX2V2J%2BSgr5t6zA%2BG15O32hv5vROL6J3kSNTQIhBKzl3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 749aee6d8c19fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

104.17.25.14

200 OK

4.2 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65348)
Size
4.2 kB (4216 bytes)
Hash
eefc9abe5bc10d658a2393a70d052566
dd49deafcd3ebe1306cda0b843f2da265f8a90e1
6011c33e447455e96e1d4926b0e15ca399eb993163a8e5ee0c523947396d66c3

HTTP Headers

GET /ajax/libs/animate.css/4.1.1/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://us-cashisgood.yousweeps.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 12 Sep 2022 19:08:22 GMT
content-type: text/css; charset=utf-8
content-length: 4216
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f5628a2-11846"
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 1641913
expires: Sat, 02 Sep 2023 19:08:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UWoKteqAWELL%2Bf3QisZHi44jBIlDjcs6e29aN6kwNLS%2B5iozy%2FpQiaqPcnxm9ksWygYUA3qqnEm34vOfcHRZGkzHK0x0q1slGVbq39u7XddCh8uaqPRHl5VMH5TFApM%2BTckPGSGJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 749aee6dac30fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js

104.17.25.14

200 OK

5.0 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (17117)
Size
5.0 kB (4996 bytes)
Hash
c418dbc7ffcf6d7874db7ce864797577
7b2351ed37568cb0a9edf82c5fea0a4c1b9fe161
2c571556f8548fcea79358c058c978e076a37d2053ff7e5424f30a26ddd00b68

HTTP Headers

GET /ajax/libs/postscribe/2.0.6/postscribe.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://us-cashisgood.yousweeps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 12 Sep 2022 19:08:22 GMT
content-type: application/javascript; charset=utf-8
content-length: 4996
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03faa-43d5"
last-modified: Mon, 04 May 2020 16:15:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 13361132
expires: Sat, 02 Sep 2023 19:08:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1us3VYcdzsvt61I5SV9YZf24yTvH0C7wi6lw0c3EO4%2BZBkRAUrCN2QvGx0ywNaa6lpcaTKLS0%2FO2MNmx9R6gY1eEFTMRo93ONstYpCBz1W2bkl3pzeZDfSbyJrav%2FQz2HFdpvyoO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 749aee6dbc4cfab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.1/moment.min.js

104.17.25.14

200 OK

17 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.1/moment.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (58823)
Size
17 kB (16919 bytes)
Hash
48342f85265e1ef95883b48352d8a901
4aca39aa1a6059cd73a3c6c8e8db6e704d5f6172
8d42979137cc37cb51593048aa96e73d7035948b75d4152fcd352052fb3c49ed

HTTP Headers

GET /ajax/libs/moment.js/2.29.1/moment.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://us-cashisgood.yousweeps.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 12 Sep 2022 19:08:22 GMT
content-type: application/javascript; charset=utf-8
content-length: 16919
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f7c5ca4-e5ee"
last-modified: Tue, 06 Oct 2020 12:01:40 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 353806
expires: Sat, 02 Sep 2023 19:08:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SBIEcn6CBEWEGIU8HOhxMlYAIwPv96SK5g1EOnrNdVsjqaiMhdnf7flcgTJXM7YAndVbYzT2%2FJRZ%2F9uDJNul2NMnfdGG54aooRwHc5mj26CDeaEOEC7mdRBd%2BVPFKg1iC5l1Lr84"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 749aee6dddaa0b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 19:08:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bff3a3f3f4f889b08163e7d307438790
c430c7c151973fa0e63ddf52e5624e1ce2282161
bce7d12a2343d8e43fbd05522fe82807ed48933a984aa113c284267364981750

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 19:08:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js

142.250.74.106

200 OK

57 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (639)
Size
57 kB (56572 bytes)
Hash
16abe8134746c9d66a3436006e47a3d1
eef0f59e50cd12a6a19b2d95ea448d0dbc96672a
93fc080850df170ab2a705d758b118b030545c1b6b3240d085a477ea4dfdde9c

HTTP Headers

GET /ajax/libs/angularjs/1.5.8/angular.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://us-cashisgood.yousweeps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 56572
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 23:39:09 GMT
expires: Sat, 09 Sep 2023 23:39:09 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 242953
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bff3a3f3f4f889b08163e7d307438790
c430c7c151973fa0e63ddf52e5624e1ce2282161
bce7d12a2343d8e43fbd05522fe82807ed48933a984aa113c284267364981750

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 19:08:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
9d2b33675c603bfab7ef8308a9fbebe5
ce78c7256ec0b9a8641a065570f19b5997623090
7be8ba23b2d52077d8c651f8e85c1b70363b53e3235c2c55b8618b2472f9fc99

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 12 Sep 2022 19:08:22 GMT
Last-Modified: Mon, 12 Sep 2022 17:31:00 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Bl1i0r0V7YLITKVTbixUrvCnq9YxyNXKxGer3as7jh4oocUjTAZvMA==
Age: 5842

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2803
Expires: Mon, 12 Sep 2022 19:55:05 GMT
Date: Mon, 12 Sep 2022 19:08:22 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2803
Expires: Mon, 12 Sep 2022 19:55:05 GMT
Date: Mon, 12 Sep 2022 19:08:22 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2803
Expires: Mon, 12 Sep 2022 19:55:05 GMT
Date: Mon, 12 Sep 2022 19:08:22 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2803
Expires: Mon, 12 Sep 2022 19:55:05 GMT
Date: Mon, 12 Sep 2022 19:08:22 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2803
Expires: Mon, 12 Sep 2022 19:55:05 GMT
Date: Mon, 12 Sep 2022 19:08:22 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13568 bytes)
Hash
8625e0707046e7a3715a8dbb40b1cae2
0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78
abc4c12561be08897341d9c8104c30a289357c0907e55c46895f7fb6afb2f75d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13568
x-amzn-requestid: a2fadcbe-350b-4a06-9f9c-ee2da40bb285
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YEESeHA_oAMFjCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317e742-4740aa3f4ebd479e7a4886ed;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 00:35:14 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: jbF2ZaJUhIoJV-o4f6iviFyUnoDW4R0KHTfC5NySmITnsLbD5iJrPQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 14:22:45 GMT
age: 17137
etag: "0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (6999 bytes)
Hash
b7ccc33ae0c85a906f2c17db281ec790
1904722d70348235d5472c54f888d2b4b991e2aa
f48edc03624f582b05b596694b76bd784f85eb9f2ca5dd025bbea9cc2ff1f096

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6999
x-amzn-requestid: 61e3e817-fb62-47c7-b938-2dfc6a134622
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO1mlG3XIAMFo5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3629-37c2c8982c4ccf891875c59a;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:00:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: S2TR552YpZeEbhTSAn4vdXexYpvR4Lrr-LaJmfNd7LnO0L4QM8w-Dg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 03:38:55 GMT
age: 55767
etag: "1904722d70348235d5472c54f888d2b4b991e2aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8799 bytes)
Hash
c14088c4ca0d576e087feed41b7f1565
172b23f2ef39b6c3fdebb5441b10a95712206d0a
2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: 1bcdf387-9ad2-449a-861e-3352b1744d23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUI-0G6vIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e552b-42aa46af6315148106c4fdee;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: g2mxKK8L5T4YkeD8JqNUuV_KfsIq8ypRMvxhsyzSZSEIP4gDl4zLVQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:41:51 GMT
age: 77191
etag: "172b23f2ef39b6c3fdebb5441b10a95712206d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8485 bytes)
Hash
e407da4d97d497925b1ab523fd416787
166741631fb93d109b18dde6d316b3fa3276aa8f
707460c02438da6114e35e0b6569d42c0f3fb747f8cb51002f4d52bedbcffa61

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8485
x-amzn-requestid: a56c9282-2786-4ae7-9fc2-0468bcc820a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FM1oAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-753cc4f121c9b77d22bb82b5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2jR7F56GE_qqbRBWjNDiDBgWbCYv-Ac6kvC1LI0HciQkKGTeNDYlyw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:57:43 GMT
age: 76239
etag: "166741631fb93d109b18dde6d316b3fa3276aa8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9815 bytes)
Hash
239262b6ab17cb19414c35cd4f761092
48eddcf9838e980e67cc8f9cbb05b475df2f0331
cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9815
x-amzn-requestid: 89243e57-94eb-4c6b-903f-aa01df030ecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxnEAjoAMF_Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d6-199403e2695b214711f5117f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NKM6RRhJ5AuRF4NKSyBO6-KMkd1UGaw3DuZBkBao_8fzzpkMeDrn0w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:55:40 GMT
etag: "48eddcf9838e980e67cc8f9cbb05b475df2f0331"
content-type: image/jpeg
age: 76362
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9466 bytes)
Hash
6174529fff57758e958da5432344962f
05ec2076b32398d60ee77fab8c14345bc7dfe647
65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9466
x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOTeoHMKoAMFr5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: u_jETr8miiFyuhq7R09yb0lAP-hUv_6eTRV81Xzd9gSqU31VXwC9CQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 03:15:48 GMT
age: 57154
etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16630096897520.45102322553745033&invert_field_sensitivity=false

34.197.244.247

301 Moved Permanently

134 B

URL HTTP/2
api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16630096897520.45102322553745033&invert_field_sensitivity=false
IP
34.197.244.247:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

HTTP Headers

GET /trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16630096897520.45102322553745033&invert_field_sensitivity=false HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://us-cashisgood.yousweeps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: awselb/2.0
date: Mon, 12 Sep 2022 19:08:22 GMT
content-type: text/html
content-length: 134
location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16630096897520.45102322553745033&invert_field_sensitivity=false
X-Firefox-Spdy: h2

ocsp2.globalsign.com/gsalphasha2g2

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
81e9a4198661e08eeb68aa766911e842
bae5844668b1d1555ba827a773c49468f9fa782c
cba111c6d1a5953c1a35d85eb1460e15f2100aeb71e85dc7cc314ae14d139ad4

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 19:08:22 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Fri, 16 Sep 2022 17:42:07 GMT
ETag: "bae5844668b1d1555ba827a773c49468f9fa782c"
Last-Modified: Mon, 12 Sep 2022 17:42:08 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749aee704874b500-OSL

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4894843dd17150368f9e81305262c361
09c1036ec45f4da92b1749c5b0a76062d32ee681
5242d2bcde6e9f49b38e0749771de0388b9687af78be7b13a27e147b3e38684e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 19:08:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

142.250.74.163

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 45300, version 1.0\012- data
Size
45 kB (45300 bytes)
Hash
5fe660c3a23b871807b0e1d3ee973d23
62a9dd423b30b6ee3ab3dd40d573545d579af10a
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

HTTP Headers

GET /s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://us-cashisgood.yousweeps.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 45300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:27:53 GMT
expires: Thu, 07 Sep 2023 19:27:53 GMT
cache-control: public, max-age=31536000
age: 430829
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

rdroot.com/p.ashx?o=27966&e=1019&t=2264309202&r=2264309202

54.217.67.12

200 OK

2 B

URL HTTP/1.1
rdroot.com/p.ashx?o=27966&e=1019&t=2264309202&r=2264309202
IP
54.217.67.12:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
227dc251e1411f6b6fffcd1c30486f4d
8c71b835789865c9f242316c7ebbdc25cea35b2d
6a4b804705e725b9f4fd4adf6500180b54cc5ddefed460e48d1be724fed155d6

HTTP Headers

GET /p.ashx?o=27966&e=1019&t=2264309202&r=2264309202 HTTP/1.1
Host: rdroot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://us-cashisgood.yousweeps.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 2
Content-Type: text/plain; charset=utf-8
Date: Mon, 12 Sep 2022 19:08:22 GMT
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: close

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4894843dd17150368f9e81305262c361
09c1036ec45f4da92b1749c5b0a76062d32ee681
5242d2bcde6e9f49b38e0749771de0388b9687af78be7b13a27e147b3e38684e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 19:08:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

im.pblinq.com/upload/1559724654_consumers-connect-presents_white.png

104.21.86.26

200 OK

15 kB

URL HTTP/2
im.pblinq.com/upload/1559724654_consumers-connect-presents_white.png
IP
104.21.86.26:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
15 kB (14995 bytes)
Hash
3303df2b6d977ee69b2e9b1e3d23e5a3
994aeaf86353c3a9b81f3afdd43129dab5f18204
b6fcc7193ef3d1a9ce468380a5e721ffb178b9ecd6613d3365a5879d122f67fa

HTTP Headers

GET /upload/1559724654_consumers-connect-presents_white.png HTTP/1.1
Host: im.pblinq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://us-cashisgood.yousweeps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 12 Sep 2022 19:08:23 GMT
content-type: image/png
content-length: 14059
last-modified: Wed, 05 Jun 2019 08:50:54 GMT
etag: "5cf7826e-36eb"
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K1crsuJyG7R7i6nI8vjv5sY4bod9i%2FkoBEmp5qqF9dapwUwasXT5syMy31mjDoRUaeGHKAeWi9spDjsglQ2vPDqfAKo7knq66p%2B6E9XIxaRSKvFYGOktgQV98RAxJ%2Foe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 749aee73ca0cb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

api.trustedform.com/certs

34.197.244.247

201 Created

475 B

URL HTTP/2
api.trustedform.com/certs
IP
34.197.244.247:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with very long lines (475), with no line terminators
Size
475 B (475 bytes)
Hash
c59f7562e500d3deea8db0f034a81485
b113bf9c0a8911c55852f3894c02616b0e665164
2bc4d48eaf6047389533706bc7f83d5ce13e8909e645ed0cd75732ccff868cb1

HTTP Headers

POST /certs HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 608
Origin: https://us-cashisgood.yousweeps.com
Connection: keep-alive
Referer: https://us-cashisgood.yousweeps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 201 Created
date: Mon, 12 Sep 2022 19:08:23 GMT
content-type: application/json; charset=utf-8
content-length: 475
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2

fpc.pushnami.com/psfp/f6a633f2-49df-4da4-ae6e-6341f5f9a73d/check?websiteId=62a7807cf9e9090013c65cc6

3.212.12.14

200 OK

0 B

URL HTTP/2
fpc.pushnami.com/psfp/f6a633f2-49df-4da4-ae6e-6341f5f9a73d/check?websiteId=62a7807cf9e9090013c65cc6
IP
3.212.12.14:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /psfp/f6a633f2-49df-4da4-ae6e-6341f5f9a73d/check?websiteId=62a7807cf9e9090013c65cc6 HTTP/1.1
Host: fpc.pushnami.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://us-cashisgood.yousweeps.com
Connection: keep-alive
Referer: https://us-cashisgood.yousweeps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 12 Sep 2022 19:08:23 GMT
content-length: 0
access-control-allow-origin: *
vary: Origin
x-request-id: uoxToU8jamPiJiCiIBgekukxFMccd7Ll
X-Firefox-Spdy: h2

api.trustedform.com/certs/3b2372e2167f7383cff19bd504238508ee87659b/fingerprints

34.197.244.247

204 No Content

0 B

URL HTTP/2
api.trustedform.com/certs/3b2372e2167f7383cff19bd504238508ee87659b/fingerprints
IP
34.197.244.247:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /certs/3b2372e2167f7383cff19bd504238508ee87659b/fingerprints HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 305
Origin: https://us-cashisgood.yousweeps.com
Connection: keep-alive
Referer: https://us-cashisgood.yousweeps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Mon, 12 Sep 2022 19:08:23 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2

api.trustedform.com/certs/3b2372e2167f7383cff19bd504238508ee87659b/snapshot

34.197.244.247

204 No Content

6.8 kB

URL HTTP/2
api.trustedform.com/certs/3b2372e2167f7383cff19bd504238508ee87659b/snapshot
IP
34.197.244.247:0
ASN
#14618 AMAZON-AES

File type
data
Size
6.8 kB (6793 bytes)
Hash
b229a1d0d2c32e25974c8c0f114c2ce0
6ecc5caa25e4b4217c2fe48b7fdbdee87e25ece4
81476f1085debb21f6f85094b95fcc853942fd2d39a1dc1a91306d96e5cc34e0

HTTP Headers

POST /certs/3b2372e2167f7383cff19bd504238508ee87659b/snapshot HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 12259
Origin: https://us-cashisgood.yousweeps.com
Connection: keep-alive
Referer: https://us-cashisgood.yousweeps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Mon, 12 Sep 2022 19:08:23 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2

psp.pushnami.com/api/psp

54.145.115.118

200 OK

14 kB

URL HTTP/2
psp.pushnami.com/api/psp
IP
54.145.115.118:0
ASN
#14618 AMAZON-AES

File type
data
Size
14 kB (14477 bytes)
Hash
de7fa17255b0c73b729bae028072b7c8
ad70cf5b953d52ea30584790e72c0d8870012846
a700aa1bd25c792277c8c0e1c56cdd92f39e5887251c4825dfae5055e04e5129

HTTP Headers

POST /api/psp HTTP/1.1
Host: psp.pushnami.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/x-www-form-urlencoded
key: 62a7807cf9e9090013c65cc7
Origin: https://us-cashisgood.yousweeps.com
Content-Length: 46
Connection: keep-alive
Referer: https://us-cashisgood.yousweeps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Sep 2022 19:08:23 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: https://us-cashisgood.yousweeps.com
access-control-allow-credentials: true
cache-control: no-cache
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2

trc.pushnami.com/api/push/track

52.6.142.0

204 No Content

0 B

URL HTTP/2
trc.pushnami.com/api/push/track
IP
52.6.142.0:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/push/track HTTP/1.1
Host: trc.pushnami.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Referer: https://us-cashisgood.yousweeps.com/
Origin: https://us-cashisgood.yousweeps.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Mon, 12 Sep 2022 19:08:23 GMT
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-max-age: 86400
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
X-Firefox-Spdy: h2

trc.pushnami.com/api/push/track

52.6.142.0

200 OK

2 B

URL HTTP/2
trc.pushnami.com/api/push/track
IP
52.6.142.0:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

POST /api/push/track HTTP/1.1
Host: trc.pushnami.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/x-www-form-urlencoded
key: 62a7807cf9e9090013c65cc7
Origin: https://us-cashisgood.yousweeps.com
Content-Length: 76
Connection: keep-alive
Referer: https://us-cashisgood.yousweeps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Sep 2022 19:08:24 GMT
content-type: text/html; charset=utf-8
content-length: 2
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
X-Firefox-Spdy: h2

api.trustedform.com/certs/3b2372e2167f7383cff19bd504238508ee87659b/events

34.197.244.247

204 No Content

0 B

URL HTTP/2
api.trustedform.com/certs/3b2372e2167f7383cff19bd504238508ee87659b/events
IP
34.197.244.247:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /certs/3b2372e2167f7383cff19bd504238508ee87659b/events HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 3402
Origin: https://us-cashisgood.yousweeps.com
Connection: keep-alive
Referer: https://us-cashisgood.yousweeps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Mon, 12 Sep 2022 19:08:24 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
5ff3b3f85df72de354852671a26e4520
afd3c0d16e3557d0c464a5d0de64b449f37c4a74
9465312057a7e50d8c4ddb03964a8a87a004d35ac753083a11e923443111221b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 12 Sep 2022 19:08:26 GMT
Last-Modified: Mon, 12 Sep 2022 18:17:47 GMT
Server: ECS (nyb/1DCD)
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7-RKNYzBX1oqrVKiEIKeP7xbOclXFvk-ksu5x7-FXchB_8KddASGKQ==
Age: 3039

api.pushnami.com/scripts/v2/pushnami-sw/5d939f752315a90012419008

54.230.111.75

200 OK

20 kB

URL HTTP/2
api.pushnami.com/scripts/v2/pushnami-sw/5d939f752315a90012419008
IP
54.230.111.75:0
ASN
#16509 AMAZON-02

File type
data
Size
20 kB (20429 bytes)
Hash
b1289fd895200f902c0ba475c3281af3
3f02b5e7e1b57a5ed043b94567c92272cd967ef9
2dc49bf60f3bb71754eac025e5fac947c4e8f9ba4676cbaa18d347f788f42f25

HTTP Headers

GET /scripts/v2/pushnami-sw/5d939f752315a90012419008 HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://us-cashisgood.yousweeps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 12 Sep 2022 19:03:40 GMT
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dWXn6-EuXEnungTFjGt8a9NO2gNS1PefcbkZGczO690LraeWGXTrfQ==
age: 283
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
a00c653a48d8e5be0e97f243390ba2ed
32f0757678891a81aeb629f86d7289ee44b4f6e9
2bc0c6130e825fdbb1160842e18e18669842b1ce12599a086d1b735ae59c20f8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 12 Sep 2022 19:08:26 GMT
Last-Modified: Mon, 12 Sep 2022 18:39:04 GMT
Server: ECS (nyb/1D0C)
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6-Jyu6IjdgPJWnY6nUgxBLMa-7eP5Tk13hH_BbfOt4zLNU0E_vSgow==
Age: 1762

api.trustedform.com/certs/3b2372e2167f7383cff19bd504238508ee87659b/events

34.197.244.247

204 No Content

0 B

URL HTTP/2
api.trustedform.com/certs/3b2372e2167f7383cff19bd504238508ee87659b/events
IP
34.197.244.247:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /certs/3b2372e2167f7383cff19bd504238508ee87659b/events HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 81494
Origin: https://us-cashisgood.yousweeps.com
Connection: keep-alive
Referer: https://us-cashisgood.yousweeps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Mon, 12 Sep 2022 19:08:27 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2

142.250.74.163

200 OK

47 kB

URL HTTP/2
fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 47048, version 1.0\012- data
Size
47 kB (47048 bytes)
Hash
87a1556b696ae2cb1a726bd8c4584a2f
1be0f6f39e0cf316f9827f945eeeaef8294cc37b
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

HTTP Headers

GET /s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://us-cashisgood.yousweeps.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47048
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:27:54 GMT
expires: Thu, 07 Sep 2023 19:27:54 GMT
cache-control: public, max-age=31536000
age: 430833
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

api.trustedform.com/certs/3b2372e2167f7383cff19bd504238508ee87659b/events

34.197.244.247

204 No Content

0 B

URL HTTP/2
api.trustedform.com/certs/3b2372e2167f7383cff19bd504238508ee87659b/events
IP
34.197.244.247:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /certs/3b2372e2167f7383cff19bd504238508ee87659b/events HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1946
Origin: https://us-cashisgood.yousweeps.com
Connection: keep-alive
Referer: https://us-cashisgood.yousweeps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Mon, 12 Sep 2022 19:08:28 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

104.18.10.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://us-cashisgood.yousweeps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 12 Sep 2022 19:08:22 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 12/13/2021 20:18:53
cdn-edgestorageid: 755
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.02
cdn-requestid: 48135f30fbfcba704628453df5764d8f
cdn-cache: HIT
cf-cache-status: HIT
age: 8459187
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 749aee6d8ffa0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

psp.pushnami.com/api/psp

54.145.115.118

200 OK

0 B

URL HTTP/2
psp.pushnami.com/api/psp
IP
54.145.115.118:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

OPTIONS /api/psp HTTP/1.1
Host: psp.pushnami.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Referer: https://us-cashisgood.yousweeps.com/
Origin: https://us-cashisgood.yousweeps.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 12 Sep 2022 19:08:23 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://us-cashisgood.yousweeps.com
access-control-allow-credentials: true
access-control-expose-headers: content-type, content-length, etag
access-control-max-age: 600
access-control-allow-headers: key
access-control-allow-methods: POST
cache-control: no-cache
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2

create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2

104.22.39.182

200 OK

0 B

URL HTTP/2
create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2
IP
104.22.39.182:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2 HTTP/1.1
Host: create.lidstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://us-cashisgood.yousweeps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 12 Sep 2022 19:08:25 GMT
content-type: text/javascript
x-amz-id-2: 21ZuORrk610+Z/GCUMNxGjtNEASKLQIYNfGqi2BLWbVMqLpX7W3enNpOSaI6CB4JjV6Wl7B2zBw=
x-amz-request-id: X98NV7NXBZ8413CW
x-amz-replication-status: COMPLETED
last-modified: Fri, 12 Nov 2021 01:03:14 GMT
etag: W/"c1b63af7a7b19a763acad8d5c8cd9bbf"
cache-control: max-age=1800
x-amz-version-id: 5yLl2FQWzrJvU7eydGWwVP0icPOiI1rY
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 749aee804ccb95e5-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/InitFormData?msn=4&pid=a07cda02-fe5e-45e2-bd25-93cee7b9256a&token=43255767-F36D-A1FA-CFB0-FD0677838F57&_=276418551

52.20.13.104

200 OK

0 B

URL HTTP/2
create.leadid.com/2.11.9/InitFormData?msn=4&pid=a07cda02-fe5e-45e2-bd25-93cee7b9256a&token=43255767-F36D-A1FA-CFB0-FD0677838F57&_=276418551
IP
52.20.13.104:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /2.11.9/InitFormData?msn=4&pid=a07cda02-fe5e-45e2-bd25-93cee7b9256a&token=43255767-F36D-A1FA-CFB0-FD0677838F57&_=276418551 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 5558
Origin: https://us-cashisgood.yousweeps.com
Connection: keep-alive
Referer: https://us-cashisgood.yousweeps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Sep 2022 19:08:27 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Wed, 12-Oct-2022 19:08:27 GMT; Max-Age=2592000; path=/
rguserid=838214c4-f729-47ea-a8de-7f1025a34dc1; expires=Wed, 12-Oct-2022 19:08:27 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Wed, 12-Oct-2022 19:08:27 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Wed, 12-Oct-2022 19:08:27 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7

54.230.111.75

200 OK

0 B

URL HTTP/2
api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
IP
54.230.111.75:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7 HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://us-cashisgood.yousweeps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 12 Sep 2022 19:08:22 GMT
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: l1lBYQionxby0R7oQfdVQTKD1XIwlyph3zPvPW5IBwpIIQzjZjaoig==
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/SaveDom?msn=2&pid=a07cda02-fe5e-45e2-bd25-93cee7b9256a&token=43255767-F36D-A1FA-CFB0-FD0677838F57&_=276418549

52.20.13.104

200 OK

0 B

URL HTTP/2
create.leadid.com/2.11.9/SaveDom?msn=2&pid=a07cda02-fe5e-45e2-bd25-93cee7b9256a&token=43255767-F36D-A1FA-CFB0-FD0677838F57&_=276418549
IP
52.20.13.104:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /2.11.9/SaveDom?msn=2&pid=a07cda02-fe5e-45e2-bd25-93cee7b9256a&token=43255767-F36D-A1FA-CFB0-FD0677838F57&_=276418549 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 494
Origin: https://us-cashisgood.yousweeps.com
Connection: keep-alive
Referer: https://us-cashisgood.yousweeps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Sep 2022 19:08:26 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Wed, 12-Oct-2022 19:08:26 GMT; Max-Age=2592000; path=/
rguserid=fca9701e-81f7-4799-b201-bb72e3788dbc; expires=Wed, 12-Oct-2022 19:08:26 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Wed, 12-Oct-2022 19:08:26 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Wed, 12-Oct-2022 19:08:26 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

deviceid.trueleadid.com/iframe.html?token=43255767-F36D-A1FA-CFB0-FD0677838F57&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593

3.210.54.31

200 OK

0 B

URL HTTP/2
deviceid.trueleadid.com/iframe.html?token=43255767-F36D-A1FA-CFB0-FD0677838F57&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593
IP
3.210.54.31:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /iframe.html?token=43255767-F36D-A1FA-CFB0-FD0677838F57&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593 HTTP/1.1
Host: deviceid.trueleadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 12 Sep 2022 19:08:26 GMT
content-type: text/html
server: nginx
last-modified: Mon, 13 Jun 2022 14:52:50 GMT
etag: W/"62a74f42-1049"
expires: Tue, 13 Sep 2022 19:08:26 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: max-age=86400, public
content-encoding: gzip
X-Firefox-Spdy: h2

us-cashisgood.yousweeps.com/

104.21.34.106

200 OK

0 B

URL HTTP/2
us-cashisgood.yousweeps.com/
IP
104.21.34.106:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: us-cashisgood.yousweeps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jamrbykn.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 12 Sep 2022 19:08:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.33
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lnmcURb1E3Pshp%2FgW5R5HCWdcokBRpNUGcRN9HUSZrEYaeoMZ44dCTMj%2FY96WMg9qox6lMm6LfJR6xbZO%2B4HD0Gc0rCUJUWTCuFBACkrdmcwKzTNngTmQykhrBx3dcIx2ODfWPp%2FpRBTproAFq4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 749aee6bfe98b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

lpapi.d-promo.com/click/generate/?reqid=2264309202&oid=27966&aid=2500&cid=564501&sid=722112

172.67.149.140

200 OK

0 B

URL HTTP/2
lpapi.d-promo.com/click/generate/?reqid=2264309202&oid=27966&aid=2500&cid=564501&sid=722112
IP
172.67.149.140:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /click/generate/?reqid=2264309202&oid=27966&aid=2500&cid=564501&sid=722112 HTTP/1.1
Host: lpapi.d-promo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://us-cashisgood.yousweeps.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 12 Sep 2022 19:08:22 GMT
content-type: application/json
vary: Accept-Encoding
x-powered-by: PHP/7.4.28
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2FNxka0aHQ3zKaRNzCGG3Xd%2FXB%2FoGFwAuOYj4q%2B6r2JlBQmDw4x6Y91BjQ5Bc%2FgbDDDSTw7Q%2B%2F4TFeeY63U3dr8aIbfghkgqcbC4okumSGLnM77bkeQoyRozFvyCWGog7WBxyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 749aee700fd4b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.trustedform.com/trustedform-1.8.27.js

54.230.111.91

200 OK

0 B

URL HTTP/2
cdn.trustedform.com/trustedform-1.8.27.js
IP
54.230.111.91:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /trustedform-1.8.27.js HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://us-cashisgood.yousweeps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 16 Aug 2022 18:53:06 GMT
x-amz-version-id: 6olc5v40B1RpRJGb5GYISB93fSUp4tqK
server: AmazonS3
content-encoding: gzip
date: Mon, 12 Sep 2022 19:08:23 GMT
etag: W/"2f557edcc84fd346c897a4d565e57ac0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PM5XDw2QWyBL9LyKVq5Kk3lsa4qJgLHOrs-8cRQg58CFzHt81dDamQ==
age: 16
X-Firefox-Spdy: h2

api.pushnami.com/scripts/v2/pushnami-sw/5d939f752315a90012419008

54.230.111.75

200 OK

0 B

URL HTTP/2
api.pushnami.com/scripts/v2/pushnami-sw/5d939f752315a90012419008
IP
54.230.111.75:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /scripts/v2/pushnami-sw/5d939f752315a90012419008 HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 12 Sep 2022 19:03:40 GMT
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vanxIBgi69uud3om0fPCuXJV1Y6qsdHKsyKuKdz-8FxQB15RBkPLMw==
age: 287
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

104.18.10.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://us-cashisgood.yousweeps.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 12 Sep 2022 19:08:22 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 2021-04-23 06:29:02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 6a91d2c867066733b6d92a7a528c5c2e
cdn-cache: HIT
cf-cache-status: HIT
age: 11120039
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 749aee6dc82e0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=PT+Sans:400,700

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=PT+Sans:400,700
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=PT+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://us-cashisgood.yousweeps.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 12 Sep 2022 19:08:22 GMT
date: Mon, 12 Sep 2022 19:08:22 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16630096897520.45102322553745033&invert_field_sensitivity=false

54.230.111.91

200 OK

0 B

URL HTTP/2
cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16630096897520.45102322553745033&invert_field_sensitivity=false
IP
54.230.111.91:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16630096897520.45102322553745033&invert_field_sensitivity=false HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgood.yousweeps.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 12 Sep 2022 19:08:23 GMT
last-modified: Tue, 16 Aug 2022 18:53:06 GMT
x-amz-version-id: 9tpprjSXF1V1i663qaS1L8y.yb5CQ2dA
etag: W/"97d91c9803cec4e7981c0f415c2c1923"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VrI2Tvq0GjWC8CJkm_m-chh34q521iKSum3dY1u86UEc0C-tbomuTw==
X-Firefox-Spdy: h2

api.pushnami.com/scripts/v1/hub

54.230.111.75

200 OK

0 B

URL HTTP/2
api.pushnami.com/scripts/v1/hub
IP
54.230.111.75:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /scripts/v1/hub HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://us-cashisgood.yousweeps.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Mon, 12 Sep 2022 18:31:16 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: X-Requested-With
content-security-policy: default-src 'unsafe-inline' *
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ItuqEBmJxMZ55U1zS4JjNnVBHHt0GSNvUtrAoSxUD8QR2blnJFmuNA==
age: 2226
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations