us-series9-tp.foryoupromo.com Open in urlscan Pro
2606:4700:3030::6815:4ebc Public Scan

Go To Rescan
Add Verdict Report

URL:
https://us-series9-tp.foryoupromo.com/
Submission: On March 25 via api (March 25th 2024, 5:29:49 pm UTC) from US — Scanned from US

Summary HTTP 65 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 15 IPs in 1 countries across 9 domains to perform 65 HTTP transactions. The main IP is 2606:4700:3030::6815:4ebc, located in United States and belongs to CLOUDFLARENET, US. The main domain is us-series9-tp.foryoupromo.com.
TLS certificate: Issued by GTS CA 1P5 on March 19th 2024. Valid for: 3 months.

This is the only time us-series9-tp.foryoupromo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	2606:4700:303... 2606:4700:3030::6815:4ebc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80f::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3031::6815:5724	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	3.214.163.202 3.214.163.202	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:21d... 2600:9000:21dd:ae00:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:29e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.164.124.65 18.164.124.65	16509 (AMAZON-02) (AMAZON-02)
6	3.214.34.187 3.214.34.187	14618 (AMAZON-AES) (AMAZON-AES)
1	18.164.115.36 18.164.115.36	16509 (AMAZON-02) (AMAZON-02)
1	108.139.47.118 108.139.47.118	16509 (AMAZON-02) (AMAZON-02)
3	45.223.17.68 45.223.17.68	19551 (INCAPSULA) (INCAPSULA)
4	54.86.108.51 54.86.108.51	14618 (AMAZON-AES) (AMAZON-AES)
1	34.194.221.185 34.194.221.185	14618 (AMAZON-AES) (AMAZON-AES)
2	3.218.149.76 3.218.149.76	14618 (AMAZON-AES) (AMAZON-AES)
65	15

31 2606:4700:3030::6815:4ebc (United States)

ASN13335 (CLOUDFLARENET, US)

us-series9-tp.foryoupromo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3031::6815:5724 (United States)

ASN13335 (CLOUDFLARENET, US)

lpapi.d-promo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.214.163.202 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-163-202.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21dd:ae00:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:29e5 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.164.124.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-65.jfk50.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.214.34.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-34-187.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.115.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-115-36.jfk50.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.47.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-118.jfk50.r.cloudfront.net

cdn.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.223.17.68 (United States)

ASN19551 (INCAPSULA, US)

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.86.108.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-108-51.compute-1.amazonaws.com

psp.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.221.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-221-185.compute-1.amazonaws.com

fpc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.218.149.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-149-76.compute-1.amazonaws.com

trc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	foryoupromo.com us-series9-tp.foryoupromo.com	478 KB
10	pushnami.com api.pushnami.com — Cisco Umbrella Rank: 6902 cdn.pushnami.com — Cisco Umbrella Rank: 25116 psp.pushnami.com — Cisco Umbrella Rank: 28998 fpc.pushnami.com — Cisco Umbrella Rank: 173206 trc.pushnami.com — Cisco Umbrella Rank: 7279	350 KB
10	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 33920 cdn.trustedform.com — Cisco Umbrella Rank: 39981	38 KB
6	leadid.com create.leadid.com — Cisco Umbrella Rank: 20248	4 KB
3	trueleadid.com deviceid.trueleadid.com — Cisco Umbrella Rank: 26076	21 KB
3	d-promo.com lpapi.d-promo.com	89 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net	2 KB
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 30424	38 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	964 B
65	9

	Domain	Requested by
31	us-series9-tp.foryoupromo.com	us-series9-tp.foryoupromo.com cdn.trustedform.com
8	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
6	create.leadid.com	create.lidstatic.com deviceid.trueleadid.com
4	psp.pushnami.com	cdn.pushnami.com api.pushnami.com
3	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net deviceid.trueleadid.com
3	lpapi.d-promo.com	us-series9-tp.foryoupromo.com
2	trc.pushnami.com	api.pushnami.com
2	api.pushnami.com	us-series9-tp.foryoupromo.com api.pushnami.com
2	cdn.trustedform.com	api.trustedform.com
1	fpc.pushnami.com	api.pushnami.com
1	cdn.pushnami.com	api.pushnami.com
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	create.lidstatic.com	us-series9-tp.foryoupromo.com
1	fonts.googleapis.com	us-series9-tp.foryoupromo.com
65	14

This site contains links to these domains. Also see Links.

Domain
foryoupromo.com
customercare.today

Subject Issuer	Validity	Valid
foryoupromo.com GTS CA 1P5	`2024-03-19` - `2024-06-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
d-promo.com E1	`2024-02-25` - `2024-05-25`	3 months	crt.sh
lidstatic.com E1	`2024-01-28` - `2024-04-27`	3 months	crt.sh
*.pushnami.com Amazon RSA 2048 M02	`2024-02-03` - `2025-03-03`	a year	crt.sh
create.leadid.com Amazon RSA 2048 M02	`2023-08-21` - `2024-09-17`	a year	crt.sh
*.trustedform.com Amazon RSA 2048 M03	`2023-08-11` - `2024-09-07`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
cdn.trustedform.com Amazon RSA 2048 M03	`2024-02-13` - `2025-03-13`	a year	crt.sh
imperva.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-25` - `2024-09-21`	6 months	crt.sh

This page contains 4 frames:

Primary Page: https://us-series9-tp.foryoupromo.com/
Frame ID: D84648479436A194BEFDAE3A5B4CC3CC
Requests: 57 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 9834C1F91F870DE9B1893DE7965030F5
Requests: 1 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=BFA5FDE0-B169-81F9-F1AC-B7ABFA2A107F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593
Frame ID: 96FCADB92D3549C410C29DED1EEA5749
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=BFA5FDE0-B169-81F9-F1AC-B7ABFA2A107F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593
Frame ID: 8AE5FD4DDCF8B672F25A36F9CE850F54
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Pushnami (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.pushnami\.com

Page Statistics

65
Requests

98 %
HTTPS

36 %
IPv6

9
Domains

14
Subdomains

15
IPs

1
Countries

1032 kB
Transfer

2717 kB
Size

5
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://foryoupromo.com/us/about-us/
Title: About us

Search URL Search Domain Scan URL

URL: https://foryoupromo.com/us/terms-of-use/
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://foryoupromo.com/us/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://customercare.today/us/
Title: Opt-out of data sale

Search URL Search Domain Scan URL

URL: https://foryoupromo.com/us/official-rules/
Title: Official rules

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17113877796730.843021958522195&invert_field_sensitivity=false HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17113877796730.843021958522195&invert_field_sensitivity=false

65 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
us-series9-tp.foryoupromo.com/ 68 KB
9 KB 246ms
97ms Document
text/html 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-series9-tp.foryoupromo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Next.js
Resource Hash: de848d26a64f01be28a67a5012d8f6f68347e2643086bb4d6c6d1e861b82a47c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=3600, stale-while-revalidate
cf-cache-status: DYNAMIC
cf-ray: 86a09fcf5a1d4bd3-BUF
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 25 Mar 2024 17:29:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T3mhUO7sDK%2BDhb3YCL99baKijEeU2aPcrlZ%2Bml%2BB%2FbYl3T11sXeiizdvlzC%2BsIpTiKanUPVCwiG9%2FXdsAyGiI4JscxCn%2Bzeq1o37rkARyLklz%2Ft7rm0bx7ipelYC%2Fn%2FovDOf1N7X%2B37o5Rd9unHNqIUBY2rrEeE5g8r8pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
x-nextjs-cache: STALE
x-powered-by: Next.js

GET
H2 200 cc583212abde95b6.css
us-series9-tp.foryoupromo.com/_next/static/css/ 103 KB
17 KB 98ms
93ms Stylesheet
text/css 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-series9-tp.foryoupromo.com/_next/static/css/cc583212abde95b6.css
Requested by: Host: us-series9-tp.foryoupromo.com
URL: https://us-series9-tp.foryoupromo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 932625e518ff207e861f260e0b56e2d890749dda7235062e2ca4805edf492b45

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
etag: W/"19a5c-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yLc%2BfCKFk%2FiyDQWfe8nWVKX%2FgegYhTyf9gYsxfl256HvAUZF1w6nL9n3LIt3j4ccCEZK%2F%2FYalrzexiGccP3m3LRV7crB4lxzpSjhZi5ayBklfiTWuUeYSShnWRObpFFDsBDa1DmbTFOhAcJIeG329vJQHjeRdUnFb9xrAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
server: cloudflare
cache-control: public, max-age=31536000, immutable
cf-ray: 86a09fd02a884bd3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 webpack-bb5cf7c4e60b9783.js Show response
us-series9-tp.foryoupromo.com/_next/static/chunks/ 6 KB
3 KB 86ms
82ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/webpack-bb5cf7c4e60b9783.js
Requested by: Host: us-series9-tp.foryoupromo.com
URL: https://us-series9-tp.foryoupromo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbcb505899a64b16d08c04d2a8764b3b35bde72f0b692fd6feb41e0a53b7b0e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
etag: W/"1748-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=64YyRK24jBSZQxrF5Sni4gUFy15Ev98NbEfFT0cBP7ywXbu90OKKPO7aJh7ynRgBeQgE2pQrqwyFryfO04oZ14GnZcz6etiZfhkncfaC0WfI28yTndJMQiCNaq2v7BxPFAsdSM9pYtcW1sUrsdywu%2BO2PcM35cvmYWyTbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
server: cloudflare
cache-control: public, max-age=31536000, immutable
cf-ray: 86a09fd02a8a4bd3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 framework-92a422f151f77ddb.js Show response
us-series9-tp.foryoupromo.com/_next/static/chunks/ 138 KB
45 KB 189ms
170ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/framework-92a422f151f77ddb.js
Requested by: Host: us-series9-tp.foryoupromo.com
URL: https://us-series9-tp.foryoupromo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c085969288e366f115fd6ba1c93ce5c3ffecb65f6298a770385e192872f96252

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
etag: W/"226b9-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s9Lg6rXbC55NNQiE9UWZthtAeBN%2FbvkI12T0BrkS76RrzTXErRL52FI%2B4a1DBNtoEO4d1%2F7vp7VELyHaKD9rL%2FOBrN1sgV5BuwnwUngaE%2FkLfL4aVaYwXI3b%2BkyfnjMkRdbfWJhtZOHB%2FFFcLxF8iAi1Rxam9Fg%2FnG19UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
server: cloudflare
cache-control: public, max-age=31536000, immutable
cf-ray: 86a09fd42ca14bd3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 main-3ddcad86c0b8c094.js Show response
us-series9-tp.foryoupromo.com/_next/static/chunks/ 124 KB
37 KB 120ms
101ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/main-3ddcad86c0b8c094.js
Requested by: Host: us-series9-tp.foryoupromo.com
URL: https://us-series9-tp.foryoupromo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bca92b278d68953e3f3e9bd23b31caabd8f3286f2ffc6c72239db68b7e02377

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
etag: W/"1ee6b-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eGKhvP7tSVV8T2v0g1Z6TUi%2FgE65NeDFFeuQnwxA8y%2BHtMkzBtfK98c5TdC3IcHvzoSGKo9838Ppp1EMth%2Bbjy1Njwjygj%2Fb0QA7vFv9fTE8UQeu0otJLKvyk1ksDXm%2F2oB6tJNcC9VkbVRSM6uRpApSMnLqHwUdf0UFcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
server: cloudflare
cache-control: public, max-age=31536000, immutable
cf-ray: 86a09fd42ca34bd3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 _app-1db5358e5adcd096.js Show response
us-series9-tp.foryoupromo.com/_next/static/chunks/pages/ 246 KB
75 KB 189ms
170ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/pages/_app-1db5358e5adcd096.js
Requested by: Host: us-series9-tp.foryoupromo.com
URL: https://us-series9-tp.foryoupromo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec0891f887d26d0c505fc088bf8402aba8b1f7239c910bed518268b9f969e359

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
etag: W/"3d8aa-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ATqYX%2BBSbd5GrCiNgBgjSjz7R%2F87GXROIYz3Ss1g0F1pVDaUewKrqRgwP8QrrctQ0A%2Fcxqmzpn%2F1J5R7juiYBTsDMVEGqc%2BWaEUicUWbCcJWIoAHE2fZVxY7yDyEKkxyF4oLG91FbmtxOVN2MZBNb4Q8LjepZHyDuaiAWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
server: cloudflare
cache-control: public, max-age=31536000, immutable
cf-ray: 86a09fd42ca44bd3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 b637e9a5-445986cafd87aa11.js Show response
us-series9-tp.foryoupromo.com/_next/static/chunks/ 85 KB
31 KB 115ms
97ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/b637e9a5-445986cafd87aa11.js
Requested by: Host: us-series9-tp.foryoupromo.com
URL: https://us-series9-tp.foryoupromo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f8286214f7f23287908ec2c6da7f8ea5ed67fef0bd3a7d70eead2411033b8dd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
etag: W/"152b1-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A1TEz%2BmIrRi5NSJLCuM%2FCsLE45moBM%2BB%2Fsxy%2FnS8q7ou59MvcMJS9ciZW2uNbNClhhgBka5zN72vXKz6%2FdnI13MM4FlbaeF8U5FZ029M9xAwuk9BlXVLFatzZ%2BZpfXvkL2VZZjkA1mOUU5QJW9XaCkzuZ816jY%2Bj7fMsXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
server: cloudflare
cache-control: public, max-age=31536000, immutable
cf-ray: 86a09fd42ca54bd3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 4870-ffe4bae46444420d.js Show response
us-series9-tp.foryoupromo.com/_next/static/chunks/ 357 KB
112 KB 154ms
136ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/4870-ffe4bae46444420d.js
Requested by: Host: us-series9-tp.foryoupromo.com
URL: https://us-series9-tp.foryoupromo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 808eb1aa1ec1ee07e101b17e80454b47790ca3ad7079a19bf31edd6152fea2f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
etag: W/"59508-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EwhRWSsH8ph15qCTdDN6iT9Za8MwNANOKSWIya%2B1F2dAg5xi5lXul2rzgTVxjaFg6a7xqlXrmsSGifCkMDDOAjZl%2FOH54W2sjaDFeE31SZoU5SOM5e1KdUcJU8UNIGORPD7k%2FrfvbBCjRI0Vey4IbPwrF%2FF5NwbxxyqQqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
server: cloudflare
cache-control: public, max-age=31536000, immutable
cf-ray: 86a09fd42ca64bd3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 %5Blandingpage%5D-2801abb4f535c4e1.js Show response
us-series9-tp.foryoupromo.com/_next/static/chunks/pages/landingpages/ 70 KB
18 KB 117ms
100ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/pages/landingpages/%5Blandingpage%5D-2801abb4f535c4e1.js
Requested by: Host: us-series9-tp.foryoupromo.com
URL: https://us-series9-tp.foryoupromo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b926b084518aeb379593046757fa1e25cb9eb434798b98ed10936273d2b901ba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
etag: W/"11974-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f9SgC24V4vNCCBdK0w0mjpw8pW4ugTXmaoh8nSaZ%2FWAcOZ%2FePlmHwFVb2%2F8yvKSxoK94xg2nVfIugrb0DQX%2BMcCG0EaNLwUszkNXK7%2F%2FnMC34Q8Kf6kFvSuZnxyVe4%2F58EGYuSYVnNwy1od6u4ReOgA8cH5id1457fEIkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
server: cloudflare
cache-control: public, max-age=31536000, immutable
cf-ray: 86a09fd42ca74bd3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 _buildManifest.js Show response
us-series9-tp.foryoupromo.com/_next/static/RV9AasyYMpvosWJODQ0v1/ 649 B
696 B 94ms
78ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-series9-tp.foryoupromo.com/_next/static/RV9AasyYMpvosWJODQ0v1/_buildManifest.js
Requested by: Host: us-series9-tp.foryoupromo.com
URL: https://us-series9-tp.foryoupromo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d541bb45351bf62dcb1c814122813e9e5cbaa8d2d1954caf6b515bcbeae9b45

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
etag: W/"289-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zxd%2Bq6mqQ3mgOYa9I8Mi6vZCmZNY0i4mBYFae2uaYvsLfWEyvyt69PmmRRO6FVgo%2F9%2BHdKxbJZP9ZQcNX5Vxy2xhN0HTfG4Unl2gb499U4yGxQRt%2BWbRs3nf%2Bv2SoSFa%2Bw%2Fc0CBKpmslY9wM%2Fm9X5%2FH0VnSLktXepKsFRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
server: cloudflare
cache-control: public, max-age=31536000, immutable
cf-ray: 86a09fd42ca84bd3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 _ssgManifest.js Show response
us-series9-tp.foryoupromo.com/_next/static/RV9AasyYMpvosWJODQ0v1/ 119 B
392 B 114ms
98ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-series9-tp.foryoupromo.com/_next/static/RV9AasyYMpvosWJODQ0v1/_ssgManifest.js
Requested by: Host: us-series9-tp.foryoupromo.com
URL: https://us-series9-tp.foryoupromo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d74bdd6d4a41d352668bd82d267ab63420ecf7e805d0bc55ed885bb26789b72

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
etag: W/"77-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gteov5CTuPWaAuFuibugsuUB4v3kWAgnJZEqc0RzLpKIdM3b3LoESrdMPZ2VlY%2FlLmhEgOr81amezt7UFSqglT6MnGmYIZ86fwIwV9dPy86NXigmt3nSLTWPeJX1bsYgWb5BIlyfaHtCUjUZSdeHErcP9JviueryRiHVow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
server: cloudflare
cache-control: public, max-age=31536000, immutable
cf-ray: 86a09fd42ca94bd3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 2 KB
964 B 140ms
48ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: us-series9-tp.foryoupromo.com
URL: https://us-series9-tp.foryoupromo.com/_next/static/css/cc583212abde95b6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f90de736f6ff83da489522cee313c012ce3309322e062293f92680c64489f151

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 25 Mar 2024 17:29:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Mar 2024 16:46:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Mar 2024 17:29:39 GMT

GET
H2 200 cb1608f2.3fe8f06f6fb87416.js Show response
us-series9-tp.foryoupromo.com/_next/static/chunks/ 4 KB
2 KB 73ms
61ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/cb1608f2.3fe8f06f6fb87416.js
Requested by: Host: us-series9-tp.foryoupromo.com
URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/webpack-bb5cf7c4e60b9783.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83b57c31e74acb8a3784609beb9ce31347303ed8a946a2498b82b7b0a78653d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
etag: W/"e82-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qPz1ZCyrrVJQOmuuAQnldNCAL5Rytx%2BVd24ZZuPZuEn%2FMsyqCgVOLJxIuGxKtWlItQYTlJHF9U7LUsXR0yA5kbw0XzyG8QRKrzUcNJvvNGbadcVg4L5dXYrFhedhOjAFxxZkTDW7qVrZWm7F%2Fxlnj17ftnNC%2BZjjfP1M4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
server: cloudflare
cache-control: public, max-age=31536000, immutable
cf-ray: 86a09fd6edc44bd3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 2814.600547a8c4b34b37.js Show response
us-series9-tp.foryoupromo.com/_next/static/chunks/ 42 KB
15 KB 128ms
117ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/2814.600547a8c4b34b37.js
Requested by: Host: us-series9-tp.foryoupromo.com
URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/webpack-bb5cf7c4e60b9783.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1ab66a7491b6307e5fdc14fbd5b0de4ecac697c38c3ef15ff140b976dc00720

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
etag: W/"a81a-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rbYl3fcRN%2F0ub17vETM9Uqu8dF6fF55ClHS%2FjfKrnVzvNwlQC1KnzCyB%2Bvqzf%2F9nLJfgNXEA%2FyVeQWbgMGb4fF9MBzSUP58lgJTVJqLNgYWN%2FBFamNwI6oaNbxnhtI6TA%2FP5j04z57KCybD3KWmBrHtjndqwXEKNrj9Fpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
server: cloudflare
cache-control: public, max-age=31536000, immutable
cf-ray: 86a09fd6edc54bd3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 18000b2dd9e09b14.css
us-series9-tp.foryoupromo.com/_next/static/css/ 2 KB
866 B 89ms
79ms Stylesheet
text/css 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-series9-tp.foryoupromo.com/_next/static/css/18000b2dd9e09b14.css
Requested by: Host: us-series9-tp.foryoupromo.com
URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/webpack-bb5cf7c4e60b9783.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 662da46afc9e07d66bf7710d731a7eb1abf5c44b4e04f8846ea517b75351fd78

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
etag: W/"810-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5LNu3E0sKKfgxrge6B%2FKxCChfl9FH%2BkgJCHW9bSNRv77gbWWie9BUcDoKOCUXGXomhXLyMtLKP6TvVvisGYJUhcxT3Ev2VCNewgjUbAOGUgfIaBTOBYxcPJ7tNOSKdA6VIfLexVK0dfRzBfqrP0%2B8c0giTvvMDJQDU43Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
server: cloudflare
cache-control: public, max-age=31536000, immutable
cf-ray: 86a09fd6edc34bd3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 4847.6e4a77d9cf4f30aa.js Show response
us-series9-tp.foryoupromo.com/_next/static/chunks/ 12 KB
4 KB 86ms
77ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/4847.6e4a77d9cf4f30aa.js
Requested by: Host: us-series9-tp.foryoupromo.com
URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/webpack-bb5cf7c4e60b9783.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 710aad264729f21c74b23996e7d47e04ae3c67394765b48978799cd89139ae34

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
etag: W/"2fce-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XI9Mfa1G6Nt88hLUpJOtlQ5DJzALykzAyZthbdj5L3Pg3g9YYxtSqTrOmHKtmWbgjXD8I7pp3jxdo70NE8v6XXG8bA8LWeYWrv0gPa%2Bap%2FHMnTtt3MPa0TZYA8k97BWDLlTHYKnDVloxBJpoC1PPm%2FRLaSpd4%2F%2ByFWvJFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
server: cloudflare
cache-control: public, max-age=31536000, immutable
cf-ray: 86a09fd6edc64bd3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
lpapi.d-promo.com/survey/getSurveyData/32_questions.json/ 119 KB
24 KB 525ms
340ms XHR
application/javascript 2606:4700:3031::6815:5724
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lpapi.d-promo.com/survey/getSurveyData/32_questions.json/
Requested by: Host: us-series9-tp.foryoupromo.com
URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/pages/_app-1db5358e5adcd096.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.28
Resource Hash: 75668dfde01cb45dc3aaf5ec76fbd7ccd2ca29136783e8457fcbda3cf43982f1

Request headers

Accept: application/json, text/plain, */*
Referer: https://us-series9-tp.foryoupromo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.28
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fpa1n8YnqRy6eX3aYrK8%2BpN6lTe7%2FaGSRIoRBj2dyilelP0vK%2FlGzo4AvSV6VYhwxzEZkUaqfLOICmuEF%2Bdia9eGILViHL5mrCCzBUUEmdYFGEHgW11YFcsD3XHi6%2BdWlm64q8BnPa2rAZd0rW0DPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://us-series9-tp.foryoupromo.com
access-control-allow-credentials: true
cf-ray: 86a09fd8b8aa4bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
lpapi.d-promo.com/survey/getSurveyData/32_ads.json/ 402 KB
61 KB 440ms
255ms XHR
application/javascript 2606:4700:3031::6815:5724
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lpapi.d-promo.com/survey/getSurveyData/32_ads.json/
Requested by: Host: us-series9-tp.foryoupromo.com
URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/pages/_app-1db5358e5adcd096.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.28
Resource Hash: 5258c332a53a8297826f21d9ff58c6445c255f8b89141983caf6c50b512a857c

Request headers

Accept: application/json, text/plain, */*
Referer: https://us-series9-tp.foryoupromo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.28
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7HsRpLqtGbLwUxD%2BNtcDIZIEq1b%2BPAPo7MdO%2FPEPumblBNIM4UU2NB4K83hB7%2FCGr9%2FUcQXml4fdYqGs2lu6K01jBbftcyMqe5NvsUMwTNsqbpk5xMelUeFe%2BzvEVM4vioWnzTjHBjQS5RhbCSBFVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://us-series9-tp.foryoupromo.com
access-control-allow-credentials: true
cf-ray: 86a09fd818354bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
lpapi.d-promo.com/survey/getSurveyData/32_cosponsors.json/ 25 KB
4 KB 447ms
263ms XHR
application/javascript 2606:4700:3031::6815:5724
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lpapi.d-promo.com/survey/getSurveyData/32_cosponsors.json/
Requested by: Host: us-series9-tp.foryoupromo.com
URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/pages/_app-1db5358e5adcd096.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.28
Resource Hash: f4f536031266b71a46d1df016a1321da643f16c14966c6329b1ce52456c05aee

Request headers

Accept: application/json, text/plain, */*
Referer: https://us-series9-tp.foryoupromo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.28
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N0fElCXjcOP8%2FoCyy7736gI4NVGYn46avpo64qGgEUNae56ogSs4Z4P03z3FCU3aaHWSdW6fHx2Ippfy6YYxgAmO06hiieuup7psr2cfOa%2FzQ4lu7npkHYrmhBvW7H1VmA0rYtu6b1XlcKDheTkkrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://us-series9-tp.foryoupromo.com
access-control-allow-credentials: true
cf-ray: 86a09fd818384bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17113877796730.843021958522195&invert_field_sensitivity=false
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17113877796730.843021958522195&invert_field_sensitivity=false

8 KB
3 KB

377ms
66ms

Script
application/javascript

2600:9000:21dd:ae00:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17113877796730.843021958522195&invert_field_sensitivity=false
Protocol: H2
Server: 2600:9000:21dd:ae00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35cbf6a6e5e7ff72ebb142669e1727de048df4fc13fc9fb5d9bd2d8334de7a71

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:41 GMT
x-amz-version-id: 7vIkJvyolGqbg6GwGNTrdIJEDlxffe_N
content-encoding: gzip
last-modified: Mon, 25 Mar 2024 16:29:49 GMT
server: AmazonS3
via: 1.1 326fd0f07e6ce3b75fa751c6965f21c8.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
etag: W/"e11406d1e7ba652ddbe0623e1207c210"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: Ug_aSTP8OmW0jskmTPk86mChoBN0tb7bOMGa6wlbFjCm5XSgAAlv4Q==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17113877796730.843021958522195&invert_field_sensitivity=false
date: Mon, 25 Mar 2024 17:29:39 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 a62329fc-b047-95ca-1835-43098649ff47.js Show response
create.lidstatic.com/campaign/ 121 KB
38 KB 340ms
163ms Script
text/javascript 2606:4700:10::ac43:29e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2
Requested by: Host: us-series9-tp.foryoupromo.com
URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/pages/_app-1db5358e5adcd096.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:29e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e821beaa30c8849331b42d715e3b019cd97633fb3bad5aa3dfc3a6ba2f586898

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:39 GMT
x-amz-version-id: .CbreCnc.Mp5ld_oVdN4pJoyDQutiv81
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: R7WXSAW092M7R7BY
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 2Toz6EGhuOGM7ze/55IBXk2x4eonhlfRrz9vRufjNqwKYLmK9z/V3LKdHVRb7HoHp3T+JSjs2dk=
last-modified: Thu, 18 Jan 2024 00:52:56 GMT
server: cloudflare
etag: W/"1de8777c60debe293fbb8f8e4c4a78eb"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 86a09fd81af34bd8-BUF

GET
H2 200 pushNami.js Show response
us-series9-tp.foryoupromo.com/scripts/ 1 KB
810 B 116ms
54ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-series9-tp.foryoupromo.com/scripts/pushNami.js
Requested by: Host: us-series9-tp.foryoupromo.com
URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/main-3ddcad86c0b8c094.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 457b799d17a3c96d2bd5d8cea31f1329934862663740f0bc6807b1e4a9997a12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
etag: W/"432-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JFpS9IKhtLD%2BFPeANA9Vgn7r1VLF4JbVcyT9mPKxifde0ehGOB9X7OHSVA4SAYdZXFoyD18tXFlXcZ2SMpaWzwa6gDuZIEFRSJw5k6on5XrXVv%2F9qFfqh6Iwq%2FZLTP8a0zkUb0QSEdpy9R9ISt2B1itSCCapFrU2DCTiow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
server: cloudflare
cache-control: public, max-age=14400
cf-ray: 86a09fd76df84bd3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 3641.676a155c3cf970bf.js Show response
us-series9-tp.foryoupromo.com/_next/static/chunks/ 3 KB
2 KB 185ms
156ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/3641.676a155c3cf970bf.js
Requested by: Host: us-series9-tp.foryoupromo.com
URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/webpack-bb5cf7c4e60b9783.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d78a1c01592c16be47c51664abcd99cb6070b5c71c2e51e4cd82304d04eeb88

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
etag: W/"bc2-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GlWxVSDsUk8yG2xEqMEagLnB%2FBBfdCoMQdm7S3n5Dq0rDJeXSKFnABLB1exvgk9nZWt8RBBDD1SQPtFzTXTwurjG1bpsD0wbLFBzuOGqIVMZadgxC9VZp2zdyikDQHqarWLGkTeXompT%2BUbubfAFoijxpYegp31XW7eQWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
server: cloudflare
cache-control: public, max-age=31536000, immutable
cf-ray: 86a09fd81e344bd3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 6384.20d271abf6b66f38.js Show response
us-series9-tp.foryoupromo.com/_next/static/chunks/ 5 KB
2 KB 125ms
97ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/6384.20d271abf6b66f38.js
Requested by: Host: us-series9-tp.foryoupromo.com
URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/webpack-bb5cf7c4e60b9783.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec097bb8a231b7e9bec8cf9539666d4ddb6bedd4fa3f3c59bef0fb2dd7a86ad2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
etag: W/"141c-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cb0XU%2FBaK9rzVfwiUuMK1HZdaYwASssXGF01POllqsTvWzPJQ4SbEAJ%2FDmKndeUi47EEq2eeKspAh0dbm9hzMITISEQ5jwkdP1tfnuWz0p25mJ9%2FMQMAimdNpeMmrCC%2BJEtO2VWva8hBCuL247FRRzYl68YB%2F2n2bTtALQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
server: cloudflare
cache-control: public, max-age=31536000, immutable
cf-ray: 86a09fd81e364bd3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 4923.30afabdd4cc9e9c3.js Show response
us-series9-tp.foryoupromo.com/_next/static/chunks/ 7 KB
3 KB 129ms
102ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/4923.30afabdd4cc9e9c3.js
Requested by: Host: us-series9-tp.foryoupromo.com
URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/webpack-bb5cf7c4e60b9783.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57c892966dcecec403fd625b6397c734d396ee8b4645f37d8b74ef43c41ce808

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
etag: W/"1af7-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B%2BdHyQn5ooGtwl4JMbXHrWUshKQe3PVGnT%2BvQi0VADoEgYhd%2FPAiXD1qKTp1seriTI6xmOhLxUiZFsJ6T%2BlEVTkr6TC%2BsfMIqnGK1AuiLRs%2F9S3DKZI1uQ4IjjBTCELxWerRbQ10EHBI8awc1qxW3SIMxj2vIxWOT0KZPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
server: cloudflare
cache-control: public, max-age=31536000, immutable
cf-ray: 86a09fd81e374bd3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 8910.a14c5ff2f5f3bf45.js Show response
us-series9-tp.foryoupromo.com/_next/static/chunks/ 1 KB
973 B 185ms
158ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/8910.a14c5ff2f5f3bf45.js
Requested by: Host: us-series9-tp.foryoupromo.com
URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/webpack-bb5cf7c4e60b9783.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3173a996da5d9c0d9c981e92a33d3213387392e5af5b395546f23dedb2e39f38

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
etag: W/"483-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ilebjCUki2ll3n9IfCBOf0tzw3koglxomShwcIoFBf0o06lAFrQIYU2YhvgMjrh3d%2FVzuN5Sr4y0LpIJXeYaGKYKDjO1gG1eAouwXKp2jeKfiFSLdzecnZmaY2E8h2RWd%2Bmw2sZYXnC08Dql03ZiTUsQmm1Kv9iBkOzNKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
server: cloudflare
cache-control: public, max-age=31536000, immutable
cf-ray: 86a09fd81e394bd3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 image
us-series9-tp.foryoupromo.com/_next/ 9 KB
9 KB 132ms
105ms Image
image/webp 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us-series9-tp.foryoupromo.com/_next/image?url=https%3A%2F%2Fim.us-imageo.com%2Fupload%2F1561383747_yellow-banner-en.png&w=640&q=75

Requested by

Host: us-series9-tp.foryoupromo.com
URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/main-3ddcad86c0b8c094.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcc14e3741434b43b3497f47b3f05537628233345adabe1bb080bf490ee9739e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:39 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
x-nextjs-cache: HIT
content-disposition: inline; filename="1561383747_yellow-banner-en.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8980
server: cloudflare
etag: 3MFON0FDS0OzSX9Hs-BVN2KCMzRa2r4bsIC-SQ7pc54=
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2FDfb8riEsFkcjaJawkWnHw6jsrIK9pT%2B%2B5qIXnIOVE3f1v6ij7irNsstfKhdEUyhHwykiqIac6pFMVzg0ZkWPC0cF8FNx8tnljcrpVZM4lnGkx1wMrwo7VXo%2BgTAG4t3SUwC%2FkYu%2FtLcOHtu8EUlIVWq7Myo6Ci0qCrjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400, must-revalidate
cf-ray: 86a09fd81e324bd3-BUF

GET
H2 200 image
us-series9-tp.foryoupromo.com/_next/ 20 KB
20 KB 730ms
704ms Image
image/webp 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us-series9-tp.foryoupromo.com/_next/image?url=https%3A%2F%2Fim.us-imageo.com%2Fupload%2F1647536431_series9-web.png&w=640&q=75

Requested by

Host: us-series9-tp.foryoupromo.com
URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/main-3ddcad86c0b8c094.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

139de08f78100b99d603d12666ddc6d48f0ad846e7ddc88cfa50ade90e83c581

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:40 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
x-nextjs-cache: MISS
content-disposition: inline; filename="1647536431_series9-web.webp"
alt-svc: h3=":443"; ma=86400
content-length: 20344
server: cloudflare
etag: E53gj3gQC5nWA9EmZt3G1I8K2Ebn3ciM+lCt6Q6DxYE=
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YuIltWMrGrmXfAw67JI5fkzBm2myLu1UZDD8gx3hE3o7THfjv3CcflCqmLohclIwSzb%2FWUYnfp4EQdoHt5VKIWWBEKmrOIkjnKbwhg5mMhzX%2Bw1rvwY6LnJMnErToA4XPEjdDMWs4DFSmqM7r1TqdqGA%2FNQOFglQF7K5GQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400, must-revalidate
cf-ray: 86a09fd81e334bd3-BUF

GET
H2 200 916d3686010a8de2-s.p.woff2
us-series9-tp.foryoupromo.com/_next/static/media/ 8 KB
8 KB 180ms
157ms Font
font/woff2 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-series9-tp.foryoupromo.com/_next/static/media/916d3686010a8de2-s.p.woff2
Requested by: Host: us-series9-tp.foryoupromo.com
URL: https://us-series9-tp.foryoupromo.com/_next/static/css/18000b2dd9e09b14.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Request headers

Referer: https://us-series9-tp.foryoupromo.com/_next/static/css/18000b2dd9e09b14.css
Origin: https://us-series9-tp.foryoupromo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:39 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
alt-svc: h3=":443"; ma=86400
content-length: 7884
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"1ecc-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S8CuhU3wR07ynHI%2Bd7qlpv6hTQfRxC7dU8a0sR%2BW08xXJpdvPCUSPd%2FYg1A4Fc7n%2BGBaHJHtmElyPTq0N%2BEw33XkStWxJ0VExpCoiJRMZCPTbLSsGcsJVqeLfWJsdZ0NnHr7jWplWMK65IuBNwzOVv0PscrlgEvh57tmfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 86a09fd81e304bd3-BUF

GET
H2 200 9a881e2ac07d406b-s.p.woff2
us-series9-tp.foryoupromo.com/_next/static/media/ 8 KB
8 KB 307ms
289ms Font
font/woff2 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-series9-tp.foryoupromo.com/_next/static/media/9a881e2ac07d406b-s.p.woff2
Requested by: Host: us-series9-tp.foryoupromo.com
URL: https://us-series9-tp.foryoupromo.com/_next/static/css/18000b2dd9e09b14.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Request headers

Referer: https://us-series9-tp.foryoupromo.com/_next/static/css/18000b2dd9e09b14.css
Origin: https://us-series9-tp.foryoupromo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:40 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
alt-svc: h3=":443"; ma=86400
content-length: 7816
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"1e88-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K9p5nUlMQckAbb9XSbBIX7PrQ9sG8grcebfHj1kPhfiUFpmimJ3m0P7cXzyO6VOGVu%2FURi4%2Bd7YQiBgynpXMg1oJvhTSZhDnCR9kXeDyDinPGKg1y0Y243d7eYOTJnptDkZqI8n0gnskiR1bgjm3kPVXuz0HAeEWvzF4kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 86a09fd97eda4bd3-BUF

GET
H2 200 62a7807cf9e9090013c65cc7 Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 96 KB
20 KB 503ms
37ms Script
application/javascript 18.164.124.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Requested by: Host: us-series9-tp.foryoupromo.com
URL: https://us-series9-tp.foryoupromo.com/scripts/pushNami.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-65.jfk50.r.cloudfront.net
Software: /
Resource Hash: 149d4bc80e7b2c46113896b13498f7774e490a617d7e6ac259e14af9a28f7cb6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:23:06 GMT
content-encoding: gzip
via: 1.1 024ebcc63921610877d4ba277290628c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 394
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
x-amz-cf-id: aE9D4Wnia-VbLlz_1I5qlSF-ABQOoba0DQU-P-TyPzGSJqWLYDt8Vg==

GET
H2 200 image
us-series9-tp.foryoupromo.com/_next/ 9 KB
9 KB 166ms
45ms Image
image/webp 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us-series9-tp.foryoupromo.com/_next/image?url=https%3A%2F%2Fim.us-imageo.com%2Fupload%2F1561383747_yellow-banner-en.png&w=1920&q=75

Requested by

Host: us-series9-tp.foryoupromo.com
URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/main-3ddcad86c0b8c094.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcc14e3741434b43b3497f47b3f05537628233345adabe1bb080bf490ee9739e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:40 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
x-nextjs-cache: HIT
content-disposition: inline; filename="1561383747_yellow-banner-en.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8980
server: cloudflare
etag: 3MFON0FDS0OzSX9Hs-BVN2KCMzRa2r4bsIC-SQ7pc54=
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=46rTqLAo%2BPd8Fk3nbRY7z5r%2FxaI2MjrQP3yTZAyR%2Fx9%2BiQeEb0LGc4TYM1BcshSD1HoiPSksWdgK4l6l9nBojzbk8xRYjQU4WJn%2BYuHqX6s4qy0kjAy9jVicX75%2Bcc2l94tHz1qqiCbYCdDQ%2Bc6C1ClaWgdx0GD6zzIO3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400, must-revalidate
cf-ray: 86a09fd97edb4bd3-BUF

GET
H2 200 7569.8f8585f841ec9f49.js Show response
us-series9-tp.foryoupromo.com/_next/static/chunks/ 11 KB
4 KB 177ms
56ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/7569.8f8585f841ec9f49.js
Requested by: Host: us-series9-tp.foryoupromo.com
URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/webpack-bb5cf7c4e60b9783.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f71f236aa7398cc2b75d1a74c8cfd4da1285078fd76b52df04999f705decdc2e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
etag: W/"2ce1-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IlxbUZVQnfZjku1H7meCJ8on2X3rq7NBtrFnoaRtNBNIklxqvFBu0DsQVUdljrJ3TiFWFz2Yj0gNIYrQ9ZKNrtPrvtL5nJ3Wnc4lEV7su2zW0V8reCtrt%2FWgjUTgXdPm1wcxksrLhkZx8CTDlPNiCXmCDxZJwkYz2EioZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
server: cloudflare
cache-control: public, max-age=31536000, immutable
cf-ray: 86a09fd97edc4bd3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 2273.542e863fabc78dc3.js Show response
us-series9-tp.foryoupromo.com/_next/static/chunks/ 4 KB
2 KB 167ms
46ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/2273.542e863fabc78dc3.js
Requested by: Host: us-series9-tp.foryoupromo.com
URL: https://us-series9-tp.foryoupromo.com/_next/static/chunks/webpack-bb5cf7c4e60b9783.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 567a8ac41aae60cfb60d65b83582ac168330abcefd83f9d4b374c1e190629c2f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
etag: W/"1018-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n7yrYzb1IuTzRlGxYLT24P9QE5cmo13VI2Jxc15fTHnDSPi7b4hxhjnvxSTjW4w6S7LLtlj78YJnPOyKsCQvHzYQJefV9xtCYHu4SW63LTibbRvGDYGZHvs3%2F0%2Fr96wcIhlf9QPx6sTlXgAgwvB575Qb2Lr7LaSg6ufJjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
server: cloudflare
cache-control: public, max-age=31536000, immutable
cf-ray: 86a09fd97edd4bd3-BUF
alt-svc: h3=":443"; ma=86400

POST
H2 200 GenerateToken Show response
create.leadid.com/2.12.1/ 36 B
660 B 263ms
106ms XHR
text/plain 3.214.34.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/GenerateToken?msn=1&pid=773be335-5ca5-43b7-934d-ed2871da08a7&_=173452971

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.214.34.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-214-34-187.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d8d8d5c3396bafcec58134fc3e6d4e4c98f9d4eccc149dbdbe9ff9e2802cb867

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://us-series9-tp.foryoupromo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 25 Mar 2024 17:29:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 image
us-series9-tp.foryoupromo.com/_next/ 156 B
652 B 82ms
68ms Image
image/webp 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us-series9-tp.foryoupromo.com/_next/image?url=%2Fimages%2FgreaterThan.png&w=16&q=75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9db286fe51de8324ee88339a4f87e929f5670ca9d0a79471ae50ade6083f896

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:40 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
x-nextjs-cache: STALE
content-disposition: inline; filename="greaterThan.webp"
alt-svc: h3=":443"; ma=86400
content-length: 156
server: cloudflare
etag: ydsob+Ud6DJO6IM5pPh+kp9WcMqdCnlHGuUK3mCD+JY=
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ydpQsxTtpDDSn0PyRpE%2FBL62803xD%2BatuasBLO6KkItYuvaIp8p8%2FPfJwXlTb1w0LvbtXjmfpHFcZddVvBbBJ1fCR%2Fy1pX1dCe661NBEGMN3lQXCvKP6B5L8GSDNeu8l6g0bgrEY%2FBMXzLmTfvich%2B8iPoa5wmD31o9sFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=60, must-revalidate
cf-ray: 86a09fdaff874bd3-BUF

POST
H2 201 certs Show response
api.trustedform.com/ 475 B
686 B 207ms
0ms XHR
application/json 3.214.163.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17113877796730.843021958522195&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.214.163.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-163-202.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 29b6bbd55634a029fce45c06d34a9a33bd354e8fa5d2ddc26258d58bf151004f

Request headers

Referer: https://us-series9-tp.foryoupromo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Mar 2024 17:29:40 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

GET
H2 200 hub Show response
api.pushnami.com/scripts/v1/ Frame 9834 2 KB
1 KB 124ms
31ms Document
text/html 18.164.124.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushnami.com/scripts/v1/hub

Requested by

Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-65.jfk50.r.cloudfront.net

Software

Resource Hash

2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *
X-Content-Security-Policy	default-src 'unsafe-inline' *

Request headers

Referer: https://us-series9-tp.foryoupromo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: *
age: 1255
cache-control: no-cache
content-encoding: gzip
content-security-policy: default-src 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Mon, 25 Mar 2024 17:08:45 GMT
vary: accept-encoding
via: 1.1 024ebcc63921610877d4ba277290628c.cloudfront.net (CloudFront)
x-amz-cf-id: _nv8E1iYnGFLLQ0Y7oJt3B4jTPhMF0Ua2RSV8n7NzODyjC_zh_t_Mg==
x-amz-cf-pop: JFK50-P7
x-cache: Hit from cloudfront
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame 96FC 3 KB
2 KB 248ms
30ms Document
text/html 18.164.115.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=BFA5FDE0-B169-81F9-F1AC-B7ABFA2A107F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.164.115.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-115-36.jfk50.r.cloudfront.net

Software

nginx /

Resource Hash

e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://us-series9-tp.foryoupromo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Age: 32850
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 25 Mar 2024 08:22:11 GMT
Etag: W/"65a0715c-dbb"
Last-Modified: Thu, 11 Jan 2024 22:53:16 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 079cd4553da15b2329bffae6abe6157e.cloudfront.net (CloudFront)
X-Amz-Cf-Id: Zt7Q29eB9u4IUNcLEkoXO0JWooQ_OejFENkkw2yWU5f3Yx3UHhqXCw==
X-Amz-Cf-Pop: JFK50-P6
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.12.1/ 0
623 B 88ms
0ms XHR
text/plain 3.214.34.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/SaveDom?msn=2&pid=773be335-5ca5-43b7-934d-ed2871da08a7&token=BFA5FDE0-B169-81F9-F1AC-B7ABFA2A107F&_=173452972

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.214.34.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-214-34-187.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://us-series9-tp.foryoupromo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 25 Mar 2024 17:29:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.12.1/ 0
623 B 115ms
24ms XHR
text/plain 3.214.34.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/InitFormData?msn=3&pid=773be335-5ca5-43b7-934d-ed2871da08a7&token=BFA5FDE0-B169-81F9-F1AC-B7ABFA2A107F&_=173452973

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.214.34.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-214-34-187.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://us-series9-tp.foryoupromo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 25 Mar 2024 17:29:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 trustedform-1.9.4.js Show response
cdn.trustedform.com/ 84 KB
33 KB 86ms
71ms Script
application/javascript 2600:9000:21dd:ae00:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.9.4.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17113877796730.843021958522195&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:ae00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: daec1d32a4f211884695930cbc2443467f28e7bd1b1ae1afb7f2eb16349aacfe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: gtnb1Uxu8qLJRc.iYT4wVelhc0u4qkAi
content-encoding: gzip
via: 1.1 326fd0f07e6ce3b75fa751c6965f21c8.cloudfront.net (CloudFront)
date: Mon, 25 Mar 2024 17:29:39 GMT
last-modified: Wed, 08 Nov 2023 19:52:40 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 3
etag: W/"f46641519eee44fe450f02ae72e64a74"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: QGklKoAO6nkcDfrsJhjmhEN7yrj5ZE3vP2rt0qPV8_qIQwXTSR9a5A==

GET
H2 200 psfpv4_client.js Show response
cdn.pushnami.com/js/exp/ 328 KB
328 KB 173ms
45ms Script
application/javascript 108.139.47.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushnami.com/js/exp/psfpv4_client.js
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-118.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97e0462bd8c906873b7676857abba0bcf9233febf2344af1b23d679b59b6d00d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 16:56:10 GMT
content-encoding: utf-8
via: 1.1 b9fa5c33e059fb3ed603bd8fcb9d4aea.cloudfront.net (CloudFront)
x-amz-version-id: 91MVT1fCLHMP6uEV5RRPiERgHpsAdHVl
last-modified: Fri, 15 Dec 2023 20:58:03 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
age: 2011
etag: "545cbfd2aa019799b8a5c3d82eb1ace8"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 335571
x-amz-cf-id: iS7_5zNOFacQCOwirWdzsQqjP0frTl6ZOijlA2eaNCR9q9bsXNiMSQ==

POST
H2 204 snapshot Show response
api.trustedform.com/certs/e810c149823f6cf080bb7d3a1a9f72fc56a89ea1/ 0
159 B 67ms
40ms XHR
text/plain 3.214.163.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/e810c149823f6cf080bb7d3a1a9f72fc56a89ea1/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.214.163.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-163-202.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us-series9-tp.foryoupromo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 25 Mar 2024 17:29:40 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H2 200 image
us-series9-tp.foryoupromo.com/_next/ 9 KB
9 KB 90ms
71ms Image
image/webp 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us-series9-tp.foryoupromo.com/_next/image?url=https%3A%2F%2Fim.us-imageo.com%2Fupload%2F1561383747_yellow-banner-en.png&w=640&q=75

Requested by

Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcc14e3741434b43b3497f47b3f05537628233345adabe1bb080bf490ee9739e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:40 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
x-nextjs-cache: HIT
content-disposition: inline; filename="1561383747_yellow-banner-en.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8980
server: cloudflare
etag: 3MFON0FDS0OzSX9Hs-BVN2KCMzRa2r4bsIC-SQ7pc54=
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S5B%2BNYDfLMfX%2FSXVRxirmq6ndW%2FkGrx%2F56dTH4zDqrdwE9ulvboNv1xaEkvQ%2BzTVBzC3rr8EyfY%2FW0ir8ql9mpYiD4eeMZU2PvitkMIVTVofpUdDVuZHofe0e3f5QOtvfuPey1V06Vae5EV%2FETGIptWiz4L%2B3hClL8UVBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400, must-revalidate
cf-ray: 86a09fde48d54bd3-BUF

GET
H2 200 image
us-series9-tp.foryoupromo.com/_next/ 20 KB
20 KB 72ms
57ms Image
image/webp 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us-series9-tp.foryoupromo.com/_next/image?url=https%3A%2F%2Fim.us-imageo.com%2Fupload%2F1647536431_series9-web.png&w=640&q=75

Requested by

Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

139de08f78100b99d603d12666ddc6d48f0ad846e7ddc88cfa50ade90e83c581

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:40 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
x-nextjs-cache: HIT
content-disposition: inline; filename="1647536431_series9-web.webp"
alt-svc: h3=":443"; ma=86400
content-length: 20344
server: cloudflare
etag: E53gj3gQC5nWA9EmZt3G1I8K2Ebn3ciM+lCt6Q6DxYE=
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NqNJU3VUrwiiZqCPgPyhmAehgv52NYl9FUeFvhYd2m8FufhulSh8GhoKnxprLmwAYYx3mCixDtQVNE4GnXpdcC%2BdkGTGrdAd3kihyvICdQtJn%2F9HsgJJ67oX3rfQJRJwElneRcMx9fvHG3FpKj20oQ8Q6%2FqlQbn8XcQDLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400, must-revalidate
cf-ray: 86a09fde48d64bd3-BUF

GET
H2 200 image
us-series9-tp.foryoupromo.com/_next/ 9 KB
9 KB 120ms
106ms Image
image/webp 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us-series9-tp.foryoupromo.com/_next/image?url=https%3A%2F%2Fim.us-imageo.com%2Fupload%2F1561383747_yellow-banner-en.png&w=1920&q=75

Requested by

Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcc14e3741434b43b3497f47b3f05537628233345adabe1bb080bf490ee9739e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:40 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
x-nextjs-cache: HIT
content-disposition: inline; filename="1561383747_yellow-banner-en.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8980
server: cloudflare
etag: 3MFON0FDS0OzSX9Hs-BVN2KCMzRa2r4bsIC-SQ7pc54=
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F7DDwExXAO3sYK%2BFdyesEnCLPcuXiWnUo7xQgBtY0PWfKzG75wieVAk8cuS90TzsL7H%2F9wkMvE4%2BNsdwF4451dAPlUMptueUff20PSYnteDBYdcG%2FoJIeMNMd%2F%2F%2FfnIwXYCX8fJ3%2FT%2BQBaKY5f%2FaSz9cbIzs0H3sAjsWpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400, must-revalidate
cf-ray: 86a09fde48d74bd3-BUF

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/e810c149823f6cf080bb7d3a1a9f72fc56a89ea1/ 0
159 B 51ms
40ms XHR
text/plain 3.214.163.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/e810c149823f6cf080bb7d3a1a9f72fc56a89ea1/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.214.163.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-163-202.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us-series9-tp.foryoupromo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 25 Mar 2024 17:29:40 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame 8AE5 4 KB
2 KB 206ms
85ms Document
text/html 45.223.17.68
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://deviceid.trueleadid.com/iframe.html?token=BFA5FDE0-B169-81F9-F1AC-B7ABFA2A107F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593

Requested by

Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=BFA5FDE0-B169-81F9-F1AC-B7ABFA2A107F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.17.68 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

e310d5db951bf7a6a33de108f7106fd5589b8b47aaef497a37af3abd5e5c8806

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=86400 public
content-encoding: gzip
content-type: text/html
date: Mon, 25 Mar 2024 17:29:41 GMT
etag: W/"6554d155-1049"
expires: Tue, 26 Mar 2024 17:29:41 GMT
last-modified: Wed, 15 Nov 2023 14:10:29 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server: nginx
strict-transport-security: max-age=31536000
x-cdn: Imperva
x-iinfo: 13-11449039-11439290 pNNy RT(1711387780165 36) q(0 0 0 28) r(0 0) U24
x-incap-sess-cookie-hdr: GfK/HRFbvmreb8q6liA5EIS0AWYAAAAAnEsxDliVVsKUq+LLVdnqdw==

GET
DATA 200
OK truncated
/ 10 KB
10 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: text/javascript

POST
H2 204 events
api.trustedform.com/certs/e810c149823f6cf080bb7d3a1a9f72fc56a89ea1/ 0
159 B 43ms
38ms Ping
text/plain 3.214.163.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/e810c149823f6cf080bb7d3a1a9f72fc56a89ea1/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.214.163.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-163-202.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us-series9-tp.foryoupromo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 25 Mar 2024 17:29:41 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H2 200 _Incapsula_Resource Show response
deviceid.trueleadid.com/ Frame 8AE5 134 KB
19 KB 40ms
39ms Script
application/javascript 45.223.17.68
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://deviceid.trueleadid.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=89818160

Requested by

Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=BFA5FDE0-B169-81F9-F1AC-B7ABFA2A107F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.17.68 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

905b17bf5e058b9ec6cb26ac321ec693e7da9852de7e1e4c11f97350fc1677ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://deviceid.trueleadid.com/iframe.html?token=BFA5FDE0-B169-81F9-F1AC-B7ABFA2A107F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 19325
content-type: application/javascript

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.12.1/ Frame 8AE5 0
627 B 118ms
46ms Script
text/javascript 3.214.34.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/SaveDeviceId.js?lac=B45AA041-3C06-BF07-E07C-262147A32593&lck=A62329FC-B047-95CA-1835-43098649FF47&methods=48&token=BFA5FDE0-B169-81F9-F1AC-B7ABFA2A107F&uuid=df14a2a4757b4d5a8495dd912771d40e

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.214.34.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-214-34-187.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 17:29:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 _Incapsula_Resource
deviceid.trueleadid.com/ Frame 8AE5 1 B
36 B 28ms
27ms Image
text/plain 45.223.17.68
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://deviceid.trueleadid.com/_Incapsula_Resource?SWKMTFSR=1&e=0.6391234068120795

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.17.68 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://deviceid.trueleadid.com/iframe.html?token=BFA5FDE0-B169-81F9-F1AC-B7ABFA2A107F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

POST
H2 204 events Show response
api.trustedform.com/certs/e810c149823f6cf080bb7d3a1a9f72fc56a89ea1/ 0
159 B 58ms
31ms XHR
text/plain 3.214.163.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/e810c149823f6cf080bb7d3a1a9f72fc56a89ea1/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.214.163.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-163-202.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us-series9-tp.foryoupromo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 25 Mar 2024 17:29:41 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 201 data Show response
psp.pushnami.com/psfp/ 27 B
187 B 39ms
38ms Fetch
application/json 54.86.108.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/psfp/data
Requested by: Host: cdn.pushnami.com
URL: https://cdn.pushnami.com/js/exp/psfpv4_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.86.108.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-108-51.compute-1.amazonaws.com
Software: / Express
Resource Hash: 872f35c442fb45b92953ee6dc5f980717f993d018097ccc0b289ae206b7b129c

Request headers

Referer: https://us-series9-tp.foryoupromo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/octet-stream

Response headers

access-control-allow-origin: *
date: Mon, 25 Mar 2024 17:29:42 GMT
x-powered-by: Express
content-length: 27
etag: W/"1b-D4PNCIGKzvn9yhfD0QiKW4O6wuQ"
content-type: application/json; charset=utf-8

POST
H2 204 events Show response
api.trustedform.com/certs/e810c149823f6cf080bb7d3a1a9f72fc56a89ea1/ 0
159 B 39ms
39ms XHR
text/plain 3.214.163.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/e810c149823f6cf080bb7d3a1a9f72fc56a89ea1/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.214.163.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-163-202.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us-series9-tp.foryoupromo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 25 Mar 2024 17:29:42 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

OPTIONS
H2 204 data
psp.pushnami.com/psfp/ Frame 0
0 163ms
40ms Preflight 54.86.108.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/psfp/data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.86.108.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-108-51.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://us-series9-tp.foryoupromo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Mon, 25 Mar 2024 17:29:42 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

POST
H2 200 psp Show response
psp.pushnami.com/api/ 2 B
152 B 290ms
289ms Fetch
text/html 54.86.108.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.86.108.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-108-51.compute-1.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://us-series9-tp.foryoupromo.com/
accept-language: en-US,en;q=0.9
key: 62a7807cf9e9090013c65cc7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Mon, 25 Mar 2024 17:29:43 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/html; charset=utf-8

OPTIONS
H2 204 psp
psp.pushnami.com/api/ Frame 0
0 54ms
36ms Preflight 54.86.108.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.86.108.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-108-51.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://us-series9-tp.foryoupromo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: key
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Mon, 25 Mar 2024 17:29:43 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

GET
H2 200 check
fpc.pushnami.com/psfp/2d8820a6-e553-4f64-876f-aad5a183cb04/ 0
0 196ms
50ms Fetch 34.194.221.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fpc.pushnami.com/psfp/2d8820a6-e553-4f64-876f-aad5a183cb04/check?websiteId=62a7807cf9e9090013c65cc6
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.221.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-221-185.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-series9-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 25 Mar 2024 17:29:43 GMT
content-length: 0
vary: Origin
x-request-id: dzJrsAT7jLiIoIly9WgCzJhtZfShnkOl

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 64ms
63ms Fetch
text/html 3.218.149.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.218.149.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-218-149-76.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://us-series9-tp.foryoupromo.com/
accept-language: en-US,en;q=0.9
key: 62a7807cf9e9090013c65cc7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Mon, 25 Mar 2024 17:29:43 GMT
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
content-length: 2
content-type: text/html; charset=utf-8

POST
H2 204 events Show response
api.trustedform.com/certs/e810c149823f6cf080bb7d3a1a9f72fc56a89ea1/ 0
159 B 46ms
45ms XHR
text/plain 3.214.163.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/e810c149823f6cf080bb7d3a1a9f72fc56a89ea1/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.214.163.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-163-202.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us-series9-tp.foryoupromo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 25 Mar 2024 17:29:43 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 147ms
38ms Preflight 3.218.149.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.218.149.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-218-149-76.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://us-series9-tp.foryoupromo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Mon, 25 Mar 2024 17:29:43 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.12.1/ 0
622 B 146ms
110ms XHR
text/plain 3.214.34.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/Snap?msn=4&pid=773be335-5ca5-43b7-934d-ed2871da08a7&token=BFA5FDE0-B169-81F9-F1AC-B7ABFA2A107F&_=173452974

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.214.34.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-214-34-187.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://us-series9-tp.foryoupromo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 25 Mar 2024 17:29:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.12.1/ 0
624 B 123ms
53ms XHR
text/plain 3.214.34.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/Snap?msn=5&pid=773be335-5ca5-43b7-934d-ed2871da08a7&token=BFA5FDE0-B169-81F9-F1AC-B7ABFA2A107F&_=173452975

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.214.34.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-214-34-187.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://us-series9-tp.foryoupromo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 25 Mar 2024 17:29:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
us-series9-tp.foryoupromo.com/	1970-01-20 19:23:08	Name: leadid_token-B45AA041-3C06-BF07-E07C-262147A32593-A62329FC-B047-95CA-1835-43098649FF47 Value: BFA5FDE0-B169-81F9-F1AC-B7ABFA2A107F
.trueleadid.com/	1969-12-31 23:59:59	Name: nlbi_3051494 Value: Y81BboESKTyUWY/vC30iGwAAAAB648XfJW6cqnaBAAF34DmQ
.trueleadid.com/	1970-01-21 04:08:29	Name: visid_incap_3051494 Value: Eg1iVJFoSGaUd/nN9bb0PIS0AWYAAAAAQUIPAAAAAAAP1QsIWAs4NQZwsJCzNYfb
.trueleadid.com/	1969-12-31 23:59:59	Name: incap_ses_1169_3051494 Value: aIqpQIytJjbeb8q6liA5EIS0AWYAAAAAB1UQvs1tuGZXgsaAcAD4kA==
.deviceid.trueleadid.com/	1970-01-21 04:59:07	Name: uuid Value: df14a2a4757b4d5a8495dd912771d40e

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://us-series9-tp.foryoupromo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us-series9-tp.foryoupromo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us-series9-tp.foryoupromo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us-series9-tp.foryoupromo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us-series9-tp.foryoupromo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us-series9-tp.foryoupromo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us-series9-tp.foryoupromo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us-series9-tp.foryoupromo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us-series9-tp.foryoupromo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us-series9-tp.foryoupromo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us-series9-tp.foryoupromo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us-series9-tp.foryoupromo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us-series9-tp.foryoupromo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us-series9-tp.foryoupromo.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	error	URL: https://us-series9-tp.foryoupromo.com/ Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.pushnami.com
api.trustedform.com
cdn.pushnami.com
cdn.trustedform.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
fonts.googleapis.com
fpc.pushnami.com
lpapi.d-promo.com
psp.pushnami.com
trc.pushnami.com
us-series9-tp.foryoupromo.com
108.139.47.118
18.164.115.36
18.164.124.65
2600:9000:21dd:ae00:1c:7f1a:6680:93a1
2606:4700:10::ac43:29e5
2606:4700:3030::6815:4ebc
2606:4700:3031::6815:5724
2607:f8b0:4006:80f::200a
3.214.163.202
3.214.34.187
3.218.149.76
34.194.221.185
45.223.17.68
54.86.108.51
139de08f78100b99d603d12666ddc6d48f0ad846e7ddc88cfa50ade90e83c581
149d4bc80e7b2c46113896b13498f7774e490a617d7e6ac259e14af9a28f7cb6
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
29b6bbd55634a029fce45c06d34a9a33bd354e8fa5d2ddc26258d58bf151004f
3173a996da5d9c0d9c981e92a33d3213387392e5af5b395546f23dedb2e39f38
35cbf6a6e5e7ff72ebb142669e1727de048df4fc13fc9fb5d9bd2d8334de7a71
457b799d17a3c96d2bd5d8cea31f1329934862663740f0bc6807b1e4a9997a12
5258c332a53a8297826f21d9ff58c6445c255f8b89141983caf6c50b512a857c
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
567a8ac41aae60cfb60d65b83582ac168330abcefd83f9d4b374c1e190629c2f
57c892966dcecec403fd625b6397c734d396ee8b4645f37d8b74ef43c41ce808
662da46afc9e07d66bf7710d731a7eb1abf5c44b4e04f8846ea517b75351fd78
6d78a1c01592c16be47c51664abcd99cb6070b5c71c2e51e4cd82304d04eeb88
710aad264729f21c74b23996e7d47e04ae3c67394765b48978799cd89139ae34
75668dfde01cb45dc3aaf5ec76fbd7ccd2ca29136783e8457fcbda3cf43982f1
7d541bb45351bf62dcb1c814122813e9e5cbaa8d2d1954caf6b515bcbeae9b45
7d74bdd6d4a41d352668bd82d267ab63420ecf7e805d0bc55ed885bb26789b72
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
808eb1aa1ec1ee07e101b17e80454b47790ca3ad7079a19bf31edd6152fea2f2
83b57c31e74acb8a3784609beb9ce31347303ed8a946a2498b82b7b0a78653d2
872f35c442fb45b92953ee6dc5f980717f993d018097ccc0b289ae206b7b129c
8bca92b278d68953e3f3e9bd23b31caabd8f3286f2ffc6c72239db68b7e02377
905b17bf5e058b9ec6cb26ac321ec693e7da9852de7e1e4c11f97350fc1677ee
932625e518ff207e861f260e0b56e2d890749dda7235062e2ca4805edf492b45
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
97e0462bd8c906873b7676857abba0bcf9233febf2344af1b23d679b59b6d00d
9f8286214f7f23287908ec2c6da7f8ea5ed67fef0bd3a7d70eead2411033b8dd
b926b084518aeb379593046757fa1e25cb9eb434798b98ed10936273d2b901ba
c085969288e366f115fd6ba1c93ce5c3ffecb65f6298a770385e192872f96252
c9db286fe51de8324ee88339a4f87e929f5670ca9d0a79471ae50ade6083f896
cbcb505899a64b16d08c04d2a8764b3b35bde72f0b692fd6feb41e0a53b7b0e0
d8d8d5c3396bafcec58134fc3e6d4e4c98f9d4eccc149dbdbe9ff9e2802cb867
daec1d32a4f211884695930cbc2443467f28e7bd1b1ae1afb7f2eb16349aacfe
dcc14e3741434b43b3497f47b3f05537628233345adabe1bb080bf490ee9739e
de848d26a64f01be28a67a5012d8f6f68347e2643086bb4d6c6d1e861b82a47c
e1ab66a7491b6307e5fdc14fbd5b0de4ecac697c38c3ef15ff140b976dc00720
e310d5db951bf7a6a33de108f7106fd5589b8b47aaef497a37af3abd5e5c8806
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e821beaa30c8849331b42d715e3b019cd97633fb3bad5aa3dfc3a6ba2f586898
ec0891f887d26d0c505fc088bf8402aba8b1f7239c910bed518268b9f969e359
ec097bb8a231b7e9bec8cf9539666d4ddb6bedd4fa3f3c59bef0fb2dd7a86ad2
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
f4f536031266b71a46d1df016a1321da643f16c14966c6329b1ce52456c05aee
f71f236aa7398cc2b75d1a74c8cfd4da1285078fd76b52df04999f705decdc2e
f90de736f6ff83da489522cee313c012ce3309322e062293f92680c64489f151

us-series9-tp.foryoupromo.com Open in urlscan Pro 2606:4700:3030::6815:4ebc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

65 Requests

98 %HTTPS

36 %IPv6

9 Domains

14 Subdomains

15 IPs

1 Countries

1032 kBTransfer

2717 kBSize

5 Cookies

5 Outgoing links

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

us-series9-tp.foryoupromo.com Open in urlscan Pro
2606:4700:3030::6815:4ebc Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

98 %
HTTPS

36 %
IPv6

9
Domains

14
Subdomains

15
IPs

1
Countries

1032 kB
Transfer

2717 kB
Size

5
Cookies

65 HTTP transactions
1 data transactions