us-dtltk-tp.foryoupromo.com Open in urlscan Pro
2606:4700:3030::6815:4ebc Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://frstafflinks.com/?a=1313&oc=34976&c=67447&m=7&s1=172627&s3=soi&s2=1537871337&s4=22502
Effective URL:
https://us-dtltk-tp.foryoupromo.com/
Submission: On July 08 via api (July 8th 2024, 9:32:30 pm UTC) from US — Scanned from DE

Summary HTTP 63 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 11 domains to perform 63 HTTP transactions. The main IP is 2606:4700:3030::6815:4ebc, located in United States and belongs to CLOUDFLARENET, US. The main domain is us-dtltk-tp.foryoupromo.com.
TLS certificate: Issued by WE1 on July 5th 2024. Valid for: 3 months.

This is the only time us-dtltk-tp.foryoupromo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	34.248.213.119 34.248.213.119	16509 (AMAZON-02) (AMAZON-02)
32	2606:4700:303... 2606:4700:3030::6815:4ebc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
3	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	54.146.25.28 54.146.25.28	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:255... 2600:9000:2553:1200:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:29e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::ac43:becd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.218.121 18.66.218.121	16509 (AMAZON-02) (AMAZON-02)
2	108.138.199.121 108.138.199.121	16509 (AMAZON-02) (AMAZON-02)
1	18.66.218.107 18.66.218.107	16509 (AMAZON-02) (AMAZON-02)
5	45.223.19.68 45.223.19.68	19551 (INCAPSULA) (INCAPSULA)
1	3.162.40.41 3.162.40.41	16509 (AMAZON-02) (AMAZON-02)
4	44.202.21.192 44.202.21.192	14618 (AMAZON-AES) (AMAZON-AES)
1	3.215.118.54 3.215.118.54	14618 (AMAZON-AES) (AMAZON-AES)
3	3.218.59.242 3.218.59.242	14618 (AMAZON-AES) (AMAZON-AES)
63	16

2 34.248.213.119 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-213-119.eu-west-1.compute.amazonaws.com

frstafflinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
znqroot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2606:4700:3030::6815:4ebc (United States)

ASN13335 (CLOUDFLARENET, US)

us-dtltk-tp.foryoupromo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

lpapi.d-promo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.146.25.28 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-25-28.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2553:1200:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:29e5 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:becd (United States)

ASN13335 (CLOUDFLARENET, US)

im.us-imageo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.218.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-218-121.mxp63.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.199.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-199-121.mxp64.r.cloudfront.net

cdn.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.218.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-218-107.mxp63.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 45.223.19.68 (United States)

ASN19551 (INCAPSULA, US)

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.40.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-40-41.cdg52.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.202.21.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-202-21-192.compute-1.amazonaws.com

psp.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.215.118.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-118-54.compute-1.amazonaws.com

fpc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.218.59.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-59-242.compute-1.amazonaws.com

trc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	foryoupromo.com us-dtltk-tp.foryoupromo.com	539 KB
12	pushnami.com api.pushnami.com — Cisco Umbrella Rank: 7459 cdn.pushnami.com — Cisco Umbrella Rank: 22152 psp.pushnami.com — Cisco Umbrella Rank: 31674 fpc.pushnami.com — Cisco Umbrella Rank: 383865 trc.pushnami.com — Cisco Umbrella Rank: 7297	369 KB
8	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 29315 cdn.trustedform.com — Cisco Umbrella Rank: 33928	44 KB
5	leadid.com create.leadid.com — Cisco Umbrella Rank: 18688	4 KB
3	d-promo.com lpapi.d-promo.com	212 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net
1	us-imageo.com im.us-imageo.com	369 KB
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 28826	39 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 108	964 B
1	znqroot.com 1 redirects znqroot.com	833 B
1	frstafflinks.com 1 redirects frstafflinks.com	308 B
63	11

	Domain	Requested by
32	us-dtltk-tp.foryoupromo.com	us-dtltk-tp.foryoupromo.com
6	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
5	create.leadid.com	create.lidstatic.com
4	psp.pushnami.com	cdn.pushnami.com api.pushnami.com
3	trc.pushnami.com	api.pushnami.com
3	lpapi.d-promo.com	us-dtltk-tp.foryoupromo.com
2	cdn.pushnami.com	api.pushnami.com
2	api.pushnami.com	us-dtltk-tp.foryoupromo.com api.pushnami.com
2	cdn.trustedform.com	api.trustedform.com
1	fpc.pushnami.com	api.pushnami.com
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	im.us-imageo.com
1	create.lidstatic.com	us-dtltk-tp.foryoupromo.com
1	fonts.googleapis.com	us-dtltk-tp.foryoupromo.com
1	znqroot.com	1 redirects
1	frstafflinks.com	1 redirects
63	16

This site contains links to these domains. Also see Links.

Domain
foryoupromo.com
customercare.today

Subject Issuer	Validity	Valid
foryoupromo.com WE1	`2024-07-05` - `2024-10-03`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
d-promo.com WE1	`2024-06-22` - `2024-09-20`	3 months	crt.sh
lidstatic.com E1	`2024-05-25` - `2024-08-23`	3 months	crt.sh
us-imageo.com WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
*.pushnami.com Amazon RSA 2048 M02	`2024-02-03` - `2025-03-03`	a year	crt.sh
*.trustedform.com Amazon RSA 2048 M03	`2023-08-11` - `2024-09-07`	a year	crt.sh
imperva.com GlobalSign Atlas R3 DV TLS CA 2024 Q2	`2024-04-24` - `2024-10-21`	6 months	crt.sh
cdn.trustedform.com Amazon RSA 2048 M03	`2024-02-13` - `2025-03-13`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://us-dtltk-tp.foryoupromo.com/
Frame ID: 097CCEA37D27AEA4E0C864ACEBA3C33B
Requests: 59 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 0C9E6C324351B7772B20407A3DAFC10C
Requests: 1 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=705C5CDC-9CE4-90E0-9124-D1829DBFB99E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593
Frame ID: 230FE97B064D751527EF003F15AE9775
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Test and Keep the Dettol package worth $250

Page URL History Show full URLs

http://frstafflinks.com/?a=1313&oc=34976&c=67447&m=7&s1=172627&s3=soi&s2=1537871337&s4=22502 HTTP 307
https://frstafflinks.com/?a=1313&oc=34976&c=67447&m=7&s1=172627&s3=soi&s2=1537871337&s4=22502 HTTP 302
https://znqroot.com/?a=1313&oc=34976&c=67447&m=7&s1=172627&s3=soi&s2=1537871337&s4=22502&ckmguid... HTTP 302
https://us-dtltk-tp.foryoupromo.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Pushnami (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.pushnami\.com

Page Statistics

63
Requests

98 %
HTTPS

31 %
IPv6

11
Domains

16
Subdomains

16
IPs

4
Countries

1586 kB
Transfer

3442 kB
Size

11
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://foryoupromo.com/us/about-us/
Title: About us

Search URL Search Domain Scan URL

URL: https://foryoupromo.com/us/terms-of-use/
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://foryoupromo.com/us/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://customercare.today/us/
Title: Opt-out of data sale

Search URL Search Domain Scan URL

URL: https://foryoupromo.com/us/official-rules/
Title: Official rules

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://frstafflinks.com/?a=1313&oc=34976&c=67447&m=7&s1=172627&s3=soi&s2=1537871337&s4=22502 HTTP 307
https://frstafflinks.com/?a=1313&oc=34976&c=67447&m=7&s1=172627&s3=soi&s2=1537871337&s4=22502 HTTP 302
https://znqroot.com/?a=1313&oc=34976&c=67447&m=7&s1=172627&s3=soi&s2=1537871337&s4=22502&ckmguid=833053eb-901a-4a55-903a-1dec7af82918 HTTP 302
https://us-dtltk-tp.foryoupromo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17204743442190.7547285813764475&invert_field_sensitivity=false HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17204743442190.7547285813764475&invert_field_sensitivity=false

63 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
us-dtltk-tp.foryoupromo.com/
Redirect Chain

http://frstafflinks.com/?a=1313&oc=34976&c=67447&m=7&s1=172627&s3=soi&s2=1537871337&s4=22502
https://frstafflinks.com/?a=1313&oc=34976&c=67447&m=7&s1=172627&s3=soi&s2=1537871337&s4=22502
https://znqroot.com/?a=1313&oc=34976&c=67447&m=7&s1=172627&s3=soi&s2=1537871337&s4=22502&ckmguid=833053eb-901a-4a55-903a-1dec7af82918
https://us-dtltk-tp.foryoupromo.com/

72 KB
9 KB

517ms
250ms

Document
text/html

2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-dtltk-tp.foryoupromo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Next.js
Resource Hash: bd5a8bf01b18579835da62a4f99c3296d28e6d42e2c7d661fc0f7f04e580c732

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=3600, stale-while-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8a032fc52d8371d0-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 08 Jul 2024 21:32:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jh9%2FtxYaubkt3ZzSCQLPq3gzpgjKzg72b0x%2BwYYr8rSnhGFTEn%2FxD0PJVvqiKE9sh1QbryVc71RNh%2BchCDIULk1QKLbNjS8cDDjwxZnScugCRdtkHMjHLTReC8dF7xMDtD778awZMo3GQqS1oYGET3ddNZqWSco%2FTN8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
x-nextjs-cache: HIT
x-powered-by: Next.js

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 226
Content-Type: text/html; charset=utf-8
Date: Mon, 08 Jul 2024 21:32:21 GMT
Location: https://us-dtltk-tp.foryoupromo.com/#/?reqid=2318280045&oid=28865&a=1313&cid=560269&s1=172627
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 450880b54a3d9a28.css
us-dtltk-tp.foryoupromo.com/_next/static/css/ 114 KB
20 KB 56ms
55ms Stylesheet
text/css 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-dtltk-tp.foryoupromo.com/_next/static/css/450880b54a3d9a28.css
Requested by: Host: us-dtltk-tp.foryoupromo.com
URL: https://us-dtltk-tp.foryoupromo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a993ce3d266f5930e6fea3968856467f7b02ccb315c63f3f1174832bd56783d0

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:23 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
age: 84540
x-do-orig-status: 200
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"1c784-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NkCFSItXeB4cwspq08NrQZYDM1ednX4B8lfoh04m3LREK3ygE1Arp4mipv0T0%2FLbXLRg4Wq7CbhJvupRJTrBCgSfXD4zOBAER%2F0juO1VRTRu4FnZRvJP%2B4OVz11RhlZgnHCxdpSXu4JiC8HpkU8ZVs8hc5Ie%2FN81UTE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8a032fc6ef8671d0-FRA

GET
H2 200 webpack-82f5895db053527f.js Show response
us-dtltk-tp.foryoupromo.com/_next/static/chunks/ 6 KB
3 KB 63ms
63ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/webpack-82f5895db053527f.js
Requested by: Host: us-dtltk-tp.foryoupromo.com
URL: https://us-dtltk-tp.foryoupromo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61a75661183e6662579e09e9fe34ef864e23a80b3f63224a7a3b78e22d99a904

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:23 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
age: 84540
x-do-orig-status: 200
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"1840-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wViXdK%2FVvQQKUlV2Zl4wh%2FxMzT71jGQ%2Fi2QXskPeVcxIWiycZNOLOJo42EAwlU3871raa3szLr8dyVrwJXbPMJ2jl6M5FKTX7vSnm2N2TNEelGvU2tUXPu4l1B8UZrwbZIARMaH6PbSATkkFRGoraywd6uhmZD9Jrc0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8a032fc6ef8771d0-FRA

GET
H2 200 framework-92a422f151f77ddb.js Show response
us-dtltk-tp.foryoupromo.com/_next/static/chunks/ 138 KB
45 KB 52ms
52ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/framework-92a422f151f77ddb.js
Requested by: Host: us-dtltk-tp.foryoupromo.com
URL: https://us-dtltk-tp.foryoupromo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c085969288e366f115fd6ba1c93ce5c3ffecb65f6298a770385e192872f96252

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:23 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
age: 84540
x-do-orig-status: 200
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"226b9-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zayo3FeuWpsp0M6Jkutv%2B9SAJaPrDk%2BL%2Bbpa2VtE41zEkOb8ifhor1lfCYdvPGy6ySbEj38%2BqRbUJf%2FxKsPkpxxWbFZjluwZfAKsQQpGEZrRx4v7hj0WLmG2bnFQrhpi%2B%2FsxoEsW9Dmipudp1nHzM0RQbW3QD%2BVRS%2Bo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8a032fc7a86971d0-FRA

GET
H2 200 main-3ddcad86c0b8c094.js Show response
us-dtltk-tp.foryoupromo.com/_next/static/chunks/ 124 KB
37 KB 54ms
51ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/main-3ddcad86c0b8c094.js
Requested by: Host: us-dtltk-tp.foryoupromo.com
URL: https://us-dtltk-tp.foryoupromo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bca92b278d68953e3f3e9bd23b31caabd8f3286f2ffc6c72239db68b7e02377

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:23 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
age: 84540
x-do-orig-status: 200
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"1ee6b-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KGf5MJFk1%2BtfPan6GZVX%2B8Fp47uYiOwy4RGO880IT7R7l7YyQg8om83eRSDLPCPzkDUq3B3sxnufEM%2FVEjipdnAIcgvCmi29DZeJzyvYf%2BCppW1vQu2Otz4HzKChV3ELHCqA492YnKHme6MG8N8cgapaM4G1z7hmXGU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8a032fc7b87971d0-FRA

GET
H2 200 _app-6ee37364e45a4389.js Show response
us-dtltk-tp.foryoupromo.com/_next/static/chunks/pages/ 305 KB
89 KB 346ms
343ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/pages/_app-6ee37364e45a4389.js
Requested by: Host: us-dtltk-tp.foryoupromo.com
URL: https://us-dtltk-tp.foryoupromo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43141b69c022a49aa784a5000800afe835462eb19f5ec9c2ba2d27797f3d3881

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:23 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
etag: W/"4c402-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NMfY4EodODF272Uy%2Bxx6fslv0efmXqGgD9%2Bth%2BNiof3qz9SDx%2FguXFFrb0L5j5aaWolVTmjMDPVWpCFLods61RshxTwjgSPh06BU3%2Bu4ycXK8C61%2FwH5WWg%2BzEaWOQWrSdbcgpyHyTImd17Lhf5vRr6rbp7lLzLyGX0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
server: cloudflare
cache-control: public, max-age=31536000, immutable
cf-ray: 8a032fc7b87d71d0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 b637e9a5-445986cafd87aa11.js Show response
us-dtltk-tp.foryoupromo.com/_next/static/chunks/ 85 KB
30 KB 343ms
341ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/b637e9a5-445986cafd87aa11.js
Requested by: Host: us-dtltk-tp.foryoupromo.com
URL: https://us-dtltk-tp.foryoupromo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f8286214f7f23287908ec2c6da7f8ea5ed67fef0bd3a7d70eead2411033b8dd

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:23 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
etag: W/"152b1-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0ZyAZhnwyuuA27bf%2BwhS0EMmBkEq%2B5aJHJfLVXe54RGml2MZnsCU325B%2BitnY7%2FV7cnMzemtIzpEXOrdhIs14%2BNVczllyNLHPfd%2BkMizkuxrWFr7igY9IXGoeYXbIhb%2BrBFh3JKcGTZg%2BmuqSIGCLTeFZmFBadrhBgE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
server: cloudflare
cache-control: public, max-age=31536000, immutable
cf-ray: 8a032fc7b88171d0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 4870-ffe4bae46444420d.js Show response
us-dtltk-tp.foryoupromo.com/_next/static/chunks/ 357 KB
113 KB 341ms
339ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/4870-ffe4bae46444420d.js
Requested by: Host: us-dtltk-tp.foryoupromo.com
URL: https://us-dtltk-tp.foryoupromo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 808eb1aa1ec1ee07e101b17e80454b47790ca3ad7079a19bf31edd6152fea2f2

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:23 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
etag: W/"59508-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2BrvzuAYsQcntCtOC0J9j6xiNj7OdxbhgNXe0S9PGMOaEz7ye%2F2x0Ouz9tHFz6r4a30H16RQ7ie19RkyBm5ocFfA0sxRhDBC%2FNvjxoPaqQSLFt9p7goxKDEn97MllJOYnmg6obsLF%2FXxor1TZd0FcBOdgr7BQrakC3A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
server: cloudflare
cache-control: public, max-age=31536000, immutable
cf-ray: 8a032fc7b88471d0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 %5Blandingpage%5D-785710ab08e7cb05.js Show response
us-dtltk-tp.foryoupromo.com/_next/static/chunks/pages/landingpages/ 89 KB
21 KB 329ms
327ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/pages/landingpages/%5Blandingpage%5D-785710ab08e7cb05.js
Requested by: Host: us-dtltk-tp.foryoupromo.com
URL: https://us-dtltk-tp.foryoupromo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcfb1bcc951112abcd5f1878b47e6e5f0e122961f3102ce4d0af03430b20c898

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:23 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
etag: W/"16475-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J2u0ErjYjk97KwWEASjrBpiF4rhqao%2FHhG6psdfLKGInI93o%2Bdqzb2jxCarYVEO1OFrnF5yrtvImRzgdXqLy0fFSXp9ktrsW%2FhpldY%2F9PbN5lfkFVfyQU%2FE4XVJiVnBLTBKjN%2BqF1QxSlbjYY1%2FlaIcXeEVASp3mdf8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
server: cloudflare
cache-control: public, max-age=31536000, immutable
cf-ray: 8a032fc7b88671d0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 _buildManifest.js Show response
us-dtltk-tp.foryoupromo.com/_next/static/2PzxG3130YLqXqnhGbFhk/ 649 B
661 B 264ms
262ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-dtltk-tp.foryoupromo.com/_next/static/2PzxG3130YLqXqnhGbFhk/_buildManifest.js
Requested by: Host: us-dtltk-tp.foryoupromo.com
URL: https://us-dtltk-tp.foryoupromo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f1f650f9b6d36d8cea53b3e92adbe03d44204b8e226ebb1f966724c9ddb8079

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
etag: W/"289-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IgOLRRh2aHcjyHjmUwb68g6k9900NlGHdPoznS0anZ32G8ikdybSqA4N8YepTVtaNshPIykm3Wa5tJvlsvW4BHM6tnvNEzebGMPuTcnx3gh51bPPz%2FaANiD6BX25fiLuKjEBDoKklK9%2B3N0XhD40r5SFqhflrij8zMU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
server: cloudflare
cache-control: public, max-age=31536000, immutable
cf-ray: 8a032fc7b88771d0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 _ssgManifest.js Show response
us-dtltk-tp.foryoupromo.com/_next/static/2PzxG3130YLqXqnhGbFhk/ 119 B
422 B 360ms
359ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-dtltk-tp.foryoupromo.com/_next/static/2PzxG3130YLqXqnhGbFhk/_ssgManifest.js
Requested by: Host: us-dtltk-tp.foryoupromo.com
URL: https://us-dtltk-tp.foryoupromo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d74bdd6d4a41d352668bd82d267ab63420ecf7e805d0bc55ed885bb26789b72

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
etag: W/"77-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B8oZipwITREd8NMKngP7DkF3abRvNS%2FvG2gbyDJfaJ74OlBvkWLoncok3b3B%2BwWgfPhqXMlDTNnchl0OqcMPevTIgrcQHuCGiqx8WS9hsqc2KQppLRuws%2FtJNHyoR44ZavyEKcFHIUmir1ak5l0BnfrCaSHZJGW7flY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
server: cloudflare
cache-control: public, max-age=31536000, immutable
cf-ray: 8a032fc7b88871d0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 2 KB
964 B 141ms
50ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: us-dtltk-tp.foryoupromo.com
URL: https://us-dtltk-tp.foryoupromo.com/_next/static/css/450880b54a3d9a28.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f90de736f6ff83da489522cee313c012ce3309322e062293f92680c64489f151

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 08 Jul 2024 21:32:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 08 Jul 2024 21:24:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 Jul 2024 21:32:23 GMT

GET
H2 200 cb1608f2.4b67b4d74d78a099.js Show response
us-dtltk-tp.foryoupromo.com/_next/static/chunks/ 4 KB
2 KB 61ms
59ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/cb1608f2.4b67b4d74d78a099.js
Requested by: Host: us-dtltk-tp.foryoupromo.com
URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/webpack-82f5895db053527f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ccf543350d6a4c5910bb8557058274fc37430426790eef4df9c1bf9aea667cd

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:24 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
age: 84540
x-do-orig-status: 200
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"f1f-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fn%2FbXP64GOMLtg4G0vj7h2cu8K2gPMUARAqE6UkHYSFMfXcd%2FXLs0%2FTDSsd1hM%2BbynawldaX5c%2FQuryR1OvU6qgi17VO53KZEyNoSJQRMUNkd4%2FzgepU5DYh2mj8RSJ9yey%2FvFkuYNStonJSKJC%2FWKw2iKUJ3cSP34Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8a032fcb2c9471d0-FRA

GET
H2 200 2814.600547a8c4b34b37.js Show response
us-dtltk-tp.foryoupromo.com/_next/static/chunks/ 42 KB
15 KB 60ms
58ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/2814.600547a8c4b34b37.js
Requested by: Host: us-dtltk-tp.foryoupromo.com
URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/webpack-82f5895db053527f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1ab66a7491b6307e5fdc14fbd5b0de4ecac697c38c3ef15ff140b976dc00720

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:24 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
age: 84540
x-do-orig-status: 200
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"a81a-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ueRbdnFCINmyNrxXGTnE%2F6Dk5rKxBZGlg6kco2NKPCRhmfSuOliPB2CVcm%2F%2Bv4geVuhKaQ6imP5O6s8MuUdkHz3NxlTs5oNbdAvu3%2BJC61D7JRavMC6%2B6vjYpwMCpQ3jI%2Fh4VfqC%2BfRwpWcc%2Ft6Ww6QPA2WN89aQ80U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8a032fcb2c9671d0-FRA

GET
H2 200 ffcceef0bdb89207.css
us-dtltk-tp.foryoupromo.com/_next/static/css/ 1 KB
781 B 60ms
58ms Stylesheet
text/css 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-dtltk-tp.foryoupromo.com/_next/static/css/ffcceef0bdb89207.css
Requested by: Host: us-dtltk-tp.foryoupromo.com
URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/webpack-82f5895db053527f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb9f4f94a17e3726e2a7feaa2d2bff01b52a814ef269f8bea7c051e602efe3b2

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:24 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
age: 84540
x-do-orig-status: 200
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"5e4-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DB9jDRfWVf5ytzZFTtaPdRC1Es5p8SfXNO5wXhIKtk4L6oeQ0dMJAOHhKoaCWfiEA1skTRHIMchyvdlgBV7%2BXL9RVx8981ne91kp7etC5xyyt7M5k2vDdACvYVoMe1TAmK339ubJ8tb1lvnWdP762SU4q%2B%2FvWYgAtEE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8a032fcb2c9271d0-FRA

GET
H2 200 4847.83426cf413b39e17.js Show response
us-dtltk-tp.foryoupromo.com/_next/static/chunks/ 13 KB
5 KB 229ms
228ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/4847.83426cf413b39e17.js
Requested by: Host: us-dtltk-tp.foryoupromo.com
URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/webpack-82f5895db053527f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5387f4c5659b3534ace66e050b2bc85902e311c316ddde97d6eec057c848ec64

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:24 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
etag: W/"34d8-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AlQRFiXbN2%2B8f9JRsQ8sxAWbV%2FvNmz3I3g63OCLOXX0k9L4%2FzTnR8YVV7eQJAimHuY6YDTE2XwEFXl7lSDjQYoIWdNIpwESq%2FzeAkuJd53O%2B0W8JEFWtFEXXKuW73Z2HprlkAmxqxI51TCjC3rAhh0t99FhiKeP7euI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
server: cloudflare
cache-control: public, max-age=31536000, immutable
cf-ray: 8a032fcb2c9871d0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
lpapi.d-promo.com/survey/getSurveyData/32_questions.json/ 251 KB
89 KB 325ms
230ms XHR
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lpapi.d-promo.com/survey/getSurveyData/32_questions.json/
Requested by: Host: us-dtltk-tp.foryoupromo.com
URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/pages/_app-6ee37364e45a4389.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.28
Resource Hash: 1bbc24fac90ef650e13447c77ae660edbf7ad153dae92dd89449c9bedb68f902

Request headers

Accept: application/json, text/plain, */*
Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:24 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.28
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k0DdnFiCl7%2F5owY60Rjfu7BA2oy22aF4mqmIf%2FCYEdYEJ0ypoQjWa4nXwZQ1MZBLpZubyPSgtRS11f69sQJkha%2F3xG7l27VVL1hjfmtbhEb8bPZFVyzJ2Gv0kEZDVqHSOJPFlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://us-dtltk-tp.foryoupromo.com
access-control-allow-credentials: true
cf-ray: 8a032fccbecc5d5d-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
lpapi.d-promo.com/survey/getSurveyData/32_ads.json/ 450 KB
118 KB 281ms
186ms XHR
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lpapi.d-promo.com/survey/getSurveyData/32_ads.json/
Requested by: Host: us-dtltk-tp.foryoupromo.com
URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/pages/_app-6ee37364e45a4389.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.28
Resource Hash: ad483736965c9aec4a3b62f9bccf6a944a683c4ffbc3836a08dada1f078faef6

Request headers

Accept: application/json, text/plain, */*
Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:24 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.28
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WP0ZQxnM6OJ6q50M%2B%2B3CPX%2BNKnf2%2FYGZkqeKHAx3Ik0SSLOgRReycv7iIFnqpEhN7fF4wEjkgeJgFjM6yvC2WI7tjriG0jRrzh%2FXj%2FR2Th713w22yuCPSxaTEDNkzfcDpBNmBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://us-dtltk-tp.foryoupromo.com
access-control-allow-credentials: true
cf-ray: 8a032fccbec95d5d-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
lpapi.d-promo.com/survey/getSurveyData/32_cosponsors.json/ 21 KB
5 KB 368ms
273ms XHR
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lpapi.d-promo.com/survey/getSurveyData/32_cosponsors.json/
Requested by: Host: us-dtltk-tp.foryoupromo.com
URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/pages/_app-6ee37364e45a4389.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.28
Resource Hash: 60cbdd18ae02fa3e631da9f1e84c93cdc04f7a4cee9b773bf4091615e5f8dc1b

Request headers

Accept: application/json, text/plain, */*
Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:24 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.28
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cWUOFmbLXDcj%2BmgmkvEB8F%2BsUJ%2BZ7pyzkZS7Xnl8i1HrNhS99IBomiQim0UjdQWVCqBmP40QHZlwZJ5CJ%2BHqpO5vONKFsTdQ89tLBRO2q81KriBP30cL306pZi2RQox3f%2FCGXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://us-dtltk-tp.foryoupromo.com
access-control-allow-credentials: true
cf-ray: 8a032fccbec75d5d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 404 undefined
us-dtltk-tp.foryoupromo.com/ 2 KB
1 KB 145ms
132ms Other
text/html 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-dtltk-tp.foryoupromo.com/undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Next.js
Resource Hash: 5d365d568a6b596021072978939cfc527de4de58a4a5c39a1ed8b20f362fa06b

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 404
x-powered-by: Next.js
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H0gaLP9xqthA5x3OoTZ9psGEmzgWp9dD%2FT8siMS5gMwz120qj9%2B8il%2FU8tp3r08qV5rhbQCnaGShVZQVtKVgLLKw2cLmaxzwk46lZeiBc1ZpvDo0q6EcZ055wZ8rI6pxEokj65seNhcB%2BAqp7qItXgeTt5UzDkk03Xg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 8a032fcb8ce671d0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 pushNami.js Show response
us-dtltk-tp.foryoupromo.com/scripts/ 1 KB
855 B 243ms
231ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-dtltk-tp.foryoupromo.com/scripts/pushNami.js
Requested by: Host: us-dtltk-tp.foryoupromo.com
URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/main-3ddcad86c0b8c094.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 457b799d17a3c96d2bd5d8cea31f1329934862663740f0bc6807b1e4a9997a12

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:24 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
etag: W/"432-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EAjaLTLr12XbUrVfwIESR7%2F7AS3%2FLsFmt4Fa8ZE%2BHcf9kh2h%2B83AV1xU5od%2B6hZ2RaxIC3V9cujL4FKHwtHp3bnsnY%2Bl35LZvUyMv35DxboNMS9uIhaV3cwpyxnsf7R8jN05I0yU7FP8UBDayegcFr%2FRmUFRhhD4qN8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
server: cloudflare
cache-control: public, max-age=14400
cf-ray: 8a032fcb8ce871d0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17204743442190.7547285813764475&invert_field_sensitivity=false
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17204743442190.7547285813764475&invert_field_sensitivity=false

16 KB
6 KB

307ms
168ms

Script
application/javascript

2600:9000:2553:1200:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17204743442190.7547285813764475&invert_field_sensitivity=false
Protocol: H2
Server: 2600:9000:2553:1200:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5bd89bfca3ca1cb53de9cf357ddc8e0e2041837783db4d49995cfb5ddd4acbc9

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:25 GMT
x-amz-version-id: USH.kGm.LW1lWf1QLkIlyNzwTMcmWmXb
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 20:45:19 GMT
server: AmazonS3
via: 1.1 550c2239adc71d89da8c07f700c18f78.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P5
etag: W/"7714c59720fe363c09fbb7ada2282741"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: JmCVkyui0JlhWASQiRmeZ_fBlSzMKKQkBzvOQLtCfaSQl_-EZBVfhQ==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17204743442190.7547285813764475&invert_field_sensitivity=false
date: Mon, 08 Jul 2024 21:32:24 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 a62329fc-b047-95ca-1835-43098649ff47.js Show response
create.lidstatic.com/campaign/ 121 KB
39 KB 684ms
577ms Script
text/javascript 2606:4700:10::ac43:29e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2
Requested by: Host: us-dtltk-tp.foryoupromo.com
URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/pages/_app-6ee37364e45a4389.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:29e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e821beaa30c8849331b42d715e3b019cd97633fb3bad5aa3dfc3a6ba2f586898

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:24 GMT
x-amz-version-id: .CbreCnc.Mp5ld_oVdN4pJoyDQutiv81
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: S7FSJ1E96TYK9064
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: x5zITvI0AFjXhUFmG0BOqdcipqjqfhi8WoiiFlX6X0neEe/3eVxk9qNiCb6YvZoAX/01wsIUceJijkxb9JCU+PKravdW02Hc
last-modified: Thu, 18 Jan 2024 00:52:56 GMT
server: cloudflare
etag: W/"1de8777c60debe293fbb8f8e4c4a78eb"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 8a032fcc2e15916b-FRA

GET
H2 200 1626352700_dettoltest.png
im.us-imageo.com/upload/ 368 KB
369 KB 185ms
53ms Other
image/png 2606:4700:3035::ac43:becd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://im.us-imageo.com/upload/1626352700_dettoltest.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:becd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d8f3453bd1fea29e5069eb684ec38917b68f72c3c4919aa3028141992242f4f

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 241
alt-svc: h3=":443"; ma=86400
content-length: 376920
last-modified: Thu, 15 Jul 2021 12:38:20 GMT
server: cloudflare
etag: "60f02c3c-5c058"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UXpoCTMUGTQ7Bp%2FE7GnLCnnjX1DLZpgVO5V3XXoQBDZ4sK4urhchBg%2FIVDZ3E1SkpPRfjS%2FmZCnIByA5CIIH5FrNzqz034sLWAqDikamgn7hK0DguURjWaY5F75mmkMQnSwkHrvEAWaIsVnTAKdS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8a032fcc6ece1e6a-FRA

GET
H2 200 3641.3002d920b3ccc912.js Show response
us-dtltk-tp.foryoupromo.com/_next/static/chunks/ 3 KB
2 KB 61ms
60ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/3641.3002d920b3ccc912.js
Requested by: Host: us-dtltk-tp.foryoupromo.com
URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/webpack-82f5895db053527f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91eeb2d7da31803a9ff81305b22748f382cfcdd99421c3cde30ba24b345dca43

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:24 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
age: 84540
x-do-orig-status: 200
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"bfe-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z8nohzohy9%2FNc3h50t6vOTD5ZJHKZewIG6xz64uOQoV3CSmx6yseJnaZwe4OtmxGK4vNxd5jaO4g0hq8GTgo5ShREcUZsiOHUOh5gmvU7WhCHDSN5YTObYJAwkfBGYBB0J%2B3m65hdMF9e5ZH6IweJ2ioneejEfuspXE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8a032fccae1b71d0-FRA

GET
H2 200 6384.f47c613343806cd1.js Show response
us-dtltk-tp.foryoupromo.com/_next/static/chunks/ 4 KB
2 KB 60ms
60ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/6384.f47c613343806cd1.js
Requested by: Host: us-dtltk-tp.foryoupromo.com
URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/webpack-82f5895db053527f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fbff486932a0e42ec11d9519a14afede7325e6f9b2f51a6fbbbf225f8a69df5

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:24 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
age: 84540
x-do-orig-status: 200
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"1167-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VZpggRahMvclGrrMR7JZ13FXl%2BMzrGZQPd4w9V4a2i4yMmCUHlAn7XIBSEa18gESpWFKkzGzYUUT5z%2Bv%2FrGr1YSMTO86GZNj%2ByMqKg6XJexMx18d517KoNYdYKucBgnOiTJ%2BLYq6nHdEN3WtOOLgQgViCDUYLh%2FMyto%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8a032fccae1f71d0-FRA

GET
H2 200 3426.38fe6a01b318fc64.js Show response
us-dtltk-tp.foryoupromo.com/_next/static/chunks/ 7 KB
3 KB 274ms
273ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/3426.38fe6a01b318fc64.js
Requested by: Host: us-dtltk-tp.foryoupromo.com
URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/webpack-82f5895db053527f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93b32316ad4590a422b8d48c79ee3461b147c8f2222a26567abdca6f35a8b459

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:24 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
etag: W/"1dd7-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GUyjWNJ2udz8CBugF9wimtiNf32W4hCN%2BfQ5YS3Nvo4ITRf0pnsvEUyJGuPunmeZPRcUvzJ96dqiEg1KItB4JGnpaIN%2F02bLGETqyWQ%2Bzs4fGVHOkbsmvR97stMWnqhwSRnxMJJGTp%2BnNQL0o8OdrOtzw0kKvs1%2FSi0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
server: cloudflare
cache-control: public, max-age=31536000, immutable
cf-ray: 8a032fccae2271d0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 8910.a14c5ff2f5f3bf45.js Show response
us-dtltk-tp.foryoupromo.com/_next/static/chunks/ 1 KB
1 KB 58ms
58ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/8910.a14c5ff2f5f3bf45.js
Requested by: Host: us-dtltk-tp.foryoupromo.com
URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/webpack-82f5895db053527f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3173a996da5d9c0d9c981e92a33d3213387392e5af5b395546f23dedb2e39f38

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:24 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
age: 84540
x-do-orig-status: 200
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"483-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CpLvT5umueqgdQWH732k8G4zNBg1XzGj8Dyuvft7jC7Hf5Rs9rItkr0avQCXwD1x81MKxrbDgXOr7zgDhgiMnH9xt19W0nBxH%2FAFANr5ubq5HKYOjEfDuE1yvM1blqBlmU67hOuGQhaFz17ekUXAJR%2FR6pI%2BcOZj3kY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8a032fccae2371d0-FRA

GET
H2 200 image
us-dtltk-tp.foryoupromo.com/_next/ 15 KB
16 KB 147ms
147ms Image
image/webp 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us-dtltk-tp.foryoupromo.com/_next/image?url=https%3A%2F%2Fim.us-imageo.com%2Fupload%2F1561383747_yellow-banner-en.png&w=640&q=100

Requested by

Host: us-dtltk-tp.foryoupromo.com
URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/main-3ddcad86c0b8c094.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a53eef8a03ab984b8fbe27f5c85bd0da27c5ab7617d4e1adce24e1bf312710e0

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:24 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
x-nextjs-cache: HIT
content-disposition: inline; filename="1561383747_yellow-banner-en.webp"
alt-svc: h3=":443"; ma=86400
content-length: 15320
server: cloudflare
etag: pT7vigOrmEuPvif1yFvQ2ifFq3YX1OGtziThvzEnEOA=
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BRBMW7wxHU6vjKMNSjwjFTHv4%2B1K1Flf4rWXAHrFqciXpwRPsQCpLJNx%2BPPE2%2F8v%2B%2BD1yD%2B02Zl2aLAghhz4MYF6kuXljzgFACGowryhafZkU99i8Y%2F919kM75Wuab0F8DaJ7t2Bo2BdiQUHOEOzjNwvUHAh%2B%2Blzcr0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8a032fccae2571d0-FRA

GET
H2 200 image
us-dtltk-tp.foryoupromo.com/_next/ 83 KB
84 KB 239ms
238ms Image
image/webp 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us-dtltk-tp.foryoupromo.com/_next/image?url=https%3A%2F%2Fim.us-imageo.com%2Fupload%2F1626352700_dettoltest.png&w=640&q=100

Requested by

Host: us-dtltk-tp.foryoupromo.com
URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/main-3ddcad86c0b8c094.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70b2cf243389cdbbcf58770ddae35eadcfb9aaf75bffb5bc058bca6aa33ded2b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:24 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
x-nextjs-cache: HIT
content-disposition: inline; filename="1626352700_dettoltest.webp"
alt-svc: h3=":443"; ma=86400
content-length: 85470
server: cloudflare
etag: cLLPJDOJzbvPWHcN2uNerc+5qvdb-7W8BYvKaqM97Ss=
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AujVBQSiyNqwio0lUeSIcK9GZAh5hH9w1u9A9COZXNgDOIYsEWQWt78NghKgfHeWZk2qxV155AhY3p3Y%2FbYyFDlIfBbl%2BNKqZRlVXB9u1LESpdGrutrxiyafv%2Fw1q7JsI5fHany%2FEP7XYRZP3CpwKqOlIC0CkTymIww%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8a032fccae2771d0-FRA

GET
H2 200 eafabf029ad39a43-s.p.woff2
us-dtltk-tp.foryoupromo.com/_next/static/media/ 8 KB
8 KB 54ms
54ms Font
font/woff2 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-dtltk-tp.foryoupromo.com/_next/static/media/eafabf029ad39a43-s.p.woff2
Requested by: Host: us-dtltk-tp.foryoupromo.com
URL: https://us-dtltk-tp.foryoupromo.com/_next/static/css/ffcceef0bdb89207.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dc5d0c52428fe1696264907a1054ebbaac07f8cbe45832c105f819c2ae397c0

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/_next/static/css/ffcceef0bdb89207.css
Origin: https://us-dtltk-tp.foryoupromo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
age: 84540
x-do-orig-status: 200
alt-svc: h3=":443"; ma=86400
content-length: 7900
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"1edc-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kxj%2FGADQG%2F10167c29CcBtSZv4Yk5dgNYgUmCwgNrd6r8anpnLpmsxNP2zL%2FD1lmuZavR1YmovMMUDmMZXSf39jkvSzyIHedsSI94WzI8COncN3pUAnzdYrVFm5WHSLYA4eTKkH%2FXoKqPzcbqsfUx%2BfnSapT8EWgW18%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 8a032fccae3871d0-FRA

GET
H2 200 b957ea75a84b6ea7-s.p.woff2
us-dtltk-tp.foryoupromo.com/_next/static/media/ 8 KB
8 KB 54ms
53ms Font
font/woff2 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-dtltk-tp.foryoupromo.com/_next/static/media/b957ea75a84b6ea7-s.p.woff2
Requested by: Host: us-dtltk-tp.foryoupromo.com
URL: https://us-dtltk-tp.foryoupromo.com/_next/static/css/ffcceef0bdb89207.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 197a3cbd7290c242c5c765268cdd69a9a39867fdc80cd13071f243a81c56fb76

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/_next/static/css/ffcceef0bdb89207.css
Origin: https://us-dtltk-tp.foryoupromo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
age: 84540
x-do-orig-status: 200
alt-svc: h3=":443"; ma=86400
content-length: 7848
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"1ea8-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J8Lv0xSjnea0uMJyMEaR6yrXTTIlLRN6Iz9IrGvVlhag%2FoMmyIvt49rstnVoAy9ZxJetwLqTZFoGlqmb13Zu7vmaAzhPcB3eYocKoY2%2BXj8%2Ba7Np%2B5C7mcEoPx6TbOXiGJlKCo2wWsQKq8x1Gr1q8wLCuesRaWQAPhQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 8a032fccbe3f71d0-FRA

GET
H2 200 62a7807cf9e9090013c65cc7 Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 101 KB
21 KB 189ms
67ms Script
application/javascript 18.66.218.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Requested by: Host: us-dtltk-tp.foryoupromo.com
URL: https://us-dtltk-tp.foryoupromo.com/scripts/pushNami.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.218.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-218-121.mxp63.r.cloudfront.net
Software: /
Resource Hash: f8270aa8b94aeac4990049ae0d51cbe9d1b8a46ed69f42f591fd39921619ccf7

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:30:48 GMT
content-encoding: gzip
via: 1.1 5576e726d4446929d8b18e821340e0b2.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P2
age: 96
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
x-amz-cf-id: V9bebh82yMeaA-dJkBQT64z29C7qUT8JHgttCzn_E6SoaYkJ49xYFg==

GET
H2 200 image
us-dtltk-tp.foryoupromo.com/_next/ 15 KB
15 KB 236ms
235ms Image
image/webp 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us-dtltk-tp.foryoupromo.com/_next/image?url=https%3A%2F%2Fim.us-imageo.com%2Fupload%2F1561383747_yellow-banner-en.png&w=1920&q=100

Requested by

Host: us-dtltk-tp.foryoupromo.com
URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/main-3ddcad86c0b8c094.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a53eef8a03ab984b8fbe27f5c85bd0da27c5ab7617d4e1adce24e1bf312710e0

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:24 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
x-nextjs-cache: HIT
content-disposition: inline; filename="1561383747_yellow-banner-en.webp"
alt-svc: h3=":443"; ma=86400
content-length: 15320
server: cloudflare
etag: pT7vigOrmEuPvif1yFvQ2ifFq3YX1OGtziThvzEnEOA=
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Sisbx%2BTKzHMglbMWR64Z43We6rWTFRLirObFaNLqp1pWsRRENKSlNqp%2FoV%2BgwtQYIaNtBxB%2BBwVpVrddLmf2SbXXTubHxKHZ3vl14JvIxV7mgf2h8eAKI0X7dfdo0x0PPHbKvpke0qx6f1dK4kDFybVvTYrnqV%2BLDI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8a032fcd1ea971d0-FRA

GET
H2 200 fcm-v1-module.019781ec7a1c97363e85.bundle.js Show response
cdn.pushnami.com/js/modules/ 46 KB
15 KB 181ms
55ms Script
application/javascript 108.138.199.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushnami.com/js/modules/fcm-v1-module.019781ec7a1c97363e85.bundle.js
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.199.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-199-121.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b41d7402cbdab32acba31cfdd479730c74b7527fa7c881b0486098bd1a895607

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: DKNNXfrKVNQFoskvuTtbaAOVbVs0JYVO
content-encoding: gzip
via: 1.1 b28067dcf0cd83a34da216e94df8ba72.cloudfront.net (CloudFront)
date: Mon, 08 Jul 2024 20:55:12 GMT
last-modified: Fri, 10 May 2024 21:23:38 GMT
server: AmazonS3
x-amz-cf-pop: MXP64-P2
age: 2233
x-amz-server-side-encryption: AES256
etag: W/"09467cbbdfbe0b4f7131476215348a19"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: _HBiEqW5hz5ZPwfm2oXqwVl8Aw1HUSxPiP_4SSFnMbQpcKOCTdja9w==

GET
H2 200 hub
api.pushnami.com/scripts/v1/ Frame 0C9E 0
0 142ms
48ms Document
text/html 18.66.218.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushnami.com/scripts/v1/hub

Requested by

Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.218.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-218-107.mxp63.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *
X-Content-Security-Policy	default-src 'unsafe-inline' *

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: *
age: 1475
cache-control: no-cache
content-encoding: gzip
content-security-policy: default-src 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Mon, 08 Jul 2024 21:07:49 GMT
vary: accept-encoding
via: 1.1 75e36ac0b9d37c457faf66194257e560.cloudfront.net (CloudFront)
x-amz-cf-id: nT2L2ABjl4ihrV4lGfS92O3OgfJIZPD-Pnnq_vkzNOAvs7-NhwLPvg==
x-amz-cf-pop: MXP63-P2
x-cache: Hit from cloudfront
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *

GET
H2 200 7569.803336c3a23c48c4.js Show response
us-dtltk-tp.foryoupromo.com/_next/static/chunks/ 13 KB
4 KB 292ms
292ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/7569.803336c3a23c48c4.js
Requested by: Host: us-dtltk-tp.foryoupromo.com
URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/webpack-82f5895db053527f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78c90f94b3117eb4f1ebf0a6f361bcb24775075080dd1b92b7d488c5a83cc6bf

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:24 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
etag: W/"3492-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WGWlyMk%2B2l5ng2d5Tu12T8ZPqjd3TCLiIbRhd0Jf4neFnUZp3ZnBpbVf3E5splbdqGHPBpMRCF7VR26L3HlO%2Fnv8mSP5%2BB562nW77wqivdAYkyugBTNzOMSmMHwtdsXfV6n71pvMSFeM8W%2F1fKP4w50bUHoQztaAd0k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
server: cloudflare
cache-control: public, max-age=31536000, immutable
cf-ray: 8a032fce681a71d0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 2273.d29b96049463d5e4.js Show response
us-dtltk-tp.foryoupromo.com/_next/static/chunks/ 4 KB
2 KB 235ms
235ms Script
application/javascript 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/2273.d29b96049463d5e4.js
Requested by: Host: us-dtltk-tp.foryoupromo.com
URL: https://us-dtltk-tp.foryoupromo.com/_next/static/chunks/webpack-82f5895db053527f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fd227f0d7191499443b6585dcb31e46e90f8322ea64483f59d44c3f096ad6b3

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:24 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
etag: W/"107c-49773873e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T5j3lV2oFkPpbG2CXpWASOI1oCENhruhh6yfgET%2FlwbDKF%2FHPbPpoB5J7IiBffB51s74BkqwG6y%2F0jcVOu9CiBHu0OwncVStn4cjTDwhB8cML0yxg55q3%2FRFyue2QWWUXaQlT3nqiY1pnkjAg3RdLCiKSP82GKOtC5w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
server: cloudflare
cache-control: public, max-age=31536000, immutable
cf-ray: 8a032fce681e71d0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 psfpv4_client_1.126.1_1972ad39bab3c8f1331e288e27e211c34b421bdd275cf6d126a0630d2027683f.js Show response
cdn.pushnami.com/js/exp/ 332 KB
333 KB 58ms
58ms Script
application/javascript 108.138.199.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushnami.com/js/exp/psfpv4_client_1.126.1_1972ad39bab3c8f1331e288e27e211c34b421bdd275cf6d126a0630d2027683f.js
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.199.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-199-121.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1972ad39bab3c8f1331e288e27e211c34b421bdd275cf6d126a0630d2027683f

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: fqZJi451IsZ4b9ZE97VT.DK035kcgAxw
content-encoding: utf-8
via: 1.1 b28067dcf0cd83a34da216e94df8ba72.cloudfront.net (CloudFront)
date: Mon, 08 Jul 2024 21:18:20 GMT
x-amz-cf-pop: MXP64-P2
age: 847
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 339910
last-modified: Tue, 04 Jun 2024 21:56:41 GMT
server: AmazonS3
etag: "66394b4fbb861428f8db13d2f7ac0aab"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
x-amz-cf-id: mw3PGTy9hqycm8gBUT2SP9CcozfCWsk807W_WajwK5JWYEMLEsR4vw==

POST
H2 201 certs Show response
api.trustedform.com/ 475 B
686 B 359ms
121ms XHR
application/json 54.146.25.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17204743442190.7547285813764475&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.146.25.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-25-28.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 22d47f2be61755a3fc78da16bba9abb1cef91945366468e1a0a25845d42f1ddc

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 08 Jul 2024 21:32:25 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

POST
H2 200 GenerateToken Show response
create.leadid.com/2.12.1/ 36 B
981 B 423ms
307ms XHR
text/plain 45.223.19.68
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/GenerateToken?msn=1&pid=1f74ce3a-9048-41fc-b961-df5ad2333e4f&_=558510966

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.19.68 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

86a9da6d65e3c2caa229204a266fd9497a504aab28194245074e21b3258ad77e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 08 Jul 2024 21:32:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
x-cdn: Imperva
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
x-iinfo: 13-260570411-260570422 NNNY CT(96 96 0) RT(1720474344747 41) q(0 0 0 0) r(0 3) U24
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 image
us-dtltk-tp.foryoupromo.com/_next/ 158 B
616 B 144ms
144ms Image
image/webp 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us-dtltk-tp.foryoupromo.com/_next/image?url=%2Fimages%2FgreaterThan.png&w=16&q=100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c3894c673ada266451ff3b5cc75fae43cfa0f1e075a00ed4c09f53dfdfc8703

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:25 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
x-nextjs-cache: HIT
content-disposition: inline; filename="greaterThan.webp"
alt-svc: h3=":443"; ma=86400
content-length: 158
server: cloudflare
etag: XDiUxnOtomZFH-O1zHX65Dz6Dx4HWgDtTAn1Pf38hwM=
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iH8mPJFMCSxdeEUIk62eklLPF%2BzxfSYEUqLbtWvIoIAvnT1dZuCH0id9IMhK6chsFq%2F%2BNG08Ka0D%2BYqwDakOm3blKP2CT1g0dfOni2w3l28CG8hSWBEMwKnlR3JM9HnUzuRIxgxON8F0ezfUIm0V5znBTIHkdTL9aEQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=60, must-revalidate
cf-ray: 8a032fd04a3a71d0-FRA

GET
H2 200 trustedform-1.9.17.js Show response
cdn.trustedform.com/ 94 KB
36 KB 52ms
52ms Script
application/javascript 2600:9000:2553:1200:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.9.17.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17204743442190.7547285813764475&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2553:1200:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f3261b41b272b75587ac413fafb9b6ffd836858578557f32bea87b143dd0169

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: yPCS4iNdfsh5BqX6qtsN5d5eM3wY99Uk
content-encoding: gzip
via: 1.1 550c2239adc71d89da8c07f700c18f78.cloudfront.net (CloudFront)
date: Mon, 08 Jul 2024 21:32:15 GMT
last-modified: Thu, 06 Jun 2024 20:45:19 GMT
server: AmazonS3
x-amz-cf-pop: LHR61-P5
age: 11
etag: W/"8bed3069af20b4729a119828224df24b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ESzgjcsGM9xGA55GUFoFGS-PAHaj5EMiaxG3_i9y4LKnKCLyuqAVfg==

POST
H2 204 snapshot Show response
api.trustedform.com/certs/d2292f16245146ac998f435985510aebe44458a5/ 0
159 B 124ms
121ms XHR
text/plain 54.146.25.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/d2292f16245146ac998f435985510aebe44458a5/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.17.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.146.25.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-25-28.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 08 Jul 2024 21:32:25 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/d2292f16245146ac998f435985510aebe44458a5/ 0
159 B 126ms
122ms XHR
text/plain 54.146.25.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/d2292f16245146ac998f435985510aebe44458a5/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.17.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.146.25.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-25-28.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 08 Jul 2024 21:32:25 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H2 200 image
us-dtltk-tp.foryoupromo.com/_next/ 15 KB
0 1ms
1ms Image
image/webp 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us-dtltk-tp.foryoupromo.com/_next/image?url=https%3A%2F%2Fim.us-imageo.com%2Fupload%2F1561383747_yellow-banner-en.png&w=640&q=100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a53eef8a03ab984b8fbe27f5c85bd0da27c5ab7617d4e1adce24e1bf312710e0

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:24 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
x-nextjs-cache: HIT
content-disposition: inline; filename="1561383747_yellow-banner-en.webp"
alt-svc: h3=":443"; ma=86400
content-length: 15320
server: cloudflare
etag: pT7vigOrmEuPvif1yFvQ2ifFq3YX1OGtziThvzEnEOA=
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BRBMW7wxHU6vjKMNSjwjFTHv4%2B1K1Flf4rWXAHrFqciXpwRPsQCpLJNx%2BPPE2%2F8v%2B%2BD1yD%2B02Zl2aLAghhz4MYF6kuXljzgFACGowryhafZkU99i8Y%2F919kM75Wuab0F8DaJ7t2Bo2BdiQUHOEOzjNwvUHAh%2B%2Blzcr0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8a032fccae2571d0-FRA

GET
H2 200 image
us-dtltk-tp.foryoupromo.com/_next/ 83 KB
0 2ms
1ms Image
image/webp 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us-dtltk-tp.foryoupromo.com/_next/image?url=https%3A%2F%2Fim.us-imageo.com%2Fupload%2F1626352700_dettoltest.png&w=640&q=100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70b2cf243389cdbbcf58770ddae35eadcfb9aaf75bffb5bc058bca6aa33ded2b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:24 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
x-nextjs-cache: HIT
content-disposition: inline; filename="1626352700_dettoltest.webp"
alt-svc: h3=":443"; ma=86400
content-length: 85470
server: cloudflare
etag: cLLPJDOJzbvPWHcN2uNerc+5qvdb-7W8BYvKaqM97Ss=
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AujVBQSiyNqwio0lUeSIcK9GZAh5hH9w1u9A9COZXNgDOIYsEWQWt78NghKgfHeWZk2qxV155AhY3p3Y%2FbYyFDlIfBbl%2BNKqZRlVXB9u1LESpdGrutrxiyafv%2Fw1q7JsI5fHany%2FEP7XYRZP3CpwKqOlIC0CkTymIww%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8a032fccae2771d0-FRA

GET
H2 200 image
us-dtltk-tp.foryoupromo.com/_next/ 15 KB
0 2ms
2ms Image
image/webp 2606:4700:3030::6815:4ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us-dtltk-tp.foryoupromo.com/_next/image?url=https%3A%2F%2Fim.us-imageo.com%2Fupload%2F1561383747_yellow-banner-en.png&w=1920&q=100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:4ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a53eef8a03ab984b8fbe27f5c85bd0da27c5ab7617d4e1adce24e1bf312710e0

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:32:24 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin: 4c1fccf3-103a-472c-9b64-c862664ac86d
x-do-orig-status: 200
x-nextjs-cache: HIT
content-disposition: inline; filename="1561383747_yellow-banner-en.webp"
alt-svc: h3=":443"; ma=86400
content-length: 15320
server: cloudflare
etag: pT7vigOrmEuPvif1yFvQ2ifFq3YX1OGtziThvzEnEOA=
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Sisbx%2BTKzHMglbMWR64Z43We6rWTFRLirObFaNLqp1pWsRRENKSlNqp%2FoV%2BgwtQYIaNtBxB%2BBwVpVrddLmf2SbXXTubHxKHZ3vl14JvIxV7mgf2h8eAKI0X7dfdo0x0PPHbKvpke0qx6f1dK4kDFybVvTYrnqV%2BLDI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8a032fcd1ea971d0-FRA

GET
H/1.1 200
OK iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 230F 0
0 169ms
53ms Document
text/html 3.162.40.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=705C5CDC-9CE4-90E0-9124-D1829DBFB99E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

3.162.40.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-40-41.cdg52.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Age: 61560
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 08 Jul 2024 04:26:39 GMT
Etag: W/"65a0715c-dbb"
Last-Modified: Thu, 11 Jan 2024 22:53:16 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 5e9eaa4dae17f466e627d76765f5de64.cloudfront.net (CloudFront)
X-Amz-Cf-Id: _EcaL3QZcqpMduZPhSY4Vdw6djHOw-SufEY-3-M63wMfIiYIwXOHDw==
X-Amz-Cf-Pop: CDG52-P6
X-Cache: Hit from cloudfront
X-Cdn: Imperva
X-Iinfo: 12-17605595-17605598 NNNN CT(94 96 0) RT(1720239977562 5) q(0 0 2 0) r(3 3) U24

POST
H2 200 SaveDom Show response
create.leadid.com/2.12.1/ 0
733 B 345ms
343ms XHR
text/plain 45.223.19.68
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/SaveDom?msn=2&pid=1f74ce3a-9048-41fc-b961-df5ad2333e4f&token=705C5CDC-9CE4-90E0-9124-D1829DBFB99E&_=558510967

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.19.68 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 08 Jul 2024 21:32:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
x-cdn: Imperva
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
x-iinfo: 13-260570411-260570465 NNNN CT(99 99 0) RT(1720474344747 374) q(0 0 2 0) r(3 3) U24
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.12.1/ 0
721 B 150ms
149ms XHR
text/plain 45.223.19.68
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/InitFormData?msn=3&pid=1f74ce3a-9048-41fc-b961-df5ad2333e4f&token=705C5CDC-9CE4-90E0-9124-D1829DBFB99E&_=558510968

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.19.68 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 08 Jul 2024 21:32:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
x-cdn: Imperva
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
x-iinfo: 13-260570411-260570422 PNNy RT(1720474344747 374) q(0 0 0 3) r(1 1) U24
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ 10 KB
10 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript

POST
H2 204 events
api.trustedform.com/certs/d2292f16245146ac998f435985510aebe44458a5/ 0
159 B 120ms
119ms Ping
text/plain 54.146.25.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/d2292f16245146ac998f435985510aebe44458a5/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.17.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.146.25.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-25-28.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 08 Jul 2024 21:32:25 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 200 Snap Show response
create.leadid.com/2.12.1/ 0
757 B 875ms
825ms XHR
text/plain 45.223.19.68
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/Snap?msn=4&pid=1f74ce3a-9048-41fc-b961-df5ad2333e4f&token=705C5CDC-9CE4-90E0-9124-D1829DBFB99E&_=558510969

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.19.68 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 08 Jul 2024 21:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
x-cdn: Imperva
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
x-iinfo: 13-260570411-260570487 NNNY CT(93 93 0) RT(1720474344747 646) q(0 0 0 0) r(0 9) U24
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 201 data Show response
psp.pushnami.com/psfp/ 61 B
221 B 121ms
119ms Fetch
application/json 44.202.21.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/psfp/data
Requested by: Host: cdn.pushnami.com
URL: https://cdn.pushnami.com/js/exp/psfpv4_client_1.126.1_1972ad39bab3c8f1331e288e27e211c34b421bdd275cf6d126a0630d2027683f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.202.21.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-202-21-192.compute-1.amazonaws.com
Software: / Express
Resource Hash: a3f7b1c9ee99f49eb04aee501012696c9a4f2c94cc01ac3d55785edf66a1852f

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/octet-stream

Response headers

access-control-allow-origin: *
date: Mon, 08 Jul 2024 21:32:26 GMT
x-powered-by: Express
content-length: 61
etag: W/"3d-JcB41e4hTvKzTNnL8dKkzurNY6U"
content-type: application/json; charset=utf-8

OPTIONS
H2 204 data
psp.pushnami.com/psfp/ Frame 0
0 418ms
123ms Preflight 44.202.21.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/psfp/data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.202.21.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-202-21-192.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://us-dtltk-tp.foryoupromo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Mon, 08 Jul 2024 21:32:26 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

POST
H2 200 Snap Show response
create.leadid.com/2.12.1/ 0
732 B 1282ms
1257ms XHR
text/plain 45.223.19.68
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/Snap?msn=5&pid=1f74ce3a-9048-41fc-b961-df5ad2333e4f&token=705C5CDC-9CE4-90E0-9124-D1829DBFB99E&_=558510970

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.19.68 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 08 Jul 2024 21:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
x-cdn: Imperva
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
x-iinfo: 13-260570411-260570511 NNNY CT(94 95 0) RT(1720474344747 1117) q(0 0 0 0) r(0 13) U24
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 events Show response
api.trustedform.com/certs/d2292f16245146ac998f435985510aebe44458a5/ 0
159 B 125ms
122ms XHR
text/plain 54.146.25.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/d2292f16245146ac998f435985510aebe44458a5/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.17.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.146.25.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-25-28.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 08 Jul 2024 21:32:26 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 200 psp Show response
psp.pushnami.com/api/ 2 B
152 B 214ms
213ms Fetch
text/html 44.202.21.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.202.21.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-202-21-192.compute-1.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://us-dtltk-tp.foryoupromo.com/
key: 62a7807cf9e9090013c65cc7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Mon, 08 Jul 2024 21:32:26 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/html; charset=utf-8

OPTIONS
H2 204 psp
psp.pushnami.com/api/ Frame 0
0 117ms
117ms Preflight 44.202.21.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.202.21.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-202-21-192.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://us-dtltk-tp.foryoupromo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: key
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Mon, 08 Jul 2024 21:32:26 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

GET
H2 200 check
fpc.pushnami.com/psfp/f9918324-0b81-4beb-acaa-8d45fff97e5f/ 0
0 418ms
127ms Fetch 3.215.118.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fpc.pushnami.com/psfp/f9918324-0b81-4beb-acaa-8d45fff97e5f/check?websiteId=62a7807cf9e9090013c65cc6&psfpv4=875d5090-cbd2-54b0-b23f-3945515ca3a1
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.118.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-118-54.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://us-dtltk-tp.foryoupromo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 08 Jul 2024 21:32:26 GMT
content-length: 0
vary: Origin
x-request-id: Ihx091nCFNE1YA2b9SffhvkCh05g6rmB

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 372ms
117ms Preflight 3.218.59.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.218.59.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-218-59-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://us-dtltk-tp.foryoupromo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Mon, 08 Jul 2024 21:32:27 GMT

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 144ms
142ms Fetch
text/html 3.218.59.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.218.59.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-218-59-242.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://us-dtltk-tp.foryoupromo.com/
key: 62a7807cf9e9090013c65cc7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Mon, 08 Jul 2024 21:32:27 GMT
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
content-length: 2
content-type: text/html; charset=utf-8

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 119ms
117ms Fetch
text/html 3.218.59.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62a7807cf9e9090013c65cc7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.218.59.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-218-59-242.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://us-dtltk-tp.foryoupromo.com/
key: 62a7807cf9e9090013c65cc7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Mon, 08 Jul 2024 21:32:28 GMT
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
content-length: 2
content-type: text/html; charset=utf-8

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.znqroot.com/	1969-12-31 23:59:59	Name: sid Value: WaUl7ori83aYQ5JAo7I/wTF/KB/yrsPcWoDlYAaobR1ZshlSrOEkKA==
.znqroot.com/	1970-01-21 07:30:34	Name: trk Value: +m0EBmeR3Z5qB+V8gBa7YjF/KB/yrsPcWoDlYAaobR1ZshlSrOEkKA==
.znqroot.com/	1970-01-20 21:57:27	Name: c28865 Value: WaUl7ori83bSm/TVCTuXDkMo3X4mEj0xrE5YJ6UiPm8p0xs3iRZxxg==
us-dtltk-tp.foryoupromo.com/	1970-01-20 21:54:35	Name: leadid_token-B45AA041-3C06-BF07-E07C-262147A32593-A62329FC-B047-95CA-1835-43098649FF47 Value: 705C5CDC-9CE4-90E0-9124-D1829DBFB99E
.trueleadid.com/	1969-12-31 23:59:59	Name: nlbi_3051494 Value: ONesNfNcOE9UAw5vC30iGwAAAADD6NFPRuCJpb+LYw3LOmLl
.trueleadid.com/	1970-01-21 06:38:48	Name: visid_incap_3051494 Value: c6nX2IzeSnCzasFho6d99+lajGYAAAAAQUIPAAAAAAC/B5kBDLgduf54aIQOhd38
.trueleadid.com/	1969-12-31 23:59:59	Name: incap_ses_8077_3051494 Value: YkpoBtqPgkYsH6/kyUQXcOlajGYAAAAAFZDBBRU5oLQyCIA5bKePAQ==
.deviceid.trueleadid.com/	1970-01-21 07:30:34	Name: uuid Value: 465887b2741b482bbea17348e552f7f6
.leadid.com/	1970-01-21 06:38:48	Name: visid_incap_3079785 Value: i2wfi4JJSU+lVwl7nalozelajGYAAAAAQUIPAAAAAAC0VzCWGogM+b1OExd9MSd0
.leadid.com/	1969-12-31 23:59:59	Name: nlbi_3079785 Value: otkuOcYDh3Ga55qroCxIyQAAAADiuCxYEkqJ3h2vhGuSBLKx
.leadid.com/	1969-12-31 23:59:59	Name: incap_ses_8077_3079785 Value: QhCOTpQgBW9LH6/kyUQXcOpajGYAAAAAxC3zzABwFCmuhHlHkN086g==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://us-dtltk-tp.foryoupromo.com/undefined Message: Failed to load resource: the server responded with a status of 404 ()
other	error	URL: https://us-dtltk-tp.foryoupromo.com/#/?reqid=2318280045&oid=28865&a=1313&cid=560269&s1=172627 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.pushnami.com
api.trustedform.com
cdn.pushnami.com
cdn.trustedform.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
fonts.googleapis.com
fpc.pushnami.com
frstafflinks.com
im.us-imageo.com
lpapi.d-promo.com
psp.pushnami.com
trc.pushnami.com
us-dtltk-tp.foryoupromo.com
znqroot.com
108.138.199.121
18.66.218.107
18.66.218.121
188.114.96.3
2600:9000:2553:1200:1c:7f1a:6680:93a1
2606:4700:10::ac43:29e5
2606:4700:3030::6815:4ebc
2606:4700:3035::ac43:becd
2a00:1450:4001:81c::200a
3.162.40.41
3.215.118.54
3.218.59.242
34.248.213.119
44.202.21.192
45.223.19.68
54.146.25.28
1972ad39bab3c8f1331e288e27e211c34b421bdd275cf6d126a0630d2027683f
197a3cbd7290c242c5c765268cdd69a9a39867fdc80cd13071f243a81c56fb76
1bbc24fac90ef650e13447c77ae660edbf7ad153dae92dd89449c9bedb68f902
1f3261b41b272b75587ac413fafb9b6ffd836858578557f32bea87b143dd0169
1fd227f0d7191499443b6585dcb31e46e90f8322ea64483f59d44c3f096ad6b3
22d47f2be61755a3fc78da16bba9abb1cef91945366468e1a0a25845d42f1ddc
3173a996da5d9c0d9c981e92a33d3213387392e5af5b395546f23dedb2e39f38
3dc5d0c52428fe1696264907a1054ebbaac07f8cbe45832c105f819c2ae397c0
43141b69c022a49aa784a5000800afe835462eb19f5ec9c2ba2d27797f3d3881
457b799d17a3c96d2bd5d8cea31f1329934862663740f0bc6807b1e4a9997a12
5387f4c5659b3534ace66e050b2bc85902e311c316ddde97d6eec057c848ec64
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5bd89bfca3ca1cb53de9cf357ddc8e0e2041837783db4d49995cfb5ddd4acbc9
5c3894c673ada266451ff3b5cc75fae43cfa0f1e075a00ed4c09f53dfdfc8703
5d365d568a6b596021072978939cfc527de4de58a4a5c39a1ed8b20f362fa06b
5fbff486932a0e42ec11d9519a14afede7325e6f9b2f51a6fbbbf225f8a69df5
60cbdd18ae02fa3e631da9f1e84c93cdc04f7a4cee9b773bf4091615e5f8dc1b
61a75661183e6662579e09e9fe34ef864e23a80b3f63224a7a3b78e22d99a904
6ccf543350d6a4c5910bb8557058274fc37430426790eef4df9c1bf9aea667cd
70b2cf243389cdbbcf58770ddae35eadcfb9aaf75bffb5bc058bca6aa33ded2b
78c90f94b3117eb4f1ebf0a6f361bcb24775075080dd1b92b7d488c5a83cc6bf
7d74bdd6d4a41d352668bd82d267ab63420ecf7e805d0bc55ed885bb26789b72
7f1f650f9b6d36d8cea53b3e92adbe03d44204b8e226ebb1f966724c9ddb8079
808eb1aa1ec1ee07e101b17e80454b47790ca3ad7079a19bf31edd6152fea2f2
86a9da6d65e3c2caa229204a266fd9497a504aab28194245074e21b3258ad77e
8bca92b278d68953e3f3e9bd23b31caabd8f3286f2ffc6c72239db68b7e02377
91eeb2d7da31803a9ff81305b22748f382cfcdd99421c3cde30ba24b345dca43
93b32316ad4590a422b8d48c79ee3461b147c8f2222a26567abdca6f35a8b459
9d8f3453bd1fea29e5069eb684ec38917b68f72c3c4919aa3028141992242f4f
9f8286214f7f23287908ec2c6da7f8ea5ed67fef0bd3a7d70eead2411033b8dd
a3f7b1c9ee99f49eb04aee501012696c9a4f2c94cc01ac3d55785edf66a1852f
a53eef8a03ab984b8fbe27f5c85bd0da27c5ab7617d4e1adce24e1bf312710e0
a993ce3d266f5930e6fea3968856467f7b02ccb315c63f3f1174832bd56783d0
ad483736965c9aec4a3b62f9bccf6a944a683c4ffbc3836a08dada1f078faef6
b41d7402cbdab32acba31cfdd479730c74b7527fa7c881b0486098bd1a895607
bb9f4f94a17e3726e2a7feaa2d2bff01b52a814ef269f8bea7c051e602efe3b2
bd5a8bf01b18579835da62a4f99c3296d28e6d42e2c7d661fc0f7f04e580c732
c085969288e366f115fd6ba1c93ce5c3ffecb65f6298a770385e192872f96252
e1ab66a7491b6307e5fdc14fbd5b0de4ecac697c38c3ef15ff140b976dc00720
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e821beaa30c8849331b42d715e3b019cd97633fb3bad5aa3dfc3a6ba2f586898
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
f8270aa8b94aeac4990049ae0d51cbe9d1b8a46ed69f42f591fd39921619ccf7
f90de736f6ff83da489522cee313c012ce3309322e062293f92680c64489f151
fcfb1bcc951112abcd5f1878b47e6e5f0e122961f3102ce4d0af03430b20c898

us-dtltk-tp.foryoupromo.com Open in urlscan Pro 2606:4700:3030::6815:4ebc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

98 %HTTPS

31 %IPv6

11 Domains

16 Subdomains

16 IPs

4 Countries

1586 kBTransfer

3442 kBSize

11 Cookies

5 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

us-dtltk-tp.foryoupromo.com Open in urlscan Pro
2606:4700:3030::6815:4ebc Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

98 %
HTTPS

31 %
IPv6

11
Domains

16
Subdomains

16
IPs

4
Countries

1586 kB
Transfer

3442 kB
Size

11
Cookies

63 HTTP transactions
1 data transactions