freesamplesprousa.com Open in urlscan Pro
138.197.231.234 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://f0undlth3r3.link/xyjfC2Cx
Effective URL:
https://freesamplesprousa.com/?cid=bgymv&t1=49&t2=&t3=b4634db43fd540caa5af273e8b004c4e&t4=&t5=&t6={aff_sub6}&t7=chickfila&tran...
Submission: On November 09 via manual (November 9th 2022, 9:50:34 pm UTC) from US — Scanned from US

Summary HTTP 81 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 28 IPs in 1 countries across 23 domains to perform 81 HTTP transactions. The main IP is 138.197.231.234, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is freesamplesprousa.com. The Cisco Umbrella rank of the primary domain is 283290.
TLS certificate: Issued by R3 on October 9th 2022. Valid for: 3 months.

This is the only time freesamplesprousa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.21.33.16 52.21.33.16	14618 (AMAZON-AES) (AMAZON-AES)
2	34.197.139.22 34.197.139.22	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.120.91.40 34.120.91.40	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.198.147.111 34.198.147.111	14618 (AMAZON-AES) (AMAZON-AES)
15	138.197.231.234 138.197.231.234	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
18	104.26.0.125 104.26.0.125	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:310... 2606:4700:3108::ac42:2b54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:27b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	52.22.23.67 52.22.23.67	14618 (AMAZON-AES) (AMAZON-AES)
3	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
3	100.24.222.39 100.24.222.39	14618 (AMAZON-AES) (AMAZON-AES)
1	108.139.29.79 108.139.29.79	() ()
1	18.164.115.171 18.164.115.171	() ()
1	52.73.153.179 52.73.153.179	() ()
1	151.101.2.137 151.101.2.137	() ()
2	2607:f8b0:400... 2607:f8b0:4006:817::2008	() ()
2	2600:141b:500... 2600:141b:5000::17df:9d92	() ()
1	18.164.124.11 18.164.124.11	() ()
1	162.247.241.14 162.247.241.14	() ()
2	44.193.168.200 44.193.168.200	() ()
5	34.111.96.116 34.111.96.116	() ()
1	2600:1901:0:c... 2600:1901:0:cba2::	() ()
1	67.202.7.197 67.202.7.197	() ()
1	2607:f8b0:400... 2607:f8b0:4006:816::200e	() ()
2	2607:f8b0:400... 2607:f8b0:4006:824::200e	() ()
2	107.20.156.243 107.20.156.243	() ()
1	2001:4860:480... 2001:4860:4802:32::181	() ()
2	2607:f8b0:400... 2607:f8b0:4004:c1b::9d	() ()
1	2607:f8b0:400... 2607:f8b0:4006:81f::2004	() ()
81	28

1 52.21.33.16 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: us-ip-1.short.io

f0undlth3r3.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.197.139.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-139-22.compute-1.amazonaws.com

innerbagepizona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.91.40 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 40.91.120.34.bc.googleusercontent.com

www.rg5dxbl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.198.147.111 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-147-111.compute-1.amazonaws.com

imtrk.go2cloud.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 138.197.231.234 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

freesamplesprousa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.26.0.125 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.freesamplesprousa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:2b54 (United States)

ASN13335 (CLOUDFLARENET, US)

gls.cap-cloud.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:27b6 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.22.23.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-23-67.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 100.24.222.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-222-39.compute-1.amazonaws.com

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.29.79 (None, )

ASN- ()

ads.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.115.171 (None, )

ASN- ()

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.73.153.179 (None, )

ASN- ()

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (None, )

ASN- ()

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::2008 (None, )

ASN- ()

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:5000::17df:9d92 (None, )

ASN- ()

pxlgnvwe-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.124.11 (None, )

ASN- ()

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (None, )

ASN- ()

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.193.168.200 (None, )

ASN- ()

psp.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.111.96.116 (None, )

ASN- ()

dts.gnvwe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:cba2:: (None, )

ASN- ()

dts6.gnvwe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.7.197 (None, )

ASN- ()

fpc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::200e (None, )

ASN- ()

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:824::200e (None, )

ASN- ()

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.20.156.243 (None, )

ASN- ()

trc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::181 (None, )

ASN- ()

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::9d (None, )

ASN- ()

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	freesamplesprousa.com freesamplesprousa.com — Cisco Umbrella Rank: 283290 assets.freesamplesprousa.com — Cisco Umbrella Rank: 664302	2 MB
9	leadid.com create.leadid.com — Cisco Umbrella Rank: 23024	6 KB
6	gnvwe.com dts.gnvwe.com dts6.gnvwe.com	1 KB
6	pushnami.com api.pushnami.com psp.pushnami.com fpc.pushnami.com trc.pushnami.com	2 KB
4	anura.io script.anura.io — Cisco Umbrella Rank: 75797 ads.anura.io	21 KB
3	gstatic.com fonts.gstatic.com	33 KB
2	doubleclick.net stats.g.doubleclick.net	374 B
2	google.com analytics.google.com www.google.com	852 B
2	google-analytics.com www.google-analytics.com	20 KB
2	akamaihd.net pxlgnvwe-a.akamaihd.net	37 KB
2	googletagmanager.com www.googletagmanager.com	160 KB
2	innerbagepizona.com innerbagepizona.com	1 KB
1	googleoptimize.com www.googleoptimize.com	42 KB
1	nr-data.net bam.nr-data.net	522 B
1	newrelic.com js-agent.newrelic.com	14 KB
1	trueleadid.com deviceid.trueleadid.com	2 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net	2 KB
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 38436	39 KB
1	cap-cloud.co gls.cap-cloud.co — Cisco Umbrella Rank: 409035	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	1 KB
1	go2cloud.org 1 redirects imtrk.go2cloud.org — Cisco Umbrella Rank: 407221	2 KB
1	rg5dxbl.com 1 redirects www.rg5dxbl.com	459 B
1	f0undlth3r3.link 1 redirects f0undlth3r3.link	614 B
81	23

	Domain	Requested by
18	assets.freesamplesprousa.com	freesamplesprousa.com assets.freesamplesprousa.com
15	freesamplesprousa.com	freesamplesprousa.com assets.freesamplesprousa.com
9	create.leadid.com	freesamplesprousa.com deviceid.trueleadid.com
5	dts.gnvwe.com	pxlgnvwe-a.akamaihd.net freesamplesprousa.com
3	script.anura.io	assets.freesamplesprousa.com freesamplesprousa.com
3	fonts.gstatic.com	fonts.googleapis.com
2	stats.g.doubleclick.net	www.googletagmanager.com freesamplesprousa.com
2	trc.pushnami.com	freesamplesprousa.com
2	www.google-analytics.com	www.googletagmanager.com freesamplesprousa.com
2	psp.pushnami.com	freesamplesprousa.com
2	pxlgnvwe-a.akamaihd.net	assets.freesamplesprousa.com pxlgnvwe-a.akamaihd.net
2	www.googletagmanager.com	assets.freesamplesprousa.com www.googletagmanager.com
2	innerbagepizona.com
1	www.google.com
1	analytics.google.com	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	fpc.pushnami.com	freesamplesprousa.com
1	dts6.gnvwe.com
1	bam.nr-data.net	js-agent.newrelic.com
1	api.pushnami.com	freesamplesprousa.com
1	js-agent.newrelic.com	freesamplesprousa.com
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	ads.anura.io	freesamplesprousa.com
1	create.lidstatic.com	assets.freesamplesprousa.com
1	gls.cap-cloud.co	freesamplesprousa.com
1	fonts.googleapis.com	freesamplesprousa.com
1	imtrk.go2cloud.org	1 redirects
1	www.rg5dxbl.com	1 redirects
1	f0undlth3r3.link	1 redirects
81	30

This site contains links to these domains. Also see Links.

Domain
privacyportal.onetrust.com

Subject Issuer	Validity	Valid
innerbagepizona.com R3	`2022-11-01` - `2023-01-30`	3 months	crt.sh
freesamplesprousa.com R3	`2022-10-09` - `2023-01-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-20` - `2023-04-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2022-03-30` - `2023-03-30`	a year	crt.sh
create.leadid.com Amazon	`2022-09-21` - `2023-10-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
script.anura.io Amazon	`2022-05-24` - `2023-06-22`	a year	crt.sh
ads.anura.io Amazon	`2022-06-29` - `2023-07-28`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
deviceid.trueleadid.com Amazon	`2022-01-07` - `2023-02-05`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
*.pushnami.com Amazon	`2022-04-03` - `2023-05-02`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
dts.gnvwe.com GTS CA 1D4	`2022-09-30` - `2022-12-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://freesamplesprousa.com/?cid=bgymv&t1=49&t2=&t3=b4634db43fd540caa5af273e8b004c4e&t4=&t5=&t6={aff_sub6}&t7=chickfila&transaction_id=102dd88c7d3cdec843dc43ef50ef51&email={email}&userFname={first_name}&last={last_name}&userAddress={address}&cityName={cityName}&stateName={state}&stateCode={state_code}&zipcode={zip}&countryName={country}&mobile={phone}&dobdate={dobdate}&dobmonth={dobmonth}&dobyear={dobyear}&gender={gender}
Frame ID: 7E407F717FB52725DD78C169BD68DA1B
Requests: 74 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=A68D1480-0EB9-3092-984E-262FCF530B67&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=BC6ACE80-34C7-A8CB-7454-AF2222F5F507&lac=262F10E5-92F1-5DE1-E89D-F5F47859F22E
Frame ID: FB7F1663631ED955A10FBDE5AB662EDC
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=A68D1480-0EB9-3092-984E-262FCF530B67&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=BC6ACE80-34C7-A8CB-7454-AF2222F5F507&lac=262F10E5-92F1-5DE1-E89D-F5F47859F22E
Frame ID: 16EF373746EB38EADACF86D3696FF1DA
Requests: 2 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 7C690A3914A195CD297E964B75722AE6
Requests: 1 HTTP requests in this frame

Frame: https://pxlgnvwe-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=24
Frame ID: 95C97EC6E3315D65EE7C4E1492F8DD45
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FREE SAMPLE PRO USA

Page URL History Show full URLs

https://f0undlth3r3.link/xyjfC2Cx HTTP 302
https://innerbagepizona.com/9e172ca8-2d1e-459b-b7f0-befe1fabe802?device_id=%5B%27%7Bdeviceid%7D%27%5D&me... Page URL
https://innerbagepizona.com/redirect?target=BASE64aHR0cHM6Ly93d3cucmc1ZHhibC5jb20vMzc5MzJRLzJHMUZLTTQvP3... Page URL
https://www.rg5dxbl.com/37932Q/2G1FKM4/?sub2=w35nncnohp4vptbk2qdu8454 HTTP 302
https://imtrk.go2cloud.org/aff_c?offer_id=4479&aff_id=1596&&aff_sub=49&aff_sub3=b4634db43fd540caa5af273... HTTP 302
https://freesamplesprousa.com/?cid=bgymv&t1=49&t2=&t3=b4634db43fd540caa5af273e8b004c4e&t4=&t5=&t6={aff_sub... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Pushnami (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.pushnami\.com

Page Statistics

81
Requests

100 %
HTTPS

40 %
IPv6

23
Domains

30
Subdomains

28
IPs

1
Countries

2039 kB
Transfer

2901 kB
Size

15
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://privacyportal.onetrust.com/webform/9778300d-e8e2-4455-a4ff-488f60a54302/b92d6edd-43ea-438d-a69e-2c9f9d05f236
Title: Do Not Sell My Personal Information

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://f0undlth3r3.link/xyjfC2Cx HTTP 302
https://innerbagepizona.com/9e172ca8-2d1e-459b-b7f0-befe1fabe802?device_id=%5B%27%7Bdeviceid%7D%27%5D&message_id=na&modem=nathan%3A+NE51201&port=None&phone=8013190042&utm_source=8013190042&domain=https%3A%2F%2Finnerbagepizona.com%2F9e172ca8-2d1e-459b-b7f0-befe1fabe802%3Fdevice_id%3D%7Bdeviceid%7D%26message_id%3D%7Bmessageid%7D%26phone%3D%26domain%3D Page URL
https://innerbagepizona.com/redirect?target=BASE64aHR0cHM6Ly93d3cucmc1ZHhibC5jb20vMzc5MzJRLzJHMUZLTTQvP3N1YjI9dzM1bm5jbm9ocDR2cHRiazJxZHU4NDU0&ts=1668030624231&hash=9XdhWPTepwCdWSBHyRfBH9znjdh4uHbdCOshc0IHH_4&rm=D Page URL
https://www.rg5dxbl.com/37932Q/2G1FKM4/?sub2=w35nncnohp4vptbk2qdu8454 HTTP 302
https://imtrk.go2cloud.org/aff_c?offer_id=4479&aff_id=1596&&aff_sub=49&aff_sub3=b4634db43fd540caa5af273e8b004c4e&aff_sub4= HTTP 302
https://freesamplesprousa.com/?cid=bgymv&t1=49&t2=&t3=b4634db43fd540caa5af273e8b004c4e&t4=&t5=&t6={aff_sub6}&t7=chickfila&transaction_id=102dd88c7d3cdec843dc43ef50ef51&email={email}&userFname={first_name}&last={last_name}&userAddress={address}&cityName={cityName}&stateName={state}&stateCode={state_code}&zipcode={zip}&countryName={country}&mobile={phone}&dobdate={dobdate}&dobmonth={dobmonth}&dobyear={dobyear}&gender={gender} Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://f0undlth3r3.link/xyjfC2Cx HTTP 302
https://innerbagepizona.com/9e172ca8-2d1e-459b-b7f0-befe1fabe802?device_id=%5B%27%7Bdeviceid%7D%27%5D&message_id=na&modem=nathan%3A+NE51201&port=None&phone=8013190042&utm_source=8013190042&domain=https%3A%2F%2Finnerbagepizona.com%2F9e172ca8-2d1e-459b-b7f0-befe1fabe802%3Fdevice_id%3D%7Bdeviceid%7D%26message_id%3D%7Bmessageid%7D%26phone%3D%26domain%3D

81 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

9e172ca8-2d1e-459b-b7f0-befe1fabe802
innerbagepizona.com/
Redirect Chain

https://f0undlth3r3.link/xyjfC2Cx
https://innerbagepizona.com/9e172ca8-2d1e-459b-b7f0-befe1fabe802?device_id=%5B%27%7Bdeviceid%7D%27%5D&message_id=na&modem=nathan%3A+NE51201&port=None&phone=8013190042&utm_source=8013190042&domain=h...

475 B
991 B

308ms
90ms

Document
text/html

34.197.139.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://innerbagepizona.com/9e172ca8-2d1e-459b-b7f0-befe1fabe802?device_id=%5B%27%7Bdeviceid%7D%27%5D&message_id=na&modem=nathan%3A+NE51201&port=None&phone=8013190042&utm_source=8013190042&domain=https%3A%2F%2Finnerbagepizona.com%2F9e172ca8-2d1e-459b-b7f0-befe1fabe802%3Fdevice_id%3D%7Bdeviceid%7D%26message_id%3D%7Bmessageid%7D%26phone%3D%26domain%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.197.139.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-139-22.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 475
content-type: text/html;charset=UTF-8
date: Wed, 09 Nov 2022 21:50:24 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx

Redirect headers

Date: Wed, 09 Nov 2022 21:50:23 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
connection: close
content-length: 0
content-type: text/html; charset=utf-8
location: https://innerbagepizona.com/9e172ca8-2d1e-459b-b7f0-befe1fabe802?device_id=%5B%27%7Bdeviceid%7D%27%5D&message_id=na&modem=nathan%3A+NE51201&port=None&phone=8013190042&utm_source=8013190042&domain=https%3A%2F%2Finnerbagepizona.com%2F9e172ca8-2d1e-459b-b7f0-befe1fabe802%3Fdevice_id%3D%7Bdeviceid%7D%26message_id%3D%7Bmessageid%7D%26phone%3D%26domain%3D
pragma: no-cache
x-content-type-options: nosniff

GET
H2 200 redirect
innerbagepizona.com/ 327 B
483 B 87ms
86ms Document
text/html 34.197.139.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://innerbagepizona.com/redirect?target=BASE64aHR0cHM6Ly93d3cucmc1ZHhibC5jb20vMzc5MzJRLzJHMUZLTTQvP3N1YjI9dzM1bm5jbm9ocDR2cHRiazJxZHU4NDU0&ts=1668030624231&hash=9XdhWPTepwCdWSBHyRfBH9znjdh4uHbdCOshc0IHH_4&rm=D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.197.139.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-139-22.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-type: text/html;charset=UTF-8
date: Wed, 09 Nov 2022 21:50:24 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx

GET
H2

200

Primary Request / Show response
freesamplesprousa.com/
Redirect Chain

https://www.rg5dxbl.com/37932Q/2G1FKM4/?sub2=w35nncnohp4vptbk2qdu8454
https://imtrk.go2cloud.org/aff_c?offer_id=4479&aff_id=1596&&aff_sub=49&aff_sub3=b4634db43fd540caa5af273e8b004c4e&aff_sub4=
https://freesamplesprousa.com/?cid=bgymv&t1=49&t2=&t3=b4634db43fd540caa5af273e8b004c4e&t4=&t5=&t6={aff_sub6}&t7=chickfila&transaction_id=102dd88c7d3cdec843dc43ef50ef51&email={email}&userFname={firs...

38 KB
17 KB

633ms
421ms

Document
text/html

138.197.231.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://freesamplesprousa.com/?cid=bgymv&t1=49&t2=&t3=b4634db43fd540caa5af273e8b004c4e&t4=&t5=&t6={aff_sub6}&t7=chickfila&transaction_id=102dd88c7d3cdec843dc43ef50ef51&email={email}&userFname={first_name}&last={last_name}&userAddress={address}&cityName={cityName}&stateName={state}&stateCode={state_code}&zipcode={zip}&countryName={country}&mobile={phone}&dobdate={dobdate}&dobmonth={dobmonth}&dobyear={dobyear}&gender={gender}

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.231.234 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

/ PHP/7.4.33

Resource Hash

3e8ad5000204e3e35c9acc0f6a36ff81a7561e7526c356c859b69c633ddfe12d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://innerbagepizona.com/redirect?target=BASE64aHR0cHM6Ly93d3cucmc1ZHhibC5jb20vMzc5MzJRLzJHMUZLTTQvP3N1YjI9dzM1bm5jbm9ocDR2cHRiazJxZHU4NDU0&ts=1668030624231&hash=9XdhWPTepwCdWSBHyRfBH9znjdh4uHbdCOshc0IHH_4&rm=D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 09 Nov 2022 21:50:25 GMT
leadgen_env: prod
leadgen_env_cookie
strict-transport-security: max-age=15724800; includeSubDomains
x-fastcgi-cache: BYPASS
x-powered-by: PHP/7.4.33
x-robots-tag: noindex
x-skip-cache: 1
x-verls: e7a35a9a-7b4f-4179-8e6e-eae647ffeb54
x-verluc: e3068de6-7ef0-45c7-a61a-f1466b0349ed

Redirect headers

Access-Control-Allow-Headers: Tune-SDK-Version
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 699
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 09 Nov 2022 21:50:24 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://freesamplesprousa.com/?cid=bgymv&t1=49&t2=&t3=b4634db43fd540caa5af273e8b004c4e&t4=&t5=&t6={aff_sub6}&t7=chickfila&transaction_id=102dd88c7d3cdec843dc43ef50ef51&email={email}&userFname={first_name}&last={last_name}&userAddress={address}&cityName={cityName}&stateName={state}&stateCode={state_code}&zipcode={zip}&countryName={country}&mobile={phone}&dobdate={dobdate}&dobmonth={dobmonth}&dobyear={dobyear}&gender={gender}
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Server: nginx
Tracking_id: 102dd88c7d3cdec843dc43ef50ef51
X-Request-Id: 074dce00a3056f47a5741b7a1d7382e6
X-Robots-Tag: noindex, nofollow

GET
H2 200 index-personalized-v1.css
assets.freesamplesprousa.com/css/personalized-flow/ 7 KB
2 KB 161ms
58ms Stylesheet
text/css 104.26.0.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.freesamplesprousa.com/css/personalized-flow/index-personalized-v1.css?v=1.1

Requested by

Host: freesamplesprousa.com
URL: https://freesamplesprousa.com/?cid=bgymv&t1=49&t2=&t3=b4634db43fd540caa5af273e8b004c4e&t4=&t5=&t6={aff_sub6}&t7=chickfila&transaction_id=102dd88c7d3cdec843dc43ef50ef51&email={email}&userFname={first_name}&last={last_name}&userAddress={address}&cityName={cityName}&stateName={state}&stateCode={state_code}&zipcode={zip}&countryName={country}&mobile={phone}&dobdate={dobdate}&dobmonth={dobmonth}&dobyear={dobyear}&gender={gender}

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.0.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d7dd7c136aef840ba04ecaf6932b01c186329bf842c26a4f16bb3f5be50984d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 15:32:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 815
etag: W/"636bc800-1a73"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KCk6JCoUE4Dd2W3pmQZCMPG045G4anFgx9YO2hSlR4%2FvgwM5u5FmaRLgbqEPzOkahTGhJ6u4Wj3ndo8inDcOf%2BWFfkcvrkof6f9DgmK15X%2BD9%2F715SU8qcNh8KDIQ%2FXIxNJIU4ngpI649aTneYI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7679c3935a8d572b-MIA

GET
H2 200 loader.css
assets.freesamplesprousa.com/css/personalized-flow/ 1 KB
719 B 166ms
64ms Stylesheet
text/css 104.26.0.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.freesamplesprousa.com/css/personalized-flow/loader.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.0.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0d4d3c9e7a3b400fb9fe863ee646680ed6c34fb3ce8d7bf3422accf9ad07d06

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 15:32:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 815
etag: W/"636bc800-433"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nb5KLJhksUHXibvwhvZSrVsndC3u9KTornO184xaKT9GK9eM3p28d6aDhNm0jdpnTt2YVW1FcW3s8%2BGy4AhUFPd%2B7LjuDl8EX%2BmiGF8nzggJ5%2FwcDEp6oFEgXnSzf5KWpGXWAbW6vzTsgaWqiV0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7679c3935a90572b-MIA

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 1108ms
91ms Stylesheet
text/css 2607:f8b0:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e8289409d2074d1390e1e7f6c31278f5e46490752445c2fd5ef222c41ce845d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Wed, 09 Nov 2022 21:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Wed, 09 Nov 2022 21:50:26 GMT

GET
H2 200 image.png
freesamplesprousa.com/event/ 70 B
1 KB 131ms
114ms Image
image/png 138.197.231.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freesamplesprousa.com/event/image.png?eventType=page-ab&eventName=imp&eventValue=FSPU-Dynamic-Flow-SPII-AutoSurvey-V5&eventData=bgymv

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.231.234 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

/ PHP/7.4.33

Resource Hash

497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/?cid=bgymv&t1=49&t2=&t3=b4634db43fd540caa5af273e8b004c4e&t4=&t5=&t6={aff_sub6}&t7=chickfila&transaction_id=102dd88c7d3cdec843dc43ef50ef51&email={email}&userFname={first_name}&last={last_name}&userAddress={address}&cityName={cityName}&stateName={state}&stateCode={state_code}&zipcode={zip}&countryName={country}&mobile={phone}&dobdate={dobdate}&dobmonth={dobmonth}&dobyear={dobyear}&gender={gender}
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:25 GMT
leadgen_env: prod
x-skip-cache: 1
strict-transport-security: max-age=15724800; includeSubDomains
accept-ch: Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List
x-powered-by: PHP/7.4.33
leadgen_env_cookie: never
vary: Origin
content-type: image/png
x-fastcgi-cache: BYPASS
cache-control: no-cache, private

GET
H2 200 session
gls.cap-cloud.co/identify/ 70 B
2 KB 1162ms
160ms Image
image/png 2606:4700:3108::ac42:2b54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gls.cap-cloud.co/identify/session?id=e7a35a9a-7b4f-4179-8e6e-eae647ffeb54

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:26 GMT
leadgen_env: prod
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.33
leadgen_env_cookie
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-skip-cache: 1
accept-ch: Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2cW%2B7iftygDg0oXVHadfD4k0pL3JVJWq5KajUtRyUz2osNDPXdv18ypPwZGcaEfc%2FChcbReksKmi128latmLEPFzBgzKxHUouOtpBXyRthvf40ngIgfruwvS592f3AbWsd63ZxZFGSYothpOKoo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-fastcgi-cache: BYPASS
cache-control: no-cache, private
cf-ray: 7679c398fa5fb3cd-MIA

GET
H2 200 image.png
freesamplesprousa.com/event/ 70 B
1 KB 156ms
141ms Image
image/png 138.197.231.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freesamplesprousa.com/event/image.png?eventType=section&eventName=imp&eventValue=registration&theme=3

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.231.234 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

/ PHP/7.4.33

Resource Hash

497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/?cid=bgymv&t1=49&t2=&t3=b4634db43fd540caa5af273e8b004c4e&t4=&t5=&t6={aff_sub6}&t7=chickfila&transaction_id=102dd88c7d3cdec843dc43ef50ef51&email={email}&userFname={first_name}&last={last_name}&userAddress={address}&cityName={cityName}&stateName={state}&stateCode={state_code}&zipcode={zip}&countryName={country}&mobile={phone}&dobdate={dobdate}&dobmonth={dobmonth}&dobyear={dobyear}&gender={gender}
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:25 GMT
leadgen_env: prod
x-skip-cache: 1
strict-transport-security: max-age=15724800; includeSubDomains
accept-ch: Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List
x-powered-by: PHP/7.4.33
leadgen_env_cookie: never
vary: Origin
content-type: image/png
x-fastcgi-cache: BYPASS
cache-control: no-cache, private

GET
H2 200 image.png
freesamplesprousa.com/event/ 70 B
1 KB 162ms
147ms Image
image/png 138.197.231.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freesamplesprousa.com/event/image.png?eventType=page&eventName=imp&eventValue=landing&theme=3

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.231.234 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

/ PHP/7.4.33

Resource Hash

497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/?cid=bgymv&t1=49&t2=&t3=b4634db43fd540caa5af273e8b004c4e&t4=&t5=&t6={aff_sub6}&t7=chickfila&transaction_id=102dd88c7d3cdec843dc43ef50ef51&email={email}&userFname={first_name}&last={last_name}&userAddress={address}&cityName={cityName}&stateName={state}&stateCode={state_code}&zipcode={zip}&countryName={country}&mobile={phone}&dobdate={dobdate}&dobmonth={dobmonth}&dobyear={dobyear}&gender={gender}
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:25 GMT
leadgen_env: prod
x-skip-cache: 1
strict-transport-security: max-age=15724800; includeSubDomains
accept-ch: Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List
x-powered-by: PHP/7.4.33
leadgen_env_cookie: never
vary: Origin
content-type: image/png
x-fastcgi-cache: BYPASS
cache-control: no-cache, private

GET
H2 200 header-logo.svg
assets.freesamplesprousa.com/images/personalized-flow/ 27 KB
9 KB 145ms
53ms Image
image/svg+xml 104.26.0.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.freesamplesprousa.com/images/personalized-flow/header-logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.0.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffa6ec6e1f8fee3c07cd3a68986bc7b609a28c2c8767aee77d60c5c9d9143188

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 15:32:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 815
etag: W/"636bc800-6a05"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYEzs3JdMc%2BeIZWa54ZCIVvc9LqCizyxbtUsNKS%2FGWuiaITho3APEgrZu7MbNeHVyLdR6%2FpX9KclwUHtP62goa0GQckBlEZaCyLxwqRlgwOGIw4w0tZmw8ZNHJmmeJK1hyrKCAMRpQK%2FOuArZhk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7679c3935a92572b-MIA

GET
H2 200 loader.png
assets.freesamplesprousa.com/images/personalized-flow/ 2 KB
2 KB 134ms
43ms Image
image/png 104.26.0.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.freesamplesprousa.com/images/personalized-flow/loader.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.0.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d2b913b945096309cfe5420a3d1f4c3cc724df8745121c48332f377633615dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 15:32:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 759
etag: "636bc800-6ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sAfTMQtPOK4XIsIKR1lztIjSMjYkQ3yMDqQUL93rBrSdL2pYU%2B%2FIWspwBkmhbktV25lVALsY6uKVBGpv2IR77Sf1jrYk3kA7hGuOWe0ZZea1bZ1sHGiB78rc672Dvt4pIQ5Q0ASxLvJsCK%2F1TBE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7679c3935a94572b-MIA
content-length: 1710

GET
H2 200 personaliz-img-left-arrow.png
assets.freesamplesprousa.com/images/personalized-flow/ 982 B
1 KB 136ms
45ms Image
image/png 104.26.0.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.freesamplesprousa.com/images/personalized-flow/personaliz-img-left-arrow.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.0.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

598f5909875c833a7cab94a642376a68139edad2b779e4459029ca95e9f502d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 15:32:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 815
etag: "636bc800-3d6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HRk1FODLARbFcuglPgCLEYL7qwPBiU3JptyQozX1JmaAcoT17RJ2MS626zcnvXDREcTDLGyqjfdy8GBcESffZFQZ%2FLANg1Q%2FkRyGFVmvsYUEjPOQY9FRw1t2%2FmBa0mbNIujooHDFpsal%2BDUilJk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7679c3935a96572b-MIA
content-length: 982

GET
H2 200 personaliz-img-right-arrow.png
assets.freesamplesprousa.com/images/personalized-flow/ 964 B
1 KB 137ms
47ms Image
image/png 104.26.0.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.freesamplesprousa.com/images/personalized-flow/personaliz-img-right-arrow.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.0.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8eba13e5751ff9f860ecbc77d39b32d38386d2e9c25c846d910f08773c8a8a00

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 15:32:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 815
etag: "636bc800-3c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7me8trzpT5cANFxjaNhc1Nqnhs2%2BLIcgRyNaudHn%2F7e8PY2mlyUONIGl3pVlXS6k%2FO4YY6nYQpqJReQQ6DXfzGoq9WyEbem9y7EHisznIfGsgpyge3uuOTuKMb8Yh5qIat3XsSBgZw5LVPGnjo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7679c3935a98572b-MIA
content-length: 964

GET
H2 200 config.js Show response
freesamplesprousa.com/js/ 25 KB
11 KB 129ms
123ms Script
application/javascript 138.197.231.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://freesamplesprousa.com/js/config.js?ver=1.2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.231.234 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

/ PHP/7.4.33

Resource Hash

a3e76ebc6edf9bc37382cdccd038f1150386308ca1a459d2db398ee8eb9d64a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/?cid=bgymv&t1=49&t2=&t3=b4634db43fd540caa5af273e8b004c4e&t4=&t5=&t6={aff_sub6}&t7=chickfila&transaction_id=102dd88c7d3cdec843dc43ef50ef51&email={email}&userFname={first_name}&last={last_name}&userAddress={address}&cityName={cityName}&stateName={state}&stateCode={state_code}&zipcode={zip}&countryName={country}&mobile={phone}&dobdate={dobdate}&dobmonth={dobmonth}&dobyear={dobyear}&gender={gender}
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:25 GMT
leadgen_env: prod
x-skip-cache: 1
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List
x-powered-by: PHP/7.4.33
leadgen_env_cookie: never
content-type: application/javascript
x-fastcgi-cache: BYPASS
cache-control: no-cache, private

GET
H2 200 app.js Show response
assets.freesamplesprousa.com/js/ 50 KB
13 KB 52ms
51ms Script
application/javascript 104.26.0.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.freesamplesprousa.com/js/app.js?ver=1.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.0.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88d636b4d3169c12ee5aa3d9f6d554ec30f10369ec97f5acbf4e3389c331c51c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 815
cf-polished: origSize=64871
cf-bgj: minify
last-modified: Wed, 09 Nov 2022 15:32:18 GMT
server: cloudflare
etag: W/"636bc802-fd67"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q1N8K02FOM1j6ebZCIE3ubhdq18VGF2dO4mhBmHujGcDdM0pLnrmbeR2Mg%2FUVOay%2BC8PSuyEBQXKGa1rfraN4v9wFfiWEItB%2FDsBPPfrCHu0j2LZq%2FKau%2FjXWSfv3%2B7sw3S%2F2Yj1UQv9WU4DvNs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7679c3938ada572b-MIA

GET
H2 200 lander.js Show response
assets.freesamplesprousa.com/js/ 41 KB
10 KB 60ms
59ms Script
application/javascript 104.26.0.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.freesamplesprousa.com/js/lander.js?ver=1.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.0.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f028cd739046c8cf3e16fb29cfe86dc42392c99db0fe22b025e11b961b0aac93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 815
cf-polished: origSize=55581
cf-bgj: minify
last-modified: Wed, 09 Nov 2022 15:32:18 GMT
server: cloudflare
etag: W/"636bc802-d91d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0c2EXSIk5ZJo%2FkOjou9RPn4MdNDhOCHuT2uVf0SlNcqlEEXyDr6b6xb3RsMCmwRhrhfUnAXiUq2Po1GI%2BAoDdut%2FrINT1SURrZkNslfes28G9%2F9PcqV1g3jleTZ34%2F85ZVEvg2897bOEY%2F25MQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7679c3938adc572b-MIA

GET
H2 200 register.js Show response
assets.freesamplesprousa.com/js/ 47 KB
11 KB 63ms
62ms Script
application/javascript 104.26.0.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.freesamplesprousa.com/js/register.js?ver=1.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.0.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61936439824959feabe0500ef50d77572eb786b26ba844794db358fe58294fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 815
cf-polished: origSize=62442
cf-bgj: minify
last-modified: Wed, 09 Nov 2022 15:32:18 GMT
server: cloudflare
etag: W/"636bc802-f3ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ewvsw4Z%2BBXlWjhNjOxN8fzhcQ5fEUhImacKmbMPugu9%2Bq5dk%2FDuIhRH8GjFE2Cj3GoqTzIsVj4j0ZTis0MNu3Z9ufTF1UmJvInT0jrp0cG%2BlfszqiH2xOyat662KKBl2wlJX64Wo%2BZ2fGoNxJMg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7679c3939ade572b-MIA

GET
H2 200 leadgen.js Show response
assets.freesamplesprousa.com/js/ 32 KB
10 KB 49ms
48ms Script
application/javascript 104.26.0.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.freesamplesprousa.com/js/leadgen.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.0.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fd717ddcad2e1e7593b1702923e056b81d5a3d8693425400ab50da7ca2acc4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 815
cf-polished: origSize=42288
cf-bgj: minify
last-modified: Wed, 09 Nov 2022 15:32:18 GMT
server: cloudflare
etag: W/"636bc802-a530"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwL3lyVfgVBs731Hgbx5MclJ%2FLWQeINO9j2M%2B%2FyB8e0%2FDqS%2FjHQNhyNfbhw2PpPWVF4GD9uekpYClNeduL1uv7X3dEZ7T9XZIdC1J3TIsTFUxUBQFfcoMZtXTl%2BAbgOgrQESAEg3ilEnJ7hEn%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7679c3939adf572b-MIA

GET
H2 200 dynamic-flowv1.js Show response
assets.freesamplesprousa.com/js/ 11 KB
3 KB 57ms
56ms Script
application/javascript 104.26.0.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.freesamplesprousa.com/js/dynamic-flowv1.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.0.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b09057a54e5505eaef99704ba6e73ee261251e48fc866691853e64d8284db77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 815
cf-polished: origSize=13627
cf-bgj: minify
last-modified: Wed, 09 Nov 2022 15:32:18 GMT
server: cloudflare
etag: W/"636bc802-353b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MS4hz3VTEHN3Jv7Y%2Bi%2BnUUy6X1za93P9EnhY7FkHIWRl5YsiZRNLM1rdCztpfz%2B8mcTXOzM9AdoLI0tXGxjhDcaiul%2FB7pr7UdmcxEhkuN%2BP%2FncW5HSb1IcyabERmN1Pn1j0CIJvIh9P7TSn44k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7679c3939ae0572b-MIA

GET
H2 200 dynamic-disclaimer.js Show response
assets.freesamplesprousa.com/js/ 632 B
629 B 71ms
70ms Script
application/javascript 104.26.0.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.freesamplesprousa.com/js/dynamic-disclaimer.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.0.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3195073c778f99f37ea9d49ec8a9bf69386446102028d0490eea69d1e4215fbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 815
cf-polished: origSize=747
cf-bgj: minify
last-modified: Wed, 09 Nov 2022 15:32:18 GMT
server: cloudflare
etag: W/"636bc802-2eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hkz54gysBDCHb996pCDO%2FAWpJ%2Bzl3Thhx7RBWRdsWbQGl8MNRrPqJL%2F%2F%2BEBPts60X0CqYfbnfjNorscZLjsIOlfE767S9OFpA2MTGW95dfv2c3Xc7zFHTNpwVG%2FICNed4gHaIwLfojwe9Em4hpk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7679c3939ae1572b-MIA

GET
H2 200 bc6ace80-34c7-a8cb-7454-af2222f5f507.js Show response
create.lidstatic.com/campaign/ 123 KB
39 KB 178ms
62ms Script
text/javascript 2606:4700:10::6816:27b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/bc6ace80-34c7-a8cb-7454-af2222f5f507.js?snippet_version=2
Requested by: Host: assets.freesamplesprousa.com
URL: https://assets.freesamplesprousa.com/js/app.js?ver=1.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:27b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6aa873c71c9ce2336b3269255289ebe101e2a3d58dac78d0208bf277f185bbc5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:26 GMT
x-amz-version-id: NsXYKIV3OiWuMKQBI5MgMaOF6lzDhMnA
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 24 Nov 2021 10:10:00 GMT
server: cloudflare
x-amz-request-id: 5N7FY6HDP1A1HFRG
age: 1769
etag: W/"826a59aa11f2630ab71b540536b50960"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
x-amz-replication-status: COMPLETED
cf-ray: 7679c39a7d4edb11-MIA
x-amz-id-2: F8Aj0up1Qd7pY5Egj3I1dQroH8+xgVgX9Y0lwzf7ZROYbYKFAxeGvCK7g9iz0eZhpEFLfwLeCEo=

GET
H2 200 anura.js Show response
assets.freesamplesprousa.com/js/ 3 KB
1 KB 58ms
56ms Script
application/javascript 104.26.0.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.freesamplesprousa.com/js/anura.js

Requested by

Host: assets.freesamplesprousa.com
URL: https://assets.freesamplesprousa.com/js/lander.js?ver=1.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.0.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92dc0fa646e3f748d1bed0adf2b1ecebc85555915159ee800c0d436376a4898b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 816
cf-polished: origSize=3850
cf-bgj: minify
last-modified: Wed, 09 Nov 2022 15:32:18 GMT
server: cloudflare
etag: W/"636bc802-f0a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IsLAAmt56Xm5mCY43ARlyv0ePYC2NR80MIhEDz%2F9V9CW7kDjcFLgiHRaDRkkkFaHpuPpNiZSfDIJ9M%2FQML37Gy5ZN5Zd5EgjHrb7DeDfzsBJ5l1putxxf448F3jX%2BrIJhjrAOU3iqJuoLf%2Fw97A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7679c399ca03572b-MIA

GET
H2 200 pushnami.js Show response
freesamplesprousa.com/js/ 2 KB
2 KB 124ms
122ms Script
application/javascript 138.197.231.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://freesamplesprousa.com/js/pushnami.js

Requested by

Host: assets.freesamplesprousa.com
URL: https://assets.freesamplesprousa.com/js/lander.js?ver=1.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.231.234 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

/ PHP/7.4.33

Resource Hash

6083de45adc6d17a0ee9f98a6eaa13a7b38c28ac2b655eb6f53ace90b1e1ebd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/?cid=bgymv&t1=49&t2=&t3=b4634db43fd540caa5af273e8b004c4e&t4=&t5=&t6={aff_sub6}&t7=chickfila&transaction_id=102dd88c7d3cdec843dc43ef50ef51&email={email}&userFname={first_name}&last={last_name}&userAddress={address}&cityName={cityName}&stateName={state}&stateCode={state_code}&zipcode={zip}&countryName={country}&mobile={phone}&dobdate={dobdate}&dobmonth={dobmonth}&dobyear={dobyear}&gender={gender}
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:26 GMT
leadgen_env: prod
x-skip-cache: 1
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List
x-powered-by: PHP/7.4.33
leadgen_env_cookie: never
content-type: application/javascript
x-fastcgi-cache: BYPASS
cache-control: max-age=18000, private

GET
H2 200 md5-converter.js Show response
assets.freesamplesprousa.com/js/ 5 KB
2 KB 53ms
52ms Script
application/javascript 104.26.0.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.freesamplesprousa.com/js/md5-converter.js

Requested by

Host: assets.freesamplesprousa.com
URL: https://assets.freesamplesprousa.com/js/lander.js?ver=1.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.0.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

baf197803e3359a094afc2a346fd4fa2c8ce55cc4656bf084f8f147f2c361423

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 923
cf-polished: origSize=7671
cf-bgj: minify
last-modified: Wed, 09 Nov 2022 15:32:18 GMT
server: cloudflare
etag: W/"636bc802-1df7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5PpKuFrmTTBEwBNAdAKbM3B1TSXszPGFb5atoMLgp2AbuL%2BXNTNGCWFlHidWuTzDhShdp8OW2Jhss%2B9l97at900qOenmP60d%2BSiCYnkAoy5lmp4tkXzlAdR0xkV0Y%2BYFoqer64OAYLtUlXqPACg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7679c399ca04572b-MIA

GET
H2 200 noscript.gif
create.leadid.com/ 43 B
641 B 239ms
79ms Image
image/gif 52.22.23.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://create.leadid.com/noscript.gif?lac=262f10e5-92f1-5de1-e89d-f5f47859f22e&lck=262f10e5-feed-beef-cafe-f5f47859f22e&snippet_version=2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.23.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-23-67.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:27 GMT
content-encoding: none
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Wed, 09 Nov 2022 21:50:27 GMT
server: nginx
etag: 4372499C-8968-4C10-867F-40D2C717FE5F
access-control-max-age: 1728000
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type

GET
H2 200 chickfila.png
assets.freesamplesprousa.com/images/dynamic-flow/ 1 MB
1 MB 54ms
53ms Image
image/png 104.26.0.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.freesamplesprousa.com/images/dynamic-flow/chickfila.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.0.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029571f31749d3ede6b30341688582e50da8109744ed0ec5ecabe4b9180a3067

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 15:32:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 159
etag: "636bc800-17a674"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuHJGEgA202B4PT6os0DFCXoLP4P4Cn2MgX9ICZfr5FgWSfrUT0rP9QurwbBCcXqSMihPOUdfgj3I%2B8wfmkYT3ExsK4RAATcZath1UWKO7LcQ2cLifoYjS2C4TZdqZ9%2BeOrAd7e4QX08GNPznso%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7679c399da10572b-MIA
content-length: 1549940

GET
H2 200 image.png
freesamplesprousa.com/event/ 70 B
1 KB 137ms
136ms Image
image/png 138.197.231.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freesamplesprousa.com/event/image.png?eventType=block&isBase64=1&eventData=eyJldmVudCI6IkR5bmFtaWNEZXRhaWxzIiwicGFnZXR5cGUiOiJsYW5kZXIiLCJ0dmFsdWUiOiJjaGlja2ZpbGEiLCJpc0NhY2hlZFJlc3BvbnNlIjp0cnVlLCJ0VmFsdWVFeGlzdCI6dHJ1ZSwidFZhbHVlUGFyYW0iOiJ0NyIsImVsdGltZSI6NX0%3D&eventType=block&eventName=imp&eventValue=dynamicdetails&eventPage=&r=88663

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.231.234 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

/ PHP/7.4.33

Resource Hash

497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/?cid=bgymv&t1=49&t2=&t3=b4634db43fd540caa5af273e8b004c4e&t4=&t5=&t6={aff_sub6}&t7=chickfila&transaction_id=102dd88c7d3cdec843dc43ef50ef51&email={email}&userFname={first_name}&last={last_name}&userAddress={address}&cityName={cityName}&stateName={state}&stateCode={state_code}&zipcode={zip}&countryName={country}&mobile={phone}&dobdate={dobdate}&dobmonth={dobmonth}&dobyear={dobyear}&gender={gender}
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:26 GMT
leadgen_env: prod
x-skip-cache: 1
strict-transport-security: max-age=15724800; includeSubDomains
accept-ch: Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List
x-powered-by: PHP/7.4.33
leadgen_env_cookie: never
vary: Origin
content-type: image/png
x-fastcgi-cache: BYPASS
cache-control: no-cache, private

GET
H2 200 index-desktop-top-bg.svg
assets.freesamplesprousa.com/images/personalized-flow/ 1 KB
988 B 122ms
122ms Image
image/svg+xml 104.26.0.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.freesamplesprousa.com/images/personalized-flow/index-desktop-top-bg.svg

Requested by

Host: assets.freesamplesprousa.com
URL: https://assets.freesamplesprousa.com/css/personalized-flow/index-personalized-v1.css?v=1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.0.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8348a9bd4cbd2e6a4eea21296f9ebc2847a2a87338e979611e4592364c9124a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://assets.freesamplesprousa.com/css/personalized-flow/index-personalized-v1.css?v=1.1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 15:32:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"636bc800-5ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9qE5qriM0GGaEFGrCK35%2BZbQqR0sS6L0YNpWEA18jQZL5V1bifGI4Fh62QvldDOq21dP6B0xGaU9Yp1WaJ2%2BrmIRz3sW%2BIQpEVFHHC1K87D9EbuLwcjrMJEIfkuwh0Bv3xN09DgsHvbjEK4tzo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7679c399da14572b-MIA

GET
DATA 200
OK truncated
/ 215 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a239303367d268dcb0e6807ca58e7dd8d99a2cfb44bc2628587ddc0d3f9ad646

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 414ms
239ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://freesamplesprousa.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 19:32:23 GMT
x-content-type-options: nosniff
age: 8284
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11040
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 19:32:23 GMT

GET
H2 200 arrow-w.svg
assets.freesamplesprousa.com/images/personalized-flow/ 2 KB
1 KB 74ms
73ms Image
image/svg+xml 104.26.0.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.freesamplesprousa.com/images/personalized-flow/arrow-w.svg

Requested by

Host: assets.freesamplesprousa.com
URL: https://assets.freesamplesprousa.com/css/personalized-flow/index-personalized-v1.css?v=1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.0.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29f84015f630229930c0f9dae6f8bb332f7d00bbd1e51051cc4013d8c5d0cf42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://assets.freesamplesprousa.com/css/personalized-flow/index-personalized-v1.css?v=1.1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 15:32:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 816
etag: W/"636bc800-92b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xKCAUuGzdG7ZNiXl51e8gtRg%2Bpd5EsQZhBewA2WYKSizjbEIzEBVV%2FnsjcZnLv9cpkVUFJaNSoHrQ3mAMW30f0u5qYOBgAEyPrDJ%2FZcTPETkJCH1D%2FuOGgmdppUIAzyaaVi1%2FLZD1GXKsriKRPU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7679c399fa34572b-MIA

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 428ms
257ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://freesamplesprousa.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 19:31:58 GMT
x-content-type-options: nosniff
age: 8309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11028
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 19:31:58 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 442ms
272ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c095079d4a8e339b58e50c7dd7e2c205604265ce6ed653d5af15110e774c2d29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://freesamplesprousa.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 19:32:23 GMT
x-content-type-options: nosniff
age: 8284
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10992
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 19:32:23 GMT

GET
H2 200 blacklist.js Show response
assets.freesamplesprousa.com/js/ 1 KB
668 B 58ms
55ms Script
application/javascript 104.26.0.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.freesamplesprousa.com/js/blacklist.js

Requested by

Host: assets.freesamplesprousa.com
URL: https://assets.freesamplesprousa.com/js/app.js?ver=1.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.0.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43a8671a5f897d1593aa709ddc246723cf20cc7a863cfb02020f55edca6a2e9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 816
cf-polished: origSize=1532
cf-bgj: minify
last-modified: Wed, 09 Nov 2022 15:32:18 GMT
server: cloudflare
etag: W/"636bc802-5fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Dgu3B1mr%2FICkWHzZNXiRXyfqWA6N4njk6aSIGBvFLHGTD3QYSXGXQ0%2BDky08UnslYsOER76RgUPU6WOFAdm93ImKbA%2FSbKPvAVo0jvgjOdoYWVA4thNtYlykWZK1p%2BboDrvekAlimZ6F%2Buml08%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7679c39a1a57572b-MIA

GET
H2 200 request.js Show response
script.anura.io/ 55 KB
20 KB 386ms
206ms Script
application/javascript 100.24.222.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=3508576879&source=null&campaign=bgymv&exid=e7a35a9a-7b4f-4179-8e6e-eae647ffeb54&callback=anuraCallback&93934245496

Requested by

Host: assets.freesamplesprousa.com
URL: https://assets.freesamplesprousa.com/js/anura.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.24.222.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-24-222-39.compute-1.amazonaws.com

Software

nginx /

Resource Hash

7bf5c26cb3863817a15d7967e2ca81dc6afe5aa2783fdccd7cce7f6934a701f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 21:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 pushnami-proxy.js Show response
freesamplesprousa.com/js/ 95 KB
24 KB 155ms
151ms Script
application/javascript 138.197.231.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://freesamplesprousa.com/js/pushnami-proxy.js?uid=e7a35a9a-7b4f-4179-8e6e-eae647ffeb54

Requested by

Host: freesamplesprousa.com
URL: https://freesamplesprousa.com/js/pushnami.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.231.234 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

/ PHP/7.4.33

Resource Hash

0995bb4eb4a00129985c1369b357adeb08fa4ff802bdd4c0effd22680e6ae32b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/?cid=bgymv&t1=49&t2=&t3=b4634db43fd540caa5af273e8b004c4e&t4=&t5=&t6={aff_sub6}&t7=chickfila&transaction_id=102dd88c7d3cdec843dc43ef50ef51&email={email}&userFname={first_name}&last={last_name}&userAddress={address}&cityName={cityName}&stateName={state}&stateCode={state_code}&zipcode={zip}&countryName={country}&mobile={phone}&dobdate={dobdate}&dobmonth={dobmonth}&dobyear={dobyear}&gender={gender}
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:27 GMT
leadgen_env: prod
x-skip-cache: 1
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List
x-powered-by: PHP/7.4.33
leadgen_env_cookie: never
content-type: application/javascript
x-fastcgi-cache: BYPASS
cache-control: max-age=18000, private

POST
H2 200 GenerateToken Show response
create.leadid.com/2.11.9/ 36 B
658 B 268ms
120ms XHR
text/plain 52.22.23.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=3db5cdc5-e661-408c-b304-777005380fff&_=728416354

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.23.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-23-67.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9c8ee8cfedeb75422bf154482ed5f7f717854cd1b9401c788fff0067b7eee7ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://freesamplesprousa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 09 Nov 2022 21:50:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 showads.js Show response
ads.anura.io/ 0
352 B 378ms
84ms XHR
application/javascript 108.139.29.79

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.anura.io/showads.js?675653596128
Requested by: Host: freesamplesprousa.com
URL: https://freesamplesprousa.com/?cid=bgymv&t1=49&t2=&t3=b4634db43fd540caa5af273e8b004c4e&t4=&t5=&t6={aff_sub6}&t7=chickfila&transaction_id=102dd88c7d3cdec843dc43ef50ef51&email={email}&userFname={first_name}&last={last_name}&userAddress={address}&cityName={cityName}&stateName={state}&stateCode={state_code}&zipcode={zip}&countryName={country}&mobile={phone}&dobdate={dobdate}&dobmonth={dobmonth}&dobyear={dobyear}&gender={gender}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.79 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 07:42:06 GMT
content-encoding: gzip
via: 1.1 ef73a156d5c211fdbb7e4231f2a0edca.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: JFK50-P2
age: 50902
vary: Accept-Encoding
x-cache: Hit from cloudfront
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
x-amz-cf-id: UCZtErUhg2YvIOfvgEidqWGw-2QEvyGqxDUYx_0GZyJ3A8gC4IYUhg==

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame FB7F 3 KB
2 KB 268ms
75ms Document
text/html 18.164.115.171

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=A68D1480-0EB9-3092-984E-262FCF530B67&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=BC6ACE80-34C7-A8CB-7454-AF2222F5F507&lac=262F10E5-92F1-5DE1-E89D-F5F47859F22E

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/bc6ace80-34c7-a8cb-7454-af2222f5f507.js?snippet_version=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.164.115.171 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://freesamplesprousa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: en-US,en;q=0.9

Response headers

Age: 37809
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 09 Nov 2022 11:20:19 GMT
ETag: W/"63472048-dbb"
Last-Modified: Wed, 12 Oct 2022 20:15:04 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 86a640712a72b4264f1681744fa48612.cloudfront.net (CloudFront)
X-Amz-Cf-Id: JuwCyjtrpwbFT2Mbgo-hdx1prPUwcWhFrju5Pk3QMo9_UxzD21z28w==
X-Amz-Cf-Pop: JFK50-P6
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.11.9/ 0
620 B 84ms
83ms XHR
text/plain 52.22.23.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=3db5cdc5-e661-408c-b304-777005380fff&token=A68D1480-0EB9-3092-984E-262FCF530B67&_=728416355

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.23.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-23-67.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://freesamplesprousa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 09 Nov 2022 21:50:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
620 B 75ms
75ms XHR
text/plain 52.22.23.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=3&pid=3db5cdc5-e661-408c-b304-777005380fff&token=A68D1480-0EB9-3092-984E-262FCF530B67&_=728416356

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.23.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-23-67.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://freesamplesprousa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 09 Nov 2022 21:50:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 response.json Show response
script.anura.io/ 47 B
401 B 313ms
142ms XHR
application/json 100.24.222.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/response.json

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.24.222.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-24-222-39.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f0debd8959e7e1d686deac03f5175a6f409cde08edefecb3088762ee0a5d1fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://freesamplesprousa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 21:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame 16EF 4 KB
2 KB 471ms
77ms Document
text/html 52.73.153.179

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=A68D1480-0EB9-3092-984E-262FCF530B67&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=BC6ACE80-34C7-A8CB-7454-AF2222F5F507&lac=262F10E5-92F1-5DE1-E89D-F5F47859F22E
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=A68D1480-0EB9-3092-984E-262FCF530B67&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=BC6ACE80-34C7-A8CB-7454-AF2222F5F507&lac=262F10E5-92F1-5DE1-E89D-F5F47859F22E
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.153.179 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=86400 public
content-encoding: gzip
content-type: text/html
date: Wed, 09 Nov 2022 21:50:28 GMT
etag: W/"632c7ff9-1049"
expires: Thu, 10 Nov 2022 21:50:28 GMT
last-modified: Thu, 22 Sep 2022 15:32:09 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server: nginx

POST
H2 200 result.json Show response
script.anura.io/ 41 B
398 B 99ms
99ms XHR
application/json 100.24.222.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/result.json

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.24.222.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-24-222-39.compute-1.amazonaws.com

Software

nginx /

Resource Hash

97d0a814e3f1a2a5a21a75ad6be71c956ee5ede400d425f74dde9de37cbd692e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://freesamplesprousa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 21:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

POST
H2 200 update-anura-response Show response
freesamplesprousa.com/api/survey/ 27 B
514 B 129ms
127ms Fetch
application/json 138.197.231.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://freesamplesprousa.com/api/survey/update-anura-response

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.231.234 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

/ PHP/7.4.33

Resource Hash

7bbde71e5f3d9e7fbcaccebabcd5064f0de17fd4cb5a3a79dee5db1278d6ac91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
X-VERLS: null
X-VERGL: null
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: application/json
Accept: application/json
Referer: https://freesamplesprousa.com/?cid=bgymv&t1=49&t2=&t3=b4634db43fd540caa5af273e8b004c4e&t4=&t5=&t6={aff_sub6}&t7=chickfila&transaction_id=102dd88c7d3cdec843dc43ef50ef51&email={email}&userFname={first_name}&last={last_name}&userAddress={address}&cityName={cityName}&stateName={state}&stateCode={state_code}&zipcode={zip}&countryName={country}&mobile={phone}&dobdate={dobdate}&dobmonth={dobmonth}&dobyear={dobyear}&gender={gender}
X-VERLUC: e7a35a9a-7b4f-4179-8e6e-eae647ffeb54

Response headers

date: Wed, 09 Nov 2022 21:50:28 GMT
leadgen_env: prod
x-skip-cache: 1
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List
x-powered-by: PHP/7.4.33
leadgen_env_cookie: never
x-ratelimit-remaining: 255
content-type: application/json
access-control-allow-origin: https://freesamplesprousa.com
cache-control: no-cache, private
access-control-allow-credentials: true
x-ratelimit-limit: 256
vary: Origin

GET
H2 200 image.png
freesamplesprousa.com/event/ 70 B
1 KB 175ms
174ms Image
image/png 138.197.231.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freesamplesprousa.com/event/image.png?eventType=page&isBase64=1&eventData=eyJyZXN1bHQiOiJiYWQiLCJtb2JpbGUiOjEsImFkYmxvY2tlciI6MCwiZXZlbnQiOiJBbnVyYVNwYW1DaGVjayIsImVsdGltZSI6MX0%3D&eventType=page&eventName=anura&eventValue=spamcheck&eventPage=&r=26248

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.231.234 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

/ PHP/7.4.33

Resource Hash

497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/?cid=bgymv&t1=49&t2=&t3=b4634db43fd540caa5af273e8b004c4e&t4=&t5=&t6={aff_sub6}&t7=chickfila&transaction_id=102dd88c7d3cdec843dc43ef50ef51&email={email}&userFname={first_name}&last={last_name}&userAddress={address}&cityName={cityName}&stateName={state}&stateCode={state_code}&zipcode={zip}&countryName={country}&mobile={phone}&dobdate={dobdate}&dobmonth={dobmonth}&dobyear={dobyear}&gender={gender}
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:28 GMT
leadgen_env: prod
x-skip-cache: 1
strict-transport-security: max-age=15724800; includeSubDomains
accept-ch: Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List
x-powered-by: PHP/7.4.33
leadgen_env_cookie: never
vary: Origin
content-type: image/png
x-fastcgi-cache: BYPASS
cache-control: no-cache, private

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.11.9/ Frame 16EF 0
624 B 94ms
91ms Script
text/javascript 52.22.23.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDeviceId.js?lac=262F10E5-92F1-5DE1-E89D-F5F47859F22E&lck=BC6ACE80-34C7-A8CB-7454-AF2222F5F507&methods=48&token=A68D1480-0EB9-3092-984E-262FCF530B67&uuid=aef44dbe538849eabd70a0e69b90ebdc

Requested by

Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=A68D1480-0EB9-3092-984E-262FCF530B67&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=BC6ACE80-34C7-A8CB-7454-AF2222F5F507&lac=262F10E5-92F1-5DE1-E89D-F5F47859F22E

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.23.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-23-67.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 nr-1216.min.js Show response
js-agent.newrelic.com/ 38 KB
14 KB 276ms
58ms Script
application/javascript 151.101.2.137

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1216.min.js
Requested by: Host: freesamplesprousa.com
URL: https://freesamplesprousa.com/?cid=bgymv&t1=49&t2=&t3=b4634db43fd540caa5af273e8b004c4e&t4=&t5=&t6={aff_sub6}&t7=chickfila&transaction_id=102dd88c7d3cdec843dc43ef50ef51&email={email}&userFname={first_name}&last={last_name}&userAddress={address}&cityName={cityName}&stateName={state}&stateCode={state_code}&zipcode={zip}&countryName={country}&mobile={phone}&dobdate={dobdate}&dobmonth={dobmonth}&dobyear={dobyear}&gender={gender}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: gzip
via: 1.1 varnish
date: Wed, 09 Nov 2022 21:50:29 GMT
x-amz-request-id: 1T9DWF219AKZKEGR
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14391
x-amz-id-2: xtM1jdGUUZYLEF+6v31bFq645UPvT0OWAFmr0OiCU1Mag3WdIdUuIIMll5SQd4zQsXEJy7RL0vo=
x-served-by: cache-mia11341-MIA
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1668030629.394468,VS0,VE0
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3506

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 238 KB
85 KB 391ms
86ms Script
application/javascript 2607:f8b0:4006:817::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P3W95G6

Requested by

Host: assets.freesamplesprousa.com
URL: https://assets.freesamplesprousa.com/js/app.js?ver=1.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4527df24656ee796539749fa6f397df3ce9e1419a4311a42ca5776b002817b0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86083
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 21:16:35 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 09 Nov 2022 21:50:29 GMT

GET
H/1.1 200
OK browserfp.min.js Show response
pxlgnvwe-a.akamaihd.net/javascripts/ 99 KB
33 KB 467ms
109ms Script
text/javascript 2600:141b:5000::17df:9d92

General

Check archive.org

Show headers Download Go to

Full URL: https://pxlgnvwe-a.akamaihd.net/javascripts/browserfp.min.js?templateId=24
Requested by: Host: assets.freesamplesprousa.com
URL: https://assets.freesamplesprousa.com/js/lander.js?ver=1.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2600:141b:5000::17df:9d92 -, , ASN (),
Reverse DNS
Software: / Express
Resource Hash: 3611b19e3106c21491763fdedaa1614792d6bc2e73a0f5dbf9730a9a66772642

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Wed, 09 Nov 2022 21:50:29 GMT
Content-Encoding: gzip
x-powered-by: Express
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Access-Control-Max-Age: 1800
Connection: keep-alive
Content-Length: 33176
Expires: Wed, 09 Nov 2022 21:55:29 GMT

POST
H2 200 campaign-initiate Show response
freesamplesprousa.com/api/survey/ 1 KB
1 KB 187ms
126ms Fetch
application/json 138.197.231.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://freesamplesprousa.com/api/survey/campaign-initiate?cid=bgymv&t1=49&t2=&t3=b4634db43fd540caa5af273e8b004c4e&t4=&t5=&t6={aff_sub6}&t7=chickfila&transaction_id=102dd88c7d3cdec843dc43ef50ef51&email={email}&userFname={first_name}&last={last_name}&userAddress={address}&cityName={cityName}&stateName={state}&stateCode={state_code}&zipcode={zip}&countryName={country}&mobile={phone}&dobdate={dobdate}&dobmonth={dobmonth}&dobyear={dobyear}&gender={gender}&uid=e7a35a9a-7b4f-4179-8e6e-eae647ffeb54&leadgenuid=e3068de6-7ef0-45c7-a61a-f1466b0349ed

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.231.234 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

/ PHP/7.4.33

Resource Hash

1489aff3fdd2f7a0813c29433dec88865ac115d8d37c6397fd40042b75338d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
X-VERLS: null
X-VERGL: null
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: application/json
Accept: application/json
Referer: https://freesamplesprousa.com/?cid=bgymv&t1=49&t2=&t3=b4634db43fd540caa5af273e8b004c4e&t4=&t5=&t6={aff_sub6}&t7=chickfila&transaction_id=102dd88c7d3cdec843dc43ef50ef51&email={email}&userFname={first_name}&last={last_name}&userAddress={address}&cityName={cityName}&stateName={state}&stateCode={state_code}&zipcode={zip}&countryName={country}&mobile={phone}&dobdate={dobdate}&dobmonth={dobmonth}&dobyear={dobyear}&gender={gender}
X-VERLUC: e7a35a9a-7b4f-4179-8e6e-eae647ffeb54

Response headers

date: Wed, 09 Nov 2022 21:50:29 GMT
leadgen_env: prod
x-skip-cache: 1
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List
x-powered-by: PHP/7.4.33
leadgen_env_cookie: never
x-ratelimit-remaining: 255
content-type: application/json
access-control-allow-origin: https://freesamplesprousa.com
cache-control: no-cache, private
access-control-allow-credentials: true
x-ratelimit-limit: 256
vary: Origin

GET
H2 200 hub Show response
api.pushnami.com/scripts/v1/ Frame 7C69 2 KB
1 KB 298ms
67ms Document
text/html 18.164.124.11

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushnami.com/scripts/v1/hub

Requested by

Host: freesamplesprousa.com
URL: https://freesamplesprousa.com/js/pushnami-proxy.js?uid=e7a35a9a-7b4f-4179-8e6e-eae647ffeb54

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.11 -, , ASN (),

Reverse DNS

Software

Resource Hash

2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *
X-Content-Security-Policy	default-src 'unsafe-inline' *

Request headers

Referer: https://freesamplesprousa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: *
age: 451
cache-control: no-cache
content-encoding: gzip
content-security-policy: default-src 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Wed, 09 Nov 2022 21:42:58 GMT
vary: accept-encoding
via: 1.1 d0abe8e02f00bbb3378a9a4149801740.cloudfront.net (CloudFront)
x-amz-cf-id: xBE6e1fEifpRgT5IhDUzOJjMKfzML-OUDsnM8cLizea0NFKpcBzG8Q==
x-amz-cf-pop: JFK50-P7
x-cache: Hit from cloudfront
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
620 B 288ms
177ms XHR
text/plain 52.22.23.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=4&pid=3db5cdc5-e661-408c-b304-777005380fff&token=A68D1480-0EB9-3092-984E-262FCF530B67&_=728416357

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.23.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-23-67.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://freesamplesprousa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 09 Nov 2022 21:50:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK NRJS-2598d96435bb8be4aff Show response
bam.nr-data.net/1/ 49 B
522 B 294ms
156ms Script
text/javascript 162.247.241.14

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-2598d96435bb8be4aff?a=1553084189&v=1216.487a282&to=blZaYUUHXUdVVUdbW1cceVZDD1xaG3dDQmhxR0xFayVcWkBEXF5YXEFLaWcHVFF3WV1GRlZfVFBFJlRRQHpSXFBcQWhUUAM%3D&rst=5129&ck=0&ref=https://freesamplesprousa.com/&ap=313&be=1233&fe=4658&dc=2420&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1668030624449,%22n%22:0,%22f%22:567,%22dn%22:568,%22dne%22:577,%22c%22:577,%22s%22:667,%22ce%22:780,%22rq%22:780,%22rp%22:1201,%22rpe%22:1236,%22dl%22:1207,%22di%22:2419,%22ds%22:2420,%22de%22:2423,%22dc%22:4657,%22l%22:4657,%22le%22:4755%7D,%22navigation%22:%7B%7D%7D&fp=2431&fcp=2431&at=QhFZFw0dTkk%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Wed, 09 Nov 2022 21:50:29 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 7679c3ac0c9c8dde-MIA

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
620 B 99ms
96ms XHR
text/plain 52.22.23.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=5&pid=3db5cdc5-e661-408c-b304-777005380fff&token=A68D1480-0EB9-3092-984E-262FCF530B67&_=728416358

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.23.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-23-67.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://freesamplesprousa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 09 Nov 2022 21:50:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 psp Show response
psp.pushnami.com/api/ 2 B
227 B 112ms
111ms Fetch
text/html 44.193.168.200

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Requested by: Host: freesamplesprousa.com
URL: https://freesamplesprousa.com/?cid=bgymv&t1=49&t2=&t3=b4634db43fd540caa5af273e8b004c4e&t4=&t5=&t6={aff_sub6}&t7=chickfila&transaction_id=102dd88c7d3cdec843dc43ef50ef51&email={email}&userFname={first_name}&last={last_name}&userAddress={address}&cityName={cityName}&stateName={state}&stateCode={state_code}&zipcode={zip}&countryName={country}&mobile={phone}&dobdate={dobdate}&dobmonth={dobmonth}&dobyear={dobyear}&gender={gender}
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.168.200 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://freesamplesprousa.com/
accept-language: en-US,en;q=0.9
key: 613b6621eeed1b0010adbfa5
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://freesamplesprousa.com
date: Wed, 09 Nov 2022 21:50:30 GMT
cache-control: no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: accept-encoding
content-type: text/html; charset=utf-8

OPTIONS
H2 200 psp
psp.pushnami.com/api/ Frame 0
0 308ms
94ms Preflight
application/json 44.193.168.200

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.168.200 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://freesamplesprousa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: key
access-control-allow-methods: POST
access-control-allow-origin: https://freesamplesprousa.com
access-control-expose-headers: content-type, content-length, etag
access-control-max-age: 600
cache-control: no-cache
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 09 Nov 2022 21:50:29 GMT
vary: accept-encoding

GET
H/1.1 200
OK bfp_ssn.js Show response
pxlgnvwe-a.akamaihd.net/javascripts/ Frame 95C9 12 KB
4 KB 124ms
124ms Document
text/html 2600:141b:5000::17df:9d92

General

Check archive.org

Show headers Download Go to

Full URL: https://pxlgnvwe-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=24
Requested by: Host: pxlgnvwe-a.akamaihd.net
URL: https://pxlgnvwe-a.akamaihd.net/javascripts/browserfp.min.js?templateId=24
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2600:141b:5000::17df:9d92 -, , ASN (),
Reverse DNS
Software: / Express
Resource Hash: 7ec5561af74114c3b4b8e0a3e4e2d6f0718e60449f99d4266d8c026bfba8ddcc

Request headers

Referer: https://freesamplesprousa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1800
Cache-Control: max-age=300
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3751
Content-Type: text/html; charset=utf-8
Date: Wed, 09 Nov 2022 21:50:29 GMT
Expires: Wed, 09 Nov 2022 21:55:29 GMT
Vary: Accept-Encoding
x-powered-by: Express

POST
H2 200 ptmdP
dts.gnvwe.com/ 7 B
366 B 486ms
64ms Ping
text/html 34.111.96.116

General

Check archive.org

Show headers Download Go to

Full URL: https://dts.gnvwe.com/ptmdP
Requested by: Host: pxlgnvwe-a.akamaihd.net
URL: https://pxlgnvwe-a.akamaihd.net/javascripts/browserfp.min.js?templateId=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 -, , ASN (),
Reverse DNS
Software: / Express
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://freesamplesprousa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 09 Nov 2022 21:50:30 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by: Express
etag: W/"7-Jgyp3YpFd/wAt71YECmAdg"
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length: 7
alt-svc: clear

GET
H2 200 cenw.js Show response
dts.gnvwe.com/ 36 B
355 B 472ms
60ms XHR
text/html 34.111.96.116

General

Check archive.org

Show headers Download Go to

Full URL: https://dts.gnvwe.com/cenw.js?identifier=bafp
Requested by: Host: freesamplesprousa.com
URL: https://freesamplesprousa.com/?cid=bgymv&t1=49&t2=&t3=b4634db43fd540caa5af273e8b004c4e&t4=&t5=&t6={aff_sub6}&t7=chickfila&transaction_id=102dd88c7d3cdec843dc43ef50ef51&email={email}&userFname={first_name}&last={last_name}&userAddress={address}&cityName={cityName}&stateName={state}&stateCode={state_code}&zipcode={zip}&countryName={country}&mobile={phone}&dobdate={dobdate}&dobmonth={dobmonth}&dobyear={dobyear}&gender={gender}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 -, , ASN (),
Reverse DNS
Software: / Express
Resource Hash: 1db37dad59b5cb26c308e228ab45fc073861d3c93714976a5fa7ebf32f35a1cd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:30 GMT
via: 1.1 google
etag: W/"24-P0eTM8khOoe8zRsJWkVc5A"
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length: 36
alt-svc: clear

GET
H2 200 ptmdDual
dts6.gnvwe.com/ 70 B
335 B 512ms
81ms Image
image/gif 2600:1901:0:cba2::

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts6.gnvwe.com/ptmdDual?t=%7B%22gh%22%3A%221668030629745244188679491%22%2C%22za%22%3A1%2C%22gcd%22%3A1668030629786%2C%22al%22%3A24%2C%22bcnd%22%3A1%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:cba2:: -, , ASN (),
Reverse DNS
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:30 GMT
via: 1.1 google
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc: clear

GET
H2 200 check
fpc.pushnami.com/psfp/063da941-24fa-4895-8ea9-b9e86be133df/ 0
0 494ms
77ms Fetch 67.202.7.197

General

Check archive.org

Show headers Download Go to

Full URL: https://fpc.pushnami.com/psfp/063da941-24fa-4895-8ea9-b9e86be133df/check?websiteId=613b6621eeed1b0010adbfa4
Requested by: Host: freesamplesprousa.com
URL: https://freesamplesprousa.com/?cid=bgymv&t1=49&t2=&t3=b4634db43fd540caa5af273e8b004c4e&t4=&t5=&t6={aff_sub6}&t7=chickfila&transaction_id=102dd88c7d3cdec843dc43ef50ef51&email={email}&userFname={first_name}&last={last_name}&userAddress={address}&cityName={cityName}&stateName={state}&stateCode={state_code}&zipcode={zip}&countryName={country}&mobile={phone}&dobdate={dobdate}&dobmonth={dobmonth}&dobyear={dobyear}&gender={gender}
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.202.7.197 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin: *
date: Wed, 09 Nov 2022 21:50:30 GMT
content-length: 0
vary: Origin
x-request-id: zwQ0ANBNtdiz0OpfOeWeJ6Se3mt4jQ0f

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 107 KB
42 KB 385ms
116ms Script
application/javascript 2607:f8b0:4006:816::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-N8Z2X3Q

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3W95G6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200e -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8ca47d48406d11cf043cee7446bad43bdc0f82875f117e67512c873bf044a504

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42917
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 21:16:35 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 09 Nov 2022 21:50:30 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 365ms
106ms Script
text/javascript 2607:f8b0:4006:824::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3W95G6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 09 Nov 2022 19:53:39 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 7011
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 09 Nov 2022 21:53:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
76 KB 134ms
133ms Script
application/javascript 2607:f8b0:4006:817::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LB10YKRKFK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3W95G6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

131b0c2410614504c165a51458c9c39f45f55228dd648f14cb4d8996b71f0540

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77547
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 09 Nov 2022 21:50:30 GMT

GET
H2 200 cenw.js Show response
dts.gnvwe.com/ Frame 95C9 36 B
125 B 52ms
51ms XHR
text/html 34.111.96.116

General

Check archive.org

Show headers Download Go to

Full URL: https://dts.gnvwe.com/cenw.js
Requested by: Host: pxlgnvwe-a.akamaihd.net
URL: https://pxlgnvwe-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 -, , ASN (),
Reverse DNS
Software: / Express
Resource Hash: da8b7b3968cb8e8712a38c372213c90c05939e98e92ed602fe3e5f80d7751b2e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pxlgnvwe-a.akamaihd.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:30 GMT
via: 1.1 google
etag: W/"24-4B0i4nWmXTWkQmriJ6Pt8g"
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length: 36
alt-svc: clear

GET
H2 200 ptmd
dts.gnvwe.com/ 70 B
140 B 62ms
48ms Image
image/gif 34.111.96.116

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts.gnvwe.com/ptmd?t=1668030629745244188679491_N4IgtgniBcDasEYA0AGJCBsK0BYcHYkMAOAVgF1ykQB3ARxlivAgCdHmA7AQ0ZwCYAnDkEZ8-DDnQBmHCmL4U0wUlLTsxHMXVduAZxhDqAS25hGKZqYPRi1AB4AzGCBQZHCAMZCAJgCN+b3xSYn4AUz9pP2IUHA9+UgxpfkUQEwA3GBQAOlJqPQAXbgKAVxtYPCQjdXRBZgAvXmhkEAAHAHMXTOp2gAsXTBIlNyF8HFJ+PARiYjFhQQQ0kHSbEAxsnNIEHCXuABtDKRBHTxgAWhawguMBjCH1DCElws7oNBA9AGtb+5HBAH0EIJSChBCh8MFpEswsZWi5+NgENBSCDmj4UKRmtBoPglukwuxoG1WAB7HzQkpNFolG5vahhdIHODMVorDj5PaFH4xB6jfjEJZ7ZzNaieMoFf7GclEvztCBgbrLYyS6UgML4bjSUjcQTcM74PxxM44BD4QRnYhhDBhM5hbhWgiORwRUg7HqnZp3HludTKQggOhhGAtRy0-gAXyAA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 -, , ASN (),
Reverse DNS
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:30 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc: clear

GET
H2 200 image.png
freesamplesprousa.com/event/ 70 B
1 KB 140ms
132ms Image
image/png 138.197.231.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freesamplesprousa.com/event/image.png?eventType=pushnami&eventType=pushnami&eventName=notification&eventValue=permissions-initializing&eventPage=&r=57992

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.231.234 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

/ PHP/7.4.33

Resource Hash

497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/?cid=bgymv&t1=49&t2=&t3=b4634db43fd540caa5af273e8b004c4e&t4=&t5=&t6={aff_sub6}&t7=chickfila&transaction_id=102dd88c7d3cdec843dc43ef50ef51&email={email}&userFname={first_name}&last={last_name}&userAddress={address}&cityName={cityName}&stateName={state}&stateCode={state_code}&zipcode={zip}&countryName={country}&mobile={phone}&dobdate={dobdate}&dobmonth={dobmonth}&dobyear={dobyear}&gender={gender}
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:30 GMT
leadgen_env: prod
x-skip-cache: 1
strict-transport-security: max-age=15724800; includeSubDomains
accept-ch: Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List
x-powered-by: PHP/7.4.33
leadgen_env_cookie: never
vary: Origin
content-type: image/png
x-fastcgi-cache: BYPASS
cache-control: no-cache, private

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 102ms
102ms Fetch
text/html 107.20.156.243

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: freesamplesprousa.com
URL: https://freesamplesprousa.com/?cid=bgymv&t1=49&t2=&t3=b4634db43fd540caa5af273e8b004c4e&t4=&t5=&t6={aff_sub6}&t7=chickfila&transaction_id=102dd88c7d3cdec843dc43ef50ef51&email={email}&userFname={first_name}&last={last_name}&userAddress={address}&cityName={cityName}&stateName={state}&stateCode={state_code}&zipcode={zip}&countryName={country}&mobile={phone}&dobdate={dobdate}&dobmonth={dobmonth}&dobyear={dobyear}&gender={gender}
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.156.243 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://freesamplesprousa.com/
accept-language: en-US,en;q=0.9
key: 613b6621eeed1b0010adbfa5
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 09 Nov 2022 21:50:30 GMT
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
content-length: 2
content-type: text/html; charset=utf-8

GET
H2 200 image.png
freesamplesprousa.com/event/ 70 B
1 KB 161ms
160ms Image
image/png 138.197.231.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freesamplesprousa.com/event/image.png?eventType=pushnami&eventType=pushnami&eventName=notification&eventValue=permissions-prompt-prompt&eventPage=&r=76581

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.231.234 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

/ PHP/7.4.33

Resource Hash

497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/?cid=bgymv&t1=49&t2=&t3=b4634db43fd540caa5af273e8b004c4e&t4=&t5=&t6={aff_sub6}&t7=chickfila&transaction_id=102dd88c7d3cdec843dc43ef50ef51&email={email}&userFname={first_name}&last={last_name}&userAddress={address}&cityName={cityName}&stateName={state}&stateCode={state_code}&zipcode={zip}&countryName={country}&mobile={phone}&dobdate={dobdate}&dobmonth={dobmonth}&dobyear={dobyear}&gender={gender}
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:30 GMT
leadgen_env: prod
x-skip-cache: 1
strict-transport-security: max-age=15724800; includeSubDomains
accept-ch: Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List
x-powered-by: PHP/7.4.33
leadgen_env_cookie: never
vary: Origin
content-type: image/png
x-fastcgi-cache: BYPASS
cache-control: no-cache, private

POST
H2 204 collect
analytics.google.com/g/ 0
351 B 316ms
99ms Ping
text/plain 2001:4860:4802:32::181

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-LB10YKRKFK&gtm=2oeb70&_p=1915941123&_gaz=1&cid=294467105.1668030631&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668030630&sct=1&seg=0&dl=https%3A%2F%2Ffreesamplesprousa.com%2F%3Fcid%3Dbgymv%26t1%3D49%26t2%3D%26t3%3Db4634db43fd540caa5af273e8b004c4e%26t4%3D%26t5%3D%26t6%3D%7Baff_sub6%7D%26t7%3Dchickfila%26transaction_id%3D102dd88c7d3cdec843dc43ef50ef51%26email%3D%7Bemail%7D%26userFname%3D%7Bfirst_name%7D%26last%3D%7Blast_name%7D%26userAddress%3D%7Baddress%7D%26cityName%3D%7BcityName%7D%26stateName%3D%7Bstate%7D%26stateCode%3D%7Bstate_code%7D%26zipcode%3D%7Bzip%7D%26countryName%3D%7Bcountry%7D%26mobile%3D%7Bphone%7D%26dobdate%3D%7Bdobdate%7D%26dobmonth%3D%7Bdobmonth%7D%26dobyear%3D%7Bdobyear%7D%26gender%3D%7Bgender%7D&dt=FREE%20SAMPLE%20PRO%20USA&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LB10YKRKFK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 21:50:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://freesamplesprousa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
351 B 249ms
94ms Ping
text/plain 2607:f8b0:4004:c1b::9d

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LB10YKRKFK&cid=294467105.1668030631&gtm=2oeb70&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LB10YKRKFK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9d -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 21:50:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://freesamplesprousa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 345ms
126ms XHR
text/plain 2607:f8b0:4006:824::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1915941123&t=pageview&_s=1&dl=https%3A%2F%2Ffreesamplesprousa.com%2F%3Fcid%3Dbgymv%26t1%3D49%26t2%3D%26t3%3Db4634db43fd540caa5af273e8b004c4e%26t4%3D%26t5%3D%26t6%3D%7Baff_sub6%7D%26t7%3Dchickfila%26transaction_id%3D102dd88c7d3cdec843dc43ef50ef51%26email%3D%7Bemail%7D%26userFname%3D%7Bfirst_name%7D%26last%3D%7Blast_name%7D%26userAddress%3D%7Baddress%7D%26cityName%3D%7BcityName%7D%26stateName%3D%7Bstate%7D%26stateCode%3D%7Bstate_code%7D%26zipcode%3D%7Bzip%7D%26countryName%3D%7Bcountry%7D%26mobile%3D%7Bphone%7D%26dobdate%3D%7Bdobdate%7D%26dobmonth%3D%7Bdobmonth%7D%26dobyear%3D%7Bdobyear%7D%26gender%3D%7Bgender%7D&ul=en-us&de=UTF-8&dt=FREE%20SAMPLE%20PRO%20USA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABQAAAACAAI~&jid=1885118099&gjid=760179943&cid=294467105.1668030631&tid=UA-163306531-1&_gid=548911577.1668030631&_r=1&gtm=2wgb70P3W95G6&z=612924938

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://freesamplesprousa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 21:50:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://freesamplesprousa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 345ms
86ms Preflight 107.20.156.243

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.156.243 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://freesamplesprousa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Wed, 09 Nov 2022 21:50:30 GMT

GET
H2 200 image.png
freesamplesprousa.com/event/ 70 B
1 KB 142ms
140ms Image
image/png 138.197.231.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freesamplesprousa.com/event/image.png?eventType=pushnami&eventType=pushnami&eventName=notification&eventValue=permissions-blocked-ignored&eventPage=&r=41508

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.231.234 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

/ PHP/7.4.33

Resource Hash

497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/?cid=bgymv&t1=49&t2=&t3=b4634db43fd540caa5af273e8b004c4e&t4=&t5=&t6={aff_sub6}&t7=chickfila&transaction_id=102dd88c7d3cdec843dc43ef50ef51&email={email}&userFname={first_name}&last={last_name}&userAddress={address}&cityName={cityName}&stateName={state}&stateCode={state_code}&zipcode={zip}&countryName={country}&mobile={phone}&dobdate={dobdate}&dobmonth={dobmonth}&dobyear={dobyear}&gender={gender}
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:31 GMT
leadgen_env: prod
x-skip-cache: 1
strict-transport-security: max-age=15724800; includeSubDomains
accept-ch: Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List
x-powered-by: PHP/7.4.33
leadgen_env_cookie: never
vary: Origin
content-type: image/png
x-fastcgi-cache: BYPASS
cache-control: no-cache, private

GET
H2 200 image.png
freesamplesprousa.com/event/ 70 B
1 KB 151ms
150ms Image
image/png 138.197.231.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freesamplesprousa.com/event/image.png?eventType=block&isBase64=1&eventData=eyJldmVudCI6InB1c2hPdmVybGF5UHJvbXB0Q29sbGFwc2VkIiwicHVzaHN0YXR1cyI6InBlcm1pc3Npb25zLWJsb2NrZWQtaWdub3JlZCIsImVsdGltZSI6NDE3NX0%3D&eventType=block&eventName=com&eventValue=pushoverlayprompt&eventPage=&r=14909

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.231.234 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

/ PHP/7.4.33

Resource Hash

497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/?cid=bgymv&t1=49&t2=&t3=b4634db43fd540caa5af273e8b004c4e&t4=&t5=&t6={aff_sub6}&t7=chickfila&transaction_id=102dd88c7d3cdec843dc43ef50ef51&email={email}&userFname={first_name}&last={last_name}&userAddress={address}&cityName={cityName}&stateName={state}&stateCode={state_code}&zipcode={zip}&countryName={country}&mobile={phone}&dobdate={dobdate}&dobmonth={dobmonth}&dobyear={dobyear}&gender={gender}
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:31 GMT
leadgen_env: prod
x-skip-cache: 1
strict-transport-security: max-age=15724800; includeSubDomains
accept-ch: Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List
x-powered-by: PHP/7.4.33
leadgen_env_cookie: never
vary: Origin
content-type: image/png
x-fastcgi-cache: BYPASS
cache-control: no-cache, private

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
23 B 312ms
104ms XHR
text/plain 2607:f8b0:4004:c1b::9d

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-163306531-1&cid=294467105.1668030631&jid=1885118099&gjid=760179943&_gid=548911577.1668030631&_u=aADAAEAAQAAAACAAI~&z=253427364

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freesamplesprousa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 09 Nov 2022 21:50:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://freesamplesprousa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 309ms
110ms Image
image/gif 2607:f8b0:4006:81f::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-163306531-1&cid=294467105.1668030631&jid=1885118099&_u=aADAAEAAQAAAACAAI~&z=1646131840

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 21:50:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ptmd
dts.gnvwe.com/ 70 B
132 B 75ms
74ms Image
image/gif 34.111.96.116

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts.gnvwe.com/ptmd?t=1668030629745244188679491_N4Ig1ghiBcIBwHYBsBOARgMwwBgLROwTlwEYSBTAE1xSQCZqIBWShBcgYwyYwSZAA04NDBJCOANxghgAHRAAbAPYcICgPoBnAC5KAThADm5edHmJUmHPkLEyVGvUYs2nbrybyB8zeU2aASyUAOy1dA2NTc2R0LDwCIlIKaloGXGZWdi4ePi95DiUlMADydUoIbQgo+BireNskh1TnTLcczxAAX0EQQ20MGABtbAERsTFsAF0hPs0hkYXR0emQHTnoQbol8YBmZaFObQBbaRQ6HZ7yAA9pbB7NAukSJCQ4bB3sehR1EhQmbBQhD4FyEDyUA2gYlWBW0Txebw+Xx+fwBQKYO3UTFUSAALKxsBhKCg4JQSAgMDsIC8mFRyOSMCQINgAfcYRCoWDtJQ4a93p86N9fv9AWx0eoOLicRwcTiSBwATi4AR0ZQOLRyL8STtKDKdihWUoueyDpBpIgEJQ0JQ6PVEvYUuQIHR0uxUBAUAgqUh+CaRJDxBJ1jJ5MpVBodPojCYYNELVabTY7ckaI7nRBXSh3Z7qXlVn5AiEwpHIjGanHrba7MmUKmXeQ3R6vR1vCACkUSmUKlVS+bLRXE1WmrX0-XM42c11LmohitHQAHIYgHZwAB0JB2dDXJFXfBAKwwUA2Oz4cBItiYSAEZ7gS0Wd9vD-vUyEB-Wl5AAAsP0MmAgBEw4H3Y0QAAVxAmA4A9F8pFgHoAhgrZVkqbQQPWQYUAEc4rxvOgmCvFAVgAL0PKE50MaQpBmb9YGeXlEQFBAcSYOgZW3JUEBQHEUBIHpA2kJAV2wFcmBIHEemnaAWJfDgYFIA5tACHkEX5fVQW0cjoBGVYwCUvkkSFVFRRBEByACBdYBtbASGgJh-khShsCYSFoGgBBePIPRpDnPQlG5A4QJIoQQMUzSDgkBQZyEOc+I2EBsAAAhtPh4p4lZNAUHRdPoj06DgHoFGAjhUO0dQAm5WA0EMABPI5KJACQAlK8qTM9HYmHdCBcAQNAcQwXBZQ43A4HrchcEdescXpcg0CYMSZhkyF4T0nZtxxd8AEdyFEF8Qp2TogA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 -, , ASN (),
Reverse DNS
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freesamplesprousa.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 09 Nov 2022 21:50:31 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc: clear

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
622 B 278ms
209ms XHR
text/plain 52.22.23.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=6&pid=3db5cdc5-e661-408c-b304-777005380fff&token=A68D1480-0EB9-3092-984E-262FCF530B67&_=728416359

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.23.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-23-67.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://freesamplesprousa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 09 Nov 2022 21:50:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
622 B 253ms
76ms XHR
text/plain 52.22.23.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=7&pid=3db5cdc5-e661-408c-b304-777005380fff&token=A68D1480-0EB9-3092-984E-262FCF530B67&_=728416360

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.23.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-23-67.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://freesamplesprousa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 09 Nov 2022 21:50:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.innerbagepizona.com/	1970-01-20 07:21:57	Name: 9e172ca8-2d1e-459b-b7f0-befe1fabe802-v4 Value: t9VeqgpW0sQ_q9W81mcihmvN-4mu4Ec5O9kJEvBpvQM
.innerbagepizona.com/	1970-01-20 16:06:06	Name: voluum-cid-v4 Value: %7B%22cid%22%3A%22w35nncnohp4vptbk2qdu8454%22%2C%22caid%22%3A%229e172ca8-2d1e-459b-b7f0-befe1fabe802%22%7D
www.rg5dxbl.com/	1970-01-20 07:21:57	Name: uniqueClick_2G1FKM4 Value: 071dd6c6-c72d-495f-a3b7-2c9c9019424b:1668030624
www.rg5dxbl.com/	1970-01-20 09:30:06	Name: transaction_id Value: b4634db43fd540caa5af273e8b004c4e
imtrk.go2cloud.org/	1970-01-20 08:03:42	Name: enc_aff_session_4479 Value: ENC03911bf73c78837bdc8bf36dc1de1bafd830355eb9e23e80f38e61da80c8d3dd395d33f386f5afd0f21c6c41c9a076566573473877cf2869564fa40374c96693f7f7bf04a23bc5b7aaf923aaac5379b2297e98424536dfb7296119f4f7e8a94a14374f1e85a49797a7c09e9eae9b2146827c84a05aa88b3c871e0ccf531c1605dc70d58c45ec3ccc6a770fb44f925cd5764355d7aa9f9ef47b048fb94d77f0d7920dc2d785
imtrk.go2cloud.org/	1970-01-20 16:56:30	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiaU9TIiwibW9iaWxlX29zX3ZlcnNpb24iOiIxNC43IiwibW9iaWxlX2RldmljZV9tb2RlbCI6ImlQaG9uZSIsIm1vYmlsZV9kZXZpY2VfYnJhbmQiOiJBcHBsZSIsIm1vYmlsZV9icm93c2VyIjoiU2FmYXJpIiwibW9iaWxlX2Jyb3dzZXJfdmVyc2lvbiI6IjE0LjAiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKGlQaG9uZTsgQ1BVIElQaG9uZSBPUyAxNF83XzEgTGlrZSBNYWMgT1MgWCkgQXBwbGVXZWJLaXQvNjA1LjEuMTUgKEtIVE1MLCBMaWtlIEdlY2tvKSBWZXJzaW9uLzE0LjEuMiBNb2JpbGUvMTVFMTQ4IFNhZmFyaS82MDQuMSIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC45IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
.freesamplesprousa.com/	1970-01-20 16:06:06	Name: leadgenuid Value: e3068de6-7ef0-45c7-a61a-f1466b0349ed
.freesamplesprousa.com/	1970-01-20 16:06:06	Name: usercookie Value: e7a35a9a-7b4f-4179-8e6e-eae647ffeb54
.freesamplesprousa.com/	1970-01-20 16:06:06	Name: leadgennewcookie Value: eyJpdiI6InlsQnBhMVQxUG1STzZ3VUdhNXFxOEE9PSIsInZhbHVlIjoiMXhpbmxYT09sSm0wTUpCS0xXN1FyT1Mxa3hiMHZ3SElIeVo1aWdPMjJjNzlZUW9oaTFqN0pUNUxHL1JwZmZLVCIsIm1hYyI6IjMwYjgwOGFmYTJjZWY3ZDI3MzI4ZjRlY2M4NWE0Y2Q4Y2NlZjkyNDUwNzA4OTMyN2VkOTJkMjBlNDA5NmM0ZDMifQ%3D%3D
freesamplesprousa.com/	1970-01-20 07:22:54	Name: nginxcanarycookie Value: never
freesamplesprousa.com/	1970-01-20 07:22:54	Name: nginxlastcid Value: bgymv
.gls.cap-cloud.co/	1970-01-20 16:06:06	Name: globalid Value: 8a0060fe-d3c1-450f-8583-2a906a391bd5
freesamplesprousa.com/	1970-01-20 07:20:37	Name: XSRF-TOKEN Value: eyJpdiI6IjF3cmpabDFiNnlYNzNTdWl1UjZ5N1E9PSIsInZhbHVlIjoiNXFpNkFOblVxWUVpT0NxejFtWks4cnJXSFlYSGwwY3NFUGQ1cnhlY3c5bkRRMEJsbmlDdStNdFpxbUlkNXlhUi9SUjZsRG9Gd0Mxc1V6OGNFbkdmeVAxTFkyVlU0aVFWRjdLUllaamo5L3pJeWI1cTdOa1pGclI0TWRvcjYwYmEiLCJtYWMiOiI5ZDA2MTY1ZGVmNTBhYTk2ZTI5MGU2ZjI5OTA5YmQxOGExNzgyZDEyMDNjODQyNDU0ZGEzZjI5Y2MzM2ExNDZjIn0%3D
freesamplesprousa.com/	1970-01-20 07:20:37	Name: leadgen_session Value: eyJpdiI6InZRaDhaSFBrTXB2YU5heUFSUjVWRnc9PSIsInZhbHVlIjoiRmt4WkxFY1kxMElPT3VoYS9WQkw2dk5aZkxKVng5bTJ0cVhpL2xaL0lxaDJsbkNORllFRUR2ZURpT2hucWFGUFBtbXhxeSt4RGc0ODZmVDA2aWtpbEdOcy9tUDZrUXZBaUY4dzhHUWw3WlpBUGRQK2k2c1V2UkxYakdJNm92QWkiLCJtYWMiOiJkMTgyN2M0OGFmOGJiOTBkN2MxMTA0OGViNDlhMTgxYTRjNzQ1ZWVjOWIyODE1NDUzMjQ2MjY0MDNjZTRhMzI5In0%3D
freesamplesprousa.com/	1969-12-31 23:59:59	Name: leadid_token-262F10E5-92F1-5DE1-E89D-F5F47859F22E-BC6ACE80-34C7-A8CB-7454-AF2222F5F507 Value: A68D1480-0EB9-3092-984E-262FCF530B67

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://pxlgnvwe-a.akamaihd.net/javascripts/browserfp.min.js?templateId=24(Line 14) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	error	URL: https://freesamplesprousa.com/?cid=bgymv&t1=49&t2=&t3=b4634db43fd540caa5af273e8b004c4e&t4=&t5=&t6={aff_sub6}&t7=chickfila&transaction_id=102dd88c7d3cdec843dc43ef50ef51&email={email}&userFname={first_name}&last={last_name}&userAddress={address}&cityName={cityName}&stateName={state}&stateCode={state_code}&zipcode={zip}&countryName={country}&mobile={phone}&dobdate={dobdate}&dobmonth={dobmonth}&dobyear={dobyear}&gender={gender} Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.anura.io
analytics.google.com
api.pushnami.com
assets.freesamplesprousa.com
bam.nr-data.net
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
dts.gnvwe.com
dts6.gnvwe.com
f0undlth3r3.link
fonts.googleapis.com
fonts.gstatic.com
fpc.pushnami.com
freesamplesprousa.com
gls.cap-cloud.co
imtrk.go2cloud.org
innerbagepizona.com
js-agent.newrelic.com
psp.pushnami.com
pxlgnvwe-a.akamaihd.net
script.anura.io
stats.g.doubleclick.net
trc.pushnami.com
www.google-analytics.com
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.rg5dxbl.com
100.24.222.39
104.26.0.125
107.20.156.243
108.139.29.79
138.197.231.234
151.101.2.137
162.247.241.14
18.164.115.171
18.164.124.11
2001:4860:4802:32::181
2600:141b:5000::17df:9d92
2600:1901:0:cba2::
2606:4700:10::6816:27b6
2606:4700:3108::ac42:2b54
2607:f8b0:4004:c1b::9d
2607:f8b0:4006:80b::200a
2607:f8b0:4006:80c::2003
2607:f8b0:4006:816::200e
2607:f8b0:4006:817::2008
2607:f8b0:4006:81f::2004
2607:f8b0:4006:824::200e
34.111.96.116
34.120.91.40
34.197.139.22
34.198.147.111
44.193.168.200
52.21.33.16
52.22.23.67
52.73.153.179
67.202.7.197
029571f31749d3ede6b30341688582e50da8109744ed0ec5ecabe4b9180a3067
0995bb4eb4a00129985c1369b357adeb08fa4ff802bdd4c0effd22680e6ae32b
0e8289409d2074d1390e1e7f6c31278f5e46490752445c2fd5ef222c41ce845d
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
131b0c2410614504c165a51458c9c39f45f55228dd648f14cb4d8996b71f0540
1489aff3fdd2f7a0813c29433dec88865ac115d8d37c6397fd40042b75338d11
1d2b913b945096309cfe5420a3d1f4c3cc724df8745121c48332f377633615dc
1d7dd7c136aef840ba04ecaf6932b01c186329bf842c26a4f16bb3f5be50984d
1db37dad59b5cb26c308e228ab45fc073861d3c93714976a5fa7ebf32f35a1cd
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
29f84015f630229930c0f9dae6f8bb332f7d00bbd1e51051cc4013d8c5d0cf42
3195073c778f99f37ea9d49ec8a9bf69386446102028d0490eea69d1e4215fbe
3611b19e3106c21491763fdedaa1614792d6bc2e73a0f5dbf9730a9a66772642
3e8ad5000204e3e35c9acc0f6a36ff81a7561e7526c356c859b69c633ddfe12d
43a8671a5f897d1593aa709ddc246723cf20cc7a863cfb02020f55edca6a2e9a
4527df24656ee796539749fa6f397df3ce9e1419a4311a42ca5776b002817b0f
497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
598f5909875c833a7cab94a642376a68139edad2b779e4459029ca95e9f502d4
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6083de45adc6d17a0ee9f98a6eaa13a7b38c28ac2b655eb6f53ace90b1e1ebd5
61936439824959feabe0500ef50d77572eb786b26ba844794db358fe58294fd4
6aa873c71c9ce2336b3269255289ebe101e2a3d58dac78d0208bf277f185bbc5
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7b09057a54e5505eaef99704ba6e73ee261251e48fc866691853e64d8284db77
7bbde71e5f3d9e7fbcaccebabcd5064f0de17fd4cb5a3a79dee5db1278d6ac91
7bf5c26cb3863817a15d7967e2ca81dc6afe5aa2783fdccd7cce7f6934a701f2
7ec5561af74114c3b4b8e0a3e4e2d6f0718e60449f99d4266d8c026bfba8ddcc
8348a9bd4cbd2e6a4eea21296f9ebc2847a2a87338e979611e4592364c9124a0
88d636b4d3169c12ee5aa3d9f6d554ec30f10369ec97f5acbf4e3389c331c51c
8ca47d48406d11cf043cee7446bad43bdc0f82875f117e67512c873bf044a504
8eba13e5751ff9f860ecbc77d39b32d38386d2e9c25c846d910f08773c8a8a00
92dc0fa646e3f748d1bed0adf2b1ecebc85555915159ee800c0d436376a4898b
97d0a814e3f1a2a5a21a75ad6be71c956ee5ede400d425f74dde9de37cbd692e
9c8ee8cfedeb75422bf154482ed5f7f717854cd1b9401c788fff0067b7eee7ed
9fd717ddcad2e1e7593b1702923e056b81d5a3d8693425400ab50da7ca2acc4b
a239303367d268dcb0e6807ca58e7dd8d99a2cfb44bc2628587ddc0d3f9ad646
a3e76ebc6edf9bc37382cdccd038f1150386308ca1a459d2db398ee8eb9d64a0
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
baf197803e3359a094afc2a346fd4fa2c8ce55cc4656bf084f8f147f2c361423
c095079d4a8e339b58e50c7dd7e2c205604265ce6ed653d5af15110e774c2d29
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77
da8b7b3968cb8e8712a38c372213c90c05939e98e92ed602fe3e5f80d7751b2e
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0d4d3c9e7a3b400fb9fe863ee646680ed6c34fb3ce8d7bf3422accf9ad07d06
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f028cd739046c8cf3e16fb29cfe86dc42392c99db0fe22b025e11b961b0aac93
f0debd8959e7e1d686deac03f5175a6f409cde08edefecb3088762ee0a5d1fd0
ffa6ec6e1f8fee3c07cd3a68986bc7b609a28c2c8767aee77d60c5c9d9143188

freesamplesprousa.com Open in urlscan Pro 138.197.231.234 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

81 Requests

100 %HTTPS

40 %IPv6

23 Domains

30 Subdomains

28 IPs

1 Countries

2039 kBTransfer

2901 kBSize

15 Cookies

1 Outgoing links

Page URL History

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

freesamplesprousa.com Open in urlscan Pro
138.197.231.234 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

100 %
HTTPS

40 %
IPv6

23
Domains

30
Subdomains

28
IPs

1
Countries

2039 kB
Transfer

2901 kB
Size

15
Cookies

81 HTTP transactions
1 data transactions