freesamplesforusa.com Open in urlscan Pro
138.197.231.234 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cmtdo.com/r8wci
Effective URL:
https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruc...
Submission: On August 25 via manual (August 25th 2022, 6:34:23 am UTC) from SE — Scanned from SE

Summary HTTP 94 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 19 domains to perform 94 HTTP transactions. The main IP is 138.197.231.234, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is freesamplesforusa.com.
TLS certificate: Issued by R3 on July 17th 2022. Valid for: 3 months.

This is the only time freesamplesforusa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 14	138.197.231.234 138.197.231.234	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	142.250.185.234 142.250.185.234	15169 (GOOGLE) (GOOGLE)
33	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	87.248.119.252 87.248.119.252	203220 (YAHOO-DEB) (YAHOO-DEB)
6	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
1	172.67.41.229 172.67.41.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	54.172.138.183 54.172.138.183	14618 (AMAZON-AES) (AMAZON-AES)
3	35.177.202.29 35.177.202.29	16509 (AMAZON-02) (AMAZON-02)
1	18.66.139.86 18.66.139.86	16509 (AMAZON-02) (AMAZON-02)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
2	172.217.16.200 172.217.16.200	15169 (GOOGLE) (GOOGLE)
2	23.48.23.35 23.48.23.35	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 6	52.21.229.184 52.21.229.184	14618 (AMAZON-AES) (AMAZON-AES)
2	52.222.214.104 52.222.214.104	16509 (AMAZON-02) (AMAZON-02)
2	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
3	142.250.185.110 142.250.185.110	15169 (GOOGLE) (GOOGLE)
7	34.111.96.116 34.111.96.116	15169 (GOOGLE) (GOOGLE)
1	52.222.206.97 52.222.206.97	16509 (AMAZON-02) (AMAZON-02)
1	23.23.142.3 23.23.142.3	14618 (AMAZON-AES) (AMAZON-AES)
94	20

14 138.197.231.234 (North Bergen, United States) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

cmtdo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imwhtrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
freesamplesforusa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

canary-assets.freesamplesforusa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gls.cap-cloud.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.248.119.252 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
PTR: e2-bmr.ycpi.vip.deb.yahoo.com

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.41.229 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.172.138.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-138-183.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.177.202.29 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-202-29.eu-west-2.compute.amazonaws.com

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-86.fra60.r.cloudfront.net

ads.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.48.23.35 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-35.deploy.static.akamaitechnologies.com

pxlgnvwe-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.21.229.184 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-229-184.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.214.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-104.fra56.r.cloudfront.net

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.111.96.116 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 116.96.111.34.bc.googleusercontent.com

dts.gnvwe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dts6.gnvwe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.206.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-97.fra56.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.23.142.3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-142-3.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	freesamplesforusa.com freesamplesforusa.com canary-assets.freesamplesforusa.com	4 MB
10	leadid.com create.leadid.com — Cisco Umbrella Rank: 12962	6 KB
8	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 21944 cdn.trustedform.com — Cisco Umbrella Rank: 24672	42 KB
7	gnvwe.com dts.gnvwe.com — Cisco Umbrella Rank: 480020 dts6.gnvwe.com — Cisco Umbrella Rank: 508678	2 KB
6	gstatic.com fonts.gstatic.com	97 KB
4	anura.io script.anura.io — Cisco Umbrella Rank: 48710 ads.anura.io — Cisco Umbrella Rank: 79474	20 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	20 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 259	1 KB
2	akamaihd.net pxlgnvwe-a.akamaihd.net — Cisco Umbrella Rank: 509341	37 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	117 KB
2	cap-cloud.co gls.cap-cloud.co — Cisco Umbrella Rank: 475376	3 KB
1	trueleadid.com deviceid.trueleadid.com — Cisco Umbrella Rank: 13157	2 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net	2 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 365	18 KB
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 23590	38 KB
1	yimg.com s.yimg.com — Cisco Umbrella Rank: 391	6 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54	1 KB
1	imwhtrck.com 1 redirects imwhtrck.com	1 KB
1	cmtdo.com 1 redirects cmtdo.com	253 B
94	19

	Domain	Requested by
31	canary-assets.freesamplesforusa.com	freesamplesforusa.com cdn.trustedform.com
12	freesamplesforusa.com	freesamplesforusa.com cdn.trustedform.com
10	create.leadid.com	freesamplesforusa.com deviceid.trueleadid.com cdn.trustedform.com
6	dts.gnvwe.com	pxlgnvwe-a.akamaihd.net freesamplesforusa.com
6	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
6	fonts.gstatic.com	fonts.googleapis.com
3	www.google-analytics.com	freesamplesforusa.com www.googletagmanager.com
3	script.anura.io	freesamplesforusa.com
2	bam.nr-data.net	freesamplesforusa.com
2	cdn.trustedform.com	freesamplesforusa.com
2	pxlgnvwe-a.akamaihd.net	freesamplesforusa.com
2	www.googletagmanager.com	freesamplesforusa.com
2	gls.cap-cloud.co	freesamplesforusa.com cdn.trustedform.com
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	freesamplesforusa.com
1	dts6.gnvwe.com
1	js-agent.newrelic.com	freesamplesforusa.com
1	ads.anura.io	freesamplesforusa.com
1	create.lidstatic.com	freesamplesforusa.com
1	s.yimg.com	freesamplesforusa.com
1	fonts.googleapis.com	freesamplesforusa.com
1	imwhtrck.com	1 redirects
1	cmtdo.com	1 redirects
94	23

This site contains links to these domains. Also see Links.

Domain
www.tablefivecork.com
privacyportal.onetrust.com

Subject Issuer	Validity	Valid
freesamplesforusa.com R3	`2022-07-17` - `2022-10-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.freesamplesforusa.com E1	`2022-07-15` - `2022-10-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-09` - `2022-10-08`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-07-25` - `2022-09-14`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2022-03-30` - `2023-03-30`	a year	crt.sh
create.leadid.com Amazon	`2021-10-22` - `2022-11-19`	a year	crt.sh
script.anura.io Amazon	`2022-07-12` - `2023-08-10`	a year	crt.sh
ads.anura.io Amazon	`2022-06-29` - `2023-07-28`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
dts.gnvwe.com GTS CA 1D4	`2022-08-04` - `2022-11-02`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
deviceid.trueleadid.com Amazon	`2022-01-07` - `2023-02-05`	a year	crt.sh
*.trustedform.com Amazon	`2021-10-12` - `2022-11-09`	a year	crt.sh
cdn.trustedform.com Amazon	`2022-04-14` - `2023-05-13`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
Frame ID: 3EDC28F537CE6B1AA5997B0D2F130D10
Requests: 86 HTTP requests in this frame

Frame: https://pxlgnvwe-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=24
Frame ID: 7027A2D0AFC09DB0C01D762CE0BDAD1D
Requests: 2 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=F4B0D3EA-DC03-E8E2-79D2-A3F45ED5FF41&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.11&lck=D12CBC34-F803-D620-FC88-5126B38F6541&lac=262F10E5-92F1-5DE1-E89D-F5F47859F22E
Frame ID: 8FA67641808B6BF1A9962C4572944E79
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=F4B0D3EA-DC03-E8E2-79D2-A3F45ED5FF41&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.11&lck=D12CBC34-F803-D620-FC88-5126B38F6541&lac=262F10E5-92F1-5DE1-E89D-F5F47859F22E
Frame ID: F8CB30CAE8BF4AB387F20DC13418E45E
Requests: 2 HTTP requests in this frame

Frame: https://api.trustedform.com/certs
Frame ID: 749FA600AFF049E2D48517CE1923B777
Requests: 1 HTTP requests in this frame

Frame: https://api.trustedform.com/certs/32dc701858d3dd5b37658ff6a4bbd7dc3d599675/snapshot
Frame ID: 5F30F32AFF6A69408807C98764E97071
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Find Your Free Samples

Page URL History Show full URLs

https://cmtdo.com/r8wci HTTP 302
https://imwhtrck.com/phone-user?phone=8607298721&cid=ullkd&t6=freesamplesprousa.com&t2=08232022&t... HTTP 302
https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

94
Requests

99 %
HTTPS

0 %
IPv6

19
Domains

23
Subdomains

20
IPs

4
Countries

4190 kB
Transfer

5527 kB
Size

24
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.tablefivecork.com/o-wntb-k73-3891557382a7d44c5348750858d4b02b
Title: here

Search URL Search Domain Scan URL

URL: https://privacyportal.onetrust.com/webform/9778300d-e8e2-4455-a4ff-488f60a54302/3c364389-62cf-4140-8137-bb975dfae7e6
Title: Do Not Sell My Personal Information

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cmtdo.com/r8wci HTTP 302
https://imwhtrck.com/phone-user?phone=8607298721&cid=ullkd&t6=freesamplesprousa.com&t2=08232022&t4=followup&t3=12067593553&t1=07102022&t7=hduf1&t8=39682589 HTTP 302
https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16614092566210.004219677001749966 HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16614092566210.004219677001749966

94 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
freesamplesforusa.com/
Redirect Chain

https://cmtdo.com/r8wci
https://imwhtrck.com/phone-user?phone=8607298721&cid=ullkd&t6=freesamplesprousa.com&t2=08232022&t4=followup&t3=12067593553&t1=07102022&t7=hduf1&t8=39682589
https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&session...

84 KB
32 KB

555ms
293ms

Document
text/html

138.197.231.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.231.234 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

/ PHP/7.4.30

Resource Hash

d65c0238b1b2ad29e66f8f2cf0b138814734f7f1b9d65409b9d788653da47d2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 25 Aug 2022 06:34:15 GMT
leadgen_env: canary
leadgen_env_cookie
strict-transport-security: max-age=15724800; includeSubDomains
x-fastcgi-cache: BYPASS
x-powered-by: PHP/7.4.30
x-robots-tag: noindex
x-skip-cache: 1
x-verls: 5a952535-aaca-4c14-a855-5ceefa2b26e2
x-verluc: 0334409a-5825-47c2-9901-d2ae3f0f73d9

Redirect headers

cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Thu, 25 Aug 2022 06:34:14 GMT
leadgen_env: prod
leadgen_env_cookie
location: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
strict-transport-security: max-age=15724800; includeSubDomains
x-fastcgi-cache: BYPASS
x-powered-by: PHP/7.4.30
x-skip-cache: 1

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
1 KB 182ms
64ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@300;400;600;700&family=Montserrat:wght@300;400&family=Poppins:wght@400;500;600;700&display=swap

Requested by

Host: freesamplesforusa.com
URL: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

1f3bb2e889c6bab01d904eddc82b0a5913d60e6750419b026c6aafb1314e9ea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 06:34:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Aug 2022 06:34:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Aug 2022 06:34:15 GMT

GET
H2 200 autocomplete.css
canary-assets.freesamplesforusa.com/css/ 2 KB
1 KB 273ms
145ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://canary-assets.freesamplesforusa.com/css/autocomplete.css
Requested by: Host: freesamplesforusa.com
URL: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1454d94422094de6024289d48a780af176773df756835678a7adf39c2f1c17e5

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 11:42:10 GMT
server: cloudflare
etag: W/"6304bd12-938"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VN3PFJ9IIhRMypQgdZOdPUjhUXZIV9Gc9Oxu5wc%2F30ncwVYHAFLZ0sh6tnrwtlXuQSKw%2BIthO%2F%2Fhct1UwFBqzz8Ea8ae8k%2BW4bb%2B%2BVhfhT15EX6a47lfOxcwicSQdMYSBDTQmhCnMXHnifn02BCl6lNmIYMYeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74024d063ac9b7f7-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify

GET
H2 200 fsfu-v2.css
canary-assets.freesamplesforusa.com/css/ 15 KB
4 KB 272ms
144ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://canary-assets.freesamplesforusa.com/css/fsfu-v2.css
Requested by: Host: freesamplesforusa.com
URL: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7de054acc6027c209ce78c288cceb2aca0eb11b5ceae9ac76d167cbded6f5770

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=15624
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 23 Aug 2022 11:42:10 GMT
server: cloudflare
etag: W/"6304bd12-3d08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2FOijIr2jlKxuw3Mvq7hJyZrNFiIWzPaLXn2SZe0DXo6CE3%2BoMbixUfzOJpnp8aJVkv44WqMIb7gGaoMkoCFd3u%2FurCbuGUIDAx3lrfldHQNw3lBHHJyKe9OaI2LFT9YhbUKaHdEyk4UxkP99oqWCEFNTSOVxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 74024d063accb7f7-AMS
cf-bgj: minify

GET
H2 200 image.png
freesamplesforusa.com/event/ 70 B
1002 B 155ms
154ms Image
image/png 138.197.231.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freesamplesforusa.com/event/image.png?eventType=page&eventName=imp&eventValue=landing&theme=3

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.231.234 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

/ PHP/7.4.30

Resource Hash

497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:15 GMT
leadgen_env: canary
x-skip-cache: 1
x-powered-by: PHP/7.4.30
vary: Origin
content-type: image/png
x-fastcgi-cache: BYPASS
leadgen_env_cookie: always
cache-control: no-cache, private
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 image.png
freesamplesforusa.com/event/ 70 B
1005 B 160ms
159ms Image
image/png 138.197.231.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freesamplesforusa.com/event/image.png?eventType=section&eventName=imp&eventValue=registration&theme=3

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.231.234 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

/ PHP/7.4.30

Resource Hash

497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:15 GMT
leadgen_env: canary
x-skip-cache: 1
x-powered-by: PHP/7.4.30
vary: Origin
content-type: image/png
x-fastcgi-cache: BYPASS
leadgen_env_cookie: always
cache-control: no-cache, private
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 image.png
freesamplesforusa.com/event/ 70 B
1007 B 164ms
163ms Image
image/png 138.197.231.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freesamplesforusa.com/event/image.png?eventType=page-ab&eventName=imp&eventValue=FSFU-Minimum-PII-Flow&eventData=ullkd

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.231.234 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

/ PHP/7.4.30

Resource Hash

497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:15 GMT
leadgen_env: canary
x-skip-cache: 1
x-powered-by: PHP/7.4.30
vary: Origin
content-type: image/png
x-fastcgi-cache: BYPASS
leadgen_env_cookie: always
cache-control: no-cache, private
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 session
gls.cap-cloud.co/identify/ 70 B
1 KB 273ms
182ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gls.cap-cloud.co/identify/session?id=5a952535-aaca-4c14-a855-5ceefa2b26e2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.30

Resource Hash

497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:15 GMT
leadgen_env: prod
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.30
leadgen_env_cookie
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-skip-cache: 1
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TakoKXuwk6zHqHOicCuMgpENJaF64UlmD4AOcAVSoUfHbLBEixuSrfUpK%2F11Ne9CUqgtA6OFibGrHTuvkFIv1TdxXAQEbWcQnH1flPePXYqG3%2FkFOnPfWIxMEr6lM8DK1DKs"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-fastcgi-cache: BYPASS
cache-control: no-cache, private
cf-ray: 74024d05f8ebb512-OSL

GET
H2 200 grocery-img-1.svg
canary-assets.freesamplesforusa.com/images/ 1 MB
926 KB 355ms
309ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canary-assets.freesamplesforusa.com/images/grocery-img-1.svg
Requested by: Host: freesamplesforusa.com
URL: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d225521e3b8da8c5889a6c163ed81813225a71593a6544b05e7755873d7178a

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 11:42:10 GMT
server: cloudflare
etag: W/"6304bd12-135b04"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AOAfNToeg%2BrW4DLTeQOZJtxDqvx4ISFBLis5G6mrwOSZrETpuP3%2Frylnkia1S3B0EzOpQcwLtrTtPlQ2ucO9BYdVgC1uehK6OYODgPz1dDcHnQGSaEEi21ABi0d1dZI0JDttfPRAMZZAT35t2uO3yBUBhUMw8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74024d063ad3b7f7-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 arrow-left-1.svg
canary-assets.freesamplesforusa.com/images/ 1 KB
1 KB 189ms
143ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canary-assets.freesamplesforusa.com/images/arrow-left-1.svg
Requested by: Host: freesamplesforusa.com
URL: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8391e743111b929489427646dc7cfe9d01d9ac858f6a6a1c7855017474147c06

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 11:42:10 GMT
server: cloudflare
etag: W/"6304bd12-445"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vAa0Mt1qaITE4bG7lwsmjszhXDmlGP2DINQz4vZTIGupDMlI%2BS2xS9cLIRkZIUCIGmaJpLfBW%2BOuzNqf2a%2FG66SW%2FT%2FeGY%2BuqDm%2B4iyHrdiZ3oIooedih%2BNVZaMtgMFBwZzKAYe87paE1vNSMpUMA%2BhobHVmig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74024d063ad1b7f7-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 arrow-right-1.svg
canary-assets.freesamplesforusa.com/images/ 1 KB
920 B 191ms
145ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canary-assets.freesamplesforusa.com/images/arrow-right-1.svg
Requested by: Host: freesamplesforusa.com
URL: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b77d1802a959e3dbc743116cfed1f8c08ee1a6e276f9902b15803de9589cc5d

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 11:42:10 GMT
server: cloudflare
etag: W/"6304bd12-436"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLlJsV44mYTbvMlidMrjp%2BrlbqiXrxUKJLHanUhDvw38k%2FSkpM8rZcXWs8oPBOgPwSxkri48ks4EVDvvsjZaKodtdO9rfRrYVPOOsE456KRp%2B%2FjPN4Pmz1mr4t12ErVUSA8OWNswQK19wQDzerIoMFD%2FhVXERw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74024d063ad2b7f7-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 fsfu-man-2.png
canary-assets.freesamplesforusa.com/images/ 180 KB
181 KB 303ms
258ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canary-assets.freesamplesforusa.com/images/fsfu-man-2.png
Requested by: Host: freesamplesforusa.com
URL: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fe042b43127ca6ed2fbd91cd4d0c7deeceab41bf1268ea7d49d6b0509284ba2

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:15 GMT
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 11:42:10 GMT
server: cloudflare
etag: "6304bd12-2d117"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gl6t%2BKaqnWRckYG4xwUlszZp40E0CIuGIhNYnfMaNA6DAgT6yWC5kXbuiHV5xDQYLUZ3SvsO4vaTtA1aP2f88XOGfXi5gJeyIyhf5PlcB2M6v7GZZysWNQ75EZP%2BxDpNr4RnWjV5ETCN7LUwVazgPtCTIvgLYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74024d063acfb7f7-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 184599

GET
H2 200 user-bg.png
canary-assets.freesamplesforusa.com/images/ 94 KB
95 KB 230ms
228ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canary-assets.freesamplesforusa.com/images/user-bg.png
Requested by: Host: freesamplesforusa.com
URL: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2331cb936c09f333c1ee32d20ee14dacf20bc100a27728819152e9fa581ff6cf

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:15 GMT
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 11:42:10 GMT
server: cloudflare
etag: "6304bd12-177d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=adJWqdIpVEh3KALfmisJPj8Pkyo3OK6Bb417yxGR4GqLTkivjuBi91lm%2Bk6UJaZzDSzSVO%2BjphGaWdrqA0WmGEeSzCaGb7Zq7UuC9nioFhEMKVeUsK1Sq7epkj4d06STDavau9gW0yU%2F346HHpY6egMHpCRx5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74024d069b57b7f7-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 96213

GET
H2 200 charminbranded.png
canary-assets.freesamplesforusa.com/images/dynamic-ads/ 77 KB
78 KB 227ms
225ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canary-assets.freesamplesforusa.com/images/dynamic-ads/charminbranded.png
Requested by: Host: freesamplesforusa.com
URL: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 014cd52a32688c03283862bce0847e3178fba7ba4161a413afee343b245f1114

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:15 GMT
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 11:42:10 GMT
server: cloudflare
etag: "6304bd12-13486"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rw9CLD%2FPnn7SPPQHckHPw%2FySJrFjc0jNepLAmdIxGjOzb8z6LbfW8Ep1%2BJylRKtIhCJnSRMZzSYUzFMwco7HMtd33sHM%2F%2FevWm0pwEwNiPV5PrPZJD4sS56DQqaYUqtEhr80JBNU12Ki5PBUmY4903qXH5nH1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74024d069b58b7f7-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78982

GET
H2 200 mcdonalds.png
canary-assets.freesamplesforusa.com/images/dynamic-ads/ 97 KB
97 KB 230ms
228ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canary-assets.freesamplesforusa.com/images/dynamic-ads/mcdonalds.png
Requested by: Host: freesamplesforusa.com
URL: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d0df5dce1e80da671585b69131410cad07a404795cd02cb5b7f2fca3beb0e6c

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:15 GMT
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 11:42:10 GMT
server: cloudflare
etag: "6304bd12-18283"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3sABeXUVtzCH9s9NJZjJhcgHMZvdje5babJKqzrqJ5Kip5J%2Bw%2FoBBL6YB%2FnvuJADOyIuaB8SY3%2Bd1eFcy93PxtQYrKbSiCMIYWSESCjnazLFMemw6%2FDvCOYDFkGn0k0qGvtm43f0kVehgyKpM9qW3xVqosVKXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74024d069b5ab7f7-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 98947

GET
H2 200 burgerking.png
canary-assets.freesamplesforusa.com/images/dynamic-ads/ 317 KB
317 KB 228ms
227ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canary-assets.freesamplesforusa.com/images/dynamic-ads/burgerking.png
Requested by: Host: freesamplesforusa.com
URL: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aeee6196a221d1735061129151b360782d9788fe0f5b05ab6dec270f24e272f2

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:15 GMT
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 11:42:10 GMT
server: cloudflare
etag: "6304bd12-4f27f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fa2I1UhxfwwwMl7yEhAVLMQkaYppz3mCXyhWBVQVHe5ZMxDqu0%2BUkUMywLFExrEPIyVe1tWglGBhZ2czqV0ZM7IVZUOIuLjsyan2zGFDrfDV2xR3vzSXPXuGUHDQ9Qwz7gQ2NVfR2xWM19X5kNNlhFMfqvDYYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74024d069b5bb7f7-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 324223

GET
H2 200 sephora.png
canary-assets.freesamplesforusa.com/images/dynamic-ads/ 23 KB
23 KB 227ms
225ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canary-assets.freesamplesforusa.com/images/dynamic-ads/sephora.png
Requested by: Host: freesamplesforusa.com
URL: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b3be68092e713a8347ac772538be77452ad3fdd25f1145edb7ccf48ccd890be

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:15 GMT
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 11:42:10 GMT
server: cloudflare
etag: "6304bd12-5c31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=noqw2932%2Fa0A5eAAQAV6Zdp1KSQD%2F2wEndRenugS9KCnxmayLvfeiGkrs%2B11qOc%2FM%2FmIsP2Qj%2FGp657mPuLaRrpZahuhfwFHPfj1Bn6nIE9kJ6nF6PFbdcQhwa14P%2FMzlDGd5aAbw9Voum0LWeBryadI0wBolA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74024d069b5cb7f7-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23601

GET
H2 200 downy.png
canary-assets.freesamplesforusa.com/images/dynamic-ads/ 87 KB
88 KB 170ms
169ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canary-assets.freesamplesforusa.com/images/dynamic-ads/downy.png
Requested by: Host: freesamplesforusa.com
URL: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbbfad48a108f539f969b93f459c5984d4b9f111bae46f4018b2267108e8ae58

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:15 GMT
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 11:42:10 GMT
server: cloudflare
etag: "6304bd12-15c95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7I8Xu4zKhrT8fGEfPDHGB%2BAeKZOvbbabLuGxt9%2BymkQMy%2F82jVrnCwxo4aTaxcH%2B%2FJt5kFG%2F2TXewfQ4XI7GwCbXvuR9fBiqXcP84PJiYZ4j16N7%2B%2B%2FLsvrFLi9ihH1EpZMLEhnMkE7hUJXwmn0MRDC0cyNdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74024d069b5db7f7-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 89237

GET
H2 200 esteelauder.png
canary-assets.freesamplesforusa.com/images/dynamic-ads/ 26 KB
27 KB 229ms
227ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canary-assets.freesamplesforusa.com/images/dynamic-ads/esteelauder.png
Requested by: Host: freesamplesforusa.com
URL: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d024229b74abff5260d3593df9e9b2bcc8785a5e93425fa0d0efb084357995e7

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:15 GMT
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 11:42:10 GMT
server: cloudflare
etag: "6304bd12-69d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s8cBDcjChRn7CLWVUaF2JSWEoWT4tLwNF9i24AyakWZGXS9g6haKXUOgHWSNxAPLV4YeOumo1%2FrHh2gEGT3o5Dvk2gG03K2bnRjD1Gm%2BjquDBcOTRzQGth9WEwe%2BkIQF0NKfkE0Wg%2FU8QIaAWQSSGb8hfXR1qA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74024d069b5eb7f7-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27096

GET
H2 200 config.js Show response
freesamplesforusa.com/js/ 22 KB
10 KB 149ms
147ms Script
application/javascript 138.197.231.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://freesamplesforusa.com/js/config.js?ver=1.2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.231.234 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

/ PHP/7.4.30

Resource Hash

a207f540553ccb7f29ff60da4d6e5cea22dcbbaa88c22bb2b222b7bc51f519f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:15 GMT
leadgen_env: canary
x-skip-cache: 1
x-powered-by: PHP/7.4.30
leadgen_env_cookie: always
content-type: application/javascript
x-fastcgi-cache: BYPASS
cache-control: no-cache, private
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip

GET
H2 200 app.js Show response
canary-assets.freesamplesforusa.com/js/ 46 KB
12 KB 230ms
228ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://canary-assets.freesamplesforusa.com/js/app.js?ver=1.2
Requested by: Host: freesamplesforusa.com
URL: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1dee938e57b4565d350be284bdc68e46649245e51eb8ea5ab431acc2034e913

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=60036
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 23 Aug 2022 11:42:13 GMT
server: cloudflare
etag: W/"6304bd15-ea84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJg%2F7QHidaE08rvPd6oxd7Tq3cevsLxqbJcAb2ueJoC1UqAUOhUQh%2FBdz0KlAdBl%2FZsaHlE7LSpNDhblNRQTAqmkWvlEsWmr3uOV%2Bksx11OyBemvmcBM63bPBJgIO1l1ngzDOhx0bvdMoH36QKJ6SFwgSyNzdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 74024d066b17b7f7-AMS
cf-bgj: minify

GET
H2 200 lander.js Show response
canary-assets.freesamplesforusa.com/js/ 40 KB
10 KB 168ms
166ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://canary-assets.freesamplesforusa.com/js/lander.js?ver=1.2
Requested by: Host: freesamplesforusa.com
URL: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d53f6f78b6059f1ae0944ba7c73e55bff8d45bfe72b40d8c32be21e5d9696aee

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=55331
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 23 Aug 2022 11:42:13 GMT
server: cloudflare
etag: W/"6304bd15-d823"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsvmnT4lv2uJKoOaRaybWc267XfbBmuUkTngQ%2Fuasub9GrHwXvmHEJ%2FgqjDo7YrbtswvYB2yQAj1BOuRheQwqYNcHgmcX3pUkm%2Bgsd23WY9gGyTyeZJiLWAiC25lX0OipaFzrfBP%2F6daWkRkmi%2FO2Tn2ry4C8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 74024d066b18b7f7-AMS
cf-bgj: minify

GET
H2 200 register.js Show response
canary-assets.freesamplesforusa.com/js/ 42 KB
11 KB 226ms
224ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://canary-assets.freesamplesforusa.com/js/register.js?ver=1.2
Requested by: Host: freesamplesforusa.com
URL: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0e422a17f5f9c51b2e507dbde6a92c9ac26c3f4f6d3e02cc046ddced7410c41

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=56904
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 23 Aug 2022 11:42:13 GMT
server: cloudflare
etag: W/"6304bd15-de48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9AA4lpb%2F9lnW58HMI3aGWyg8MynlnKk4mxqhKq25IEYK13CFnNHPQbjZtA8eNNUPvWo15suackJeQOpJ9O6KI%2BV%2FPrxtWJdRYpUWOdjcJWTzHFNG4NIJSjWfxKYpM5%2BG2lhzKdJYn61Er8Z1KMQ8a2t0EPcew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 74024d069b53b7f7-AMS
cf-bgj: minify

GET
H2 200 leadgen.js Show response
canary-assets.freesamplesforusa.com/js/ 32 KB
10 KB 173ms
171ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://canary-assets.freesamplesforusa.com/js/leadgen.js
Requested by: Host: freesamplesforusa.com
URL: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fd717ddcad2e1e7593b1702923e056b81d5a3d8693425400ab50da7ca2acc4b

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=42288
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 23 Aug 2022 11:42:13 GMT
server: cloudflare
etag: W/"6304bd15-a530"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YlIUE1T%2FVg3z1w%2FO5N3VnmaL9NNi%2FuwAbXcq%2Fp5CHJ2VZttszboe2r1oLrE4Jg2xCScZiZjRxQDM1J7HvqmsST%2FzXmGjrTkWJBX1tK9VE7sQttI%2FcPxqXPX6IbeU5r8B0bDDlr6BUyYPAkhp3GjfgVuDejAgEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 74024d069b54b7f7-AMS
cf-bgj: minify

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 16 KB
6 KB 163ms
53ms Script
application/javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:33:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: TEF345KSJSZRKV4N
x-amz-id-2: FL/mw7RtirE0pMTBWYJs7GhfFSvKxg74cDer4vBNEULTEyIMDH1x6JDNzbTVHKL+5x57JgtinaE=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 common.js Show response
canary-assets.freesamplesforusa.com/js/ 449 B
532 B 226ms
225ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://canary-assets.freesamplesforusa.com/js/common.js
Requested by: Host: freesamplesforusa.com
URL: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7280aa126dc7f58a2f993528ecf6e192606272fc79aa799b3ef935c94afdbf61

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=479
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 23 Aug 2022 11:42:10 GMT
server: cloudflare
etag: W/"6304bd12-1df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJ0lbjiNMZcKDLhRgo769kOmWD5ZR0O8M5oU3FwJuAGlrmf8N7rPhWeJjNBLYNlX7fIt6t%2F0w1psWdFrmgJo3kJZxb77UfoGe4gdZRPNKi4jacm2L3bM4QJcuEWnh05Y1StaPkzO6PGImBRnpw652aHxDQIlhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 74024d069b56b7f7-AMS
cf-bgj: minify

GET
H2 200 pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 176ms
56ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@300;400;600;700&family=Montserrat:wght@300;400&family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://freesamplesforusa.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 11:07:43 GMT
x-content-type-options: nosniff
age: 242792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16980
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:33:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 11:07:43 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 191ms
73ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@300;400;600;700&family=Montserrat:wght@300;400&family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://freesamplesforusa.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:46:57 GMT
x-content-type-options: nosniff
age: 236838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17156
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:33:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 12:46:57 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 268ms
150ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@300;400;600;700&family=Montserrat:wght@300;400&family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://freesamplesforusa.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:55:52 GMT
x-content-type-options: nosniff
age: 207503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17116
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 20:55:52 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 284ms
166ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@300;400;600;700&family=Montserrat:wght@300;400&family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://freesamplesforusa.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:23:03 GMT
x-content-type-options: nosniff
age: 33072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 21:23:03 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 270ms
171ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@300;400;600;700&family=Montserrat:wght@300;400&family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://freesamplesforusa.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 19:25:44 GMT
x-content-type-options: nosniff
age: 40111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 19:25:44 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 217ms
118ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@300;400;600;700&family=Montserrat:wght@300;400&family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://freesamplesforusa.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 03:24:20 GMT
x-content-type-options: nosniff
age: 11395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Aug 2023 03:24:20 GMT

GET
H2 200 d12cbc34-f803-d620-fc88-5126b38f6541.js Show response
create.lidstatic.com/campaign/ 121 KB
38 KB 900ms
824ms Script
text/javascript 172.67.41.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/d12cbc34-f803-d620-fc88-5126b38f6541.js?snippet_version=2
Requested by: Host: freesamplesforusa.com
URL: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94350a94560d49560348e99b1dadb19d92803cde005c940ce27c659671256b91

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:16 GMT
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: 70HF92AH9GE717Z5
x-amz-server-side-encryption: AES256
cf-ray: 74024d08ad399915-ARN
x-amz-replication-status: COMPLETED
x-amz-id-2: wc1tmfpWCDiycJ+4I8T7mnknvsOreKC6csKm2HvG9p4t0pgAIu3phYk0bh0CIaCOL/2YOAMXFeE=
last-modified: Tue, 24 May 2022 10:19:11 GMT
server: cloudflare
etag: W/"5f55d7e4a062787d2443550be64c998b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: gymKNa4KvcQ.7VTyrx1ZqlqHpuN0_WRP
cache-control: max-age=1800
content-type: text/javascript

GET
H2 200 anura.js Show response
canary-assets.freesamplesforusa.com/js/ 3 KB
1 KB 148ms
146ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://canary-assets.freesamplesforusa.com/js/anura.js
Requested by: Host: freesamplesforusa.com
URL: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92dc0fa646e3f748d1bed0adf2b1ecebc85555915159ee800c0d436376a4898b

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3850
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 23 Aug 2022 11:42:13 GMT
server: cloudflare
etag: W/"6304bd15-f0a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B7P7nvSx9Rhz3KoyTwCmN8RXH30eXFgZRWuvaij3KNcujl06NojM3gLRZ7bTmbKaT1szYmSVzc6i%2Fd%2BmBT%2BH%2BESIB7KqHT%2FH4TUkzC0PkPHUKctySpzKcCdOjN4f0npHSZKxKvJUCwNlMQDX26hkvvGeZ3%2BO3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 74024d084d89b7f7-AMS
cf-bgj: minify

GET
H2 200 noscript.gif
create.leadid.com/ 43 B
643 B 427ms
143ms Image
image/gif 54.172.138.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://create.leadid.com/noscript.gif?lac=262f10e5-92f1-5de1-e89d-f5f47859f22e&lck=262f10e5-feed-beef-cafe-f5f47859f22e&snippet_version=2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.138.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-138-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:16 GMT
content-encoding: none
last-modified: Thu, 25 Aug 2022 06:34:16 GMT
server: nginx
etag: 5998FC07-FE4F-49E1-980B-671FCC0D0722
access-control-max-age: 1728000
content-type: image/gif
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type

GET
H2 200 blacklist.js Show response
canary-assets.freesamplesforusa.com/js/ 1 KB
703 B 376ms
376ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://canary-assets.freesamplesforusa.com/js/blacklist.js
Requested by: Host: freesamplesforusa.com
URL: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43a8671a5f897d1593aa709ddc246723cf20cc7a863cfb02020f55edca6a2e9a

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1532
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 23 Aug 2022 11:42:13 GMT
server: cloudflare
etag: W/"6304bd15-5fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VsS3EHzIjKtLWzGXmznr3%2BUYz%2FiA0BA2TAsNQlN%2Bsa33htjwf40XzYQmNmN7PYAIBVWb9Jz%2FhfJCwinMXqTGqSu%2F4R2obitX%2Fwm51gztXKyQrYY3lLD7hx76%2BlA1aTMB5nHbmpsOl9FqMyp0zZLv2p51dylZOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 74024d084d8bb7f7-AMS
cf-bgj: minify

GET
H2 200 request.js Show response
script.anura.io/ 50 KB
18 KB 268ms
140ms Script
application/javascript 35.177.202.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=3508576879&source=null&campaign=ullkd&exid=5a952535-aaca-4c14-a855-5ceefa2b26e2&callback=anuraCallback&370828018838

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.177.202.29 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-177-202-29.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

4fcb264a1e720e563c99d094b1ed8a59b0f9fc7c944feaac84909bbb0ff288b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 06:34:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 showads.js Show response
ads.anura.io/ 0
351 B 171ms
53ms XHR
application/javascript 18.66.139.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.anura.io/showads.js?314798561296
Requested by: Host: freesamplesforusa.com
URL: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-86.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 23:37:13 GMT
content-encoding: gzip
server: nginx
age: 25022
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: nhMj0aKIfZ6of6Tf6zLnKJE-baY7v6rKznHy93eucvH81GHImwUFEQ==
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)

POST
H2 200 GenerateToken Show response
create.leadid.com/2.11.11/ 36 B
659 B 466ms
193ms XHR
text/plain 54.172.138.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.11/GenerateToken?msn=1&pid=7f908efd-522b-4708-af5b-92224c4f898c&_=360838881

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.138.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-138-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4b4ae9e215938755932c46914cd18ab60dc5de29ad97f76fd4f224f678e507cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://freesamplesforusa.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 25 Aug 2022 06:34:17 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 nr-spa-1216.min.js Show response
js-agent.newrelic.com/ 49 KB
18 KB 100ms
31ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by: Host: freesamplesforusa.com
URL: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding: gzip
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-request-id: SYTECJR5CMD8NJ8E
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 18216
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-served-by: cache-bma1640-BMA
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1661409257.694499,VS0,VE0
date: Thu, 25 Aug 2022 06:34:16 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2228

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 119 KB
46 KB 187ms
69ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5TWVWWK

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e2337afc281aacc683f841eeeb2a5d4714e78f00a7d1ef571cae6b2d0a10c941

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46149
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 Aug 2022 06:34:16 GMT

GET
H/1.1 200
OK browserfp.min.js Show response
pxlgnvwe-a.akamaihd.net/javascripts/ 98 KB
32 KB 336ms
181ms Script
text/javascript 23.48.23.35
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxlgnvwe-a.akamaihd.net/javascripts/browserfp.min.js?templateId=24
Requested by: Host: freesamplesforusa.com
URL: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.48.23.35 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-35.deploy.static.akamaitechnologies.com
Software: / Express
Resource Hash: dd3783a410137f4334a7f6c8b688737c65e2044bc58ac6dc170f2a78c3cd31e4

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 06:34:16 GMT
Content-Encoding: gzip
x-powered-by: Express
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1800
Cache-Control: max-age=300
Connection: keep-alive
Content-Length: 32881
Expires: Thu, 25 Aug 2022 06:39:16 GMT

POST
H2 200 campaign-initiate Show response
freesamplesforusa.com/api/survey/ 1 KB
965 B 167ms
166ms Fetch
application/json 138.197.231.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://freesamplesforusa.com/api/survey/campaign-initiate?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589&uid=5a952535-aaca-4c14-a855-5ceefa2b26e2&leadgenuid=0334409a-5825-47c2-9901-d2ae3f0f73d9

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.231.234 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

/ PHP/7.4.30

Resource Hash

c15921a53da4b7dfd9faa47b637d3a507b25457e8f50b0bb98167ff0e6e6dbd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

X-VERLS: null
X-VERGL: null
Content-Type: application/json
accept-language: se-SE,se;q=0.9
Accept: application/json
Referer: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
X-VERLUC: 5a952535-aaca-4c14-a855-5ceefa2b26e2

Response headers

date: Thu, 25 Aug 2022 06:34:16 GMT
leadgen_env: canary
x-skip-cache: 1
x-powered-by: PHP/7.4.30
vary: Origin
content-type: application/json
access-control-allow-origin: https://freesamplesforusa.com
x-ratelimit-limit: 256
x-ratelimit-remaining: 255
cache-control: no-cache, private
access-control-allow-credentials: true
leadgen_env_cookie: always
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16614092566210.004219677001749966
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16614092566210.004219677001749966

8 KB
4 KB

307ms
173ms

Script
application/javascript

52.222.214.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16614092566210.004219677001749966
Protocol: H2
Server: 52.222.214.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 607020848525f662633b5a3d9c7826462e6dab9b39967e0ee572c91a83f7f9b1

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:18 GMT
content-encoding: gzip
last-modified: Tue, 16 Aug 2022 18:53:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
etag: W/"97d91c9803cec4e7981c0f415c2c1923"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
x-amz-version-id: 9tpprjSXF1V1i663qaS1L8y.yb5CQ2dA
x-amz-cf-id: beoMRDh0s8lARdNKVqiGzA-FYogizaazrCOmByTC65ptYdIRm0hTtA==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16614092566210.004219677001749966
date: Thu, 25 Aug 2022 06:34:16 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 image.png
freesamplesforusa.com/event/ 70 B
1010 B 153ms
153ms Image
image/png 138.197.231.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freesamplesforusa.com/event/image.png?eventType=page&eventType=page&eventName=imp&eventValue=tcpa&eventPage=&r=34061

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.231.234 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

/ PHP/7.4.30

Resource Hash

497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:16 GMT
leadgen_env: canary
x-skip-cache: 1
x-powered-by: PHP/7.4.30
vary: Origin
content-type: image/png
x-fastcgi-cache: BYPASS
leadgen_env_cookie: always
cache-control: no-cache, private
strict-transport-security: max-age=15724800; includeSubDomains

POST
H2 200 response.json Show response
script.anura.io/ 47 B
401 B 355ms
237ms XHR
application/json 35.177.202.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/response.json

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.177.202.29 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-177-202-29.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

2f4c61b8a3090d86cf089478032e6213bea6aeaec5c35b22deadfc383f71e70f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://freesamplesforusa.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 06:34:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H/1.1 200
OK NRJS-2598d96435bb8be4aff Show response
bam.nr-data.net/1/ 49 B
632 B 1080ms
1004ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-2598d96435bb8be4aff?a=1717442295&v=1216.487a282&to=blZaYUUHXUdVVUdbW1cceVZDD1xaG3dDQmhxR0xFayVcWkBEXF5YXEFLaWcHVFF3WV1GRlZfVFBFJlRRQHpSXFBcQWhUUAM%3D&rst=2943&ck=0&ref=https://freesamplesforusa.com/&ap=161&be=1460&fe=2829&dc=1913&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1661409253778,%22n%22:0,%22f%22:852,%22dn%22:852,%22dne%22:865,%22c%22:865,%22s%22:986,%22ce%22:1114,%22rq%22:1114,%22rp%22:1407,%22rpe%22:1545,%22dl%22:1410,%22di%22:1912,%22ds%22:1912,%22de%22:1913,%22dc%22:2829,%22l%22:2829,%22le%22:2844%7D,%22navigation%22:%7B%7D%7D&fp=1778&fcp=1778&at=QhFZFw0dTkk%3D&jsonp=NREUM.setToken
Requested by: Host: freesamplesforusa.com
URL: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 06:34:17 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 74024d0f1e9fc7f3-TLL

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
72 KB 189ms
74ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5YNGWE96D1&l=dataLayer&cx=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

54be7235ebc9fae405d472d16c672a31777963f3004271c7721b28773ae715ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:17 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73411
x-xss-protection: 0
expires: Thu, 25 Aug 2022 06:34:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 171ms
54ms Script
text/javascript 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5537
date: Thu, 25 Aug 2022 05:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 25 Aug 2022 07:02:00 GMT

GET
H/1.1 200
OK bfp_ssn.js Show response
pxlgnvwe-a.akamaihd.net/javascripts/ Frame 7027 12 KB
4 KB 57ms
57ms Document
text/html 23.48.23.35
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxlgnvwe-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=24
Requested by: Host: freesamplesforusa.com
URL: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.48.23.35 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-35.deploy.static.akamaitechnologies.com
Software: / Express
Resource Hash: 7ec5561af74114c3b4b8e0a3e4e2d6f0718e60449f99d4266d8c026bfba8ddcc

Request headers

Referer: https://freesamplesforusa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1800
Cache-Control: max-age=300
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3751
Content-Type: text/html; charset=utf-8
Date: Thu, 25 Aug 2022 06:34:16 GMT
Expires: Thu, 25 Aug 2022 06:39:16 GMT
Vary: Accept-Encoding
x-powered-by: Express

POST
H2 200 ptmdP
dts.gnvwe.com/ 7 B
324 B 212ms
138ms Ping
text/html 34.111.96.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dts.gnvwe.com/ptmdP
Requested by: Host: pxlgnvwe-a.akamaihd.net
URL: https://pxlgnvwe-a.akamaihd.net/javascripts/browserfp.min.js?templateId=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://freesamplesforusa.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 25 Aug 2022 06:34:17 GMT
via: 1.1 google
etag: W/"7-Jgyp3YpFd/wAt71YECmAdg"
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1800
alt-svc: clear
content-length: 7

GET
H2 200 cenw.js Show response
dts.gnvwe.com/ 36 B
355 B 210ms
137ms XHR
text/html 34.111.96.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dts.gnvwe.com/cenw.js?identifier=bafp
Requested by: Host: freesamplesforusa.com
URL: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 82c0ba8a37670f63e3da3e4fed7feb7fcc9ceb8fbb5ace093c6c07677f792cda

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:17 GMT
via: 1.1 google
etag: W/"24-oMi4ffZI36zW9u91O1qksQ"
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1800
alt-svc: clear
content-length: 36

GET
H2 200 ptmdDual
dts6.gnvwe.com/ 70 B
335 B 212ms
138ms Image
image/gif 34.111.96.116
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts6.gnvwe.com/ptmdDual?t=%7B%22gh%22%3A%221661409256957243651574908%22%2C%22za%22%3A1%2C%22gcd%22%3A1661409256972%2C%22al%22%3A24%2C%22bcnd%22%3A1%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:17 GMT
via: 1.1 google
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
alt-svc: clear

POST
H2 200 result.json Show response
script.anura.io/ 41 B
396 B 72ms
72ms XHR
application/json 35.177.202.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/result.json

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.177.202.29 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-177-202-29.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

73c54eec23bd5786eee2abde558ae996cc30db654cc6d513369ef8e6e1681de9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://freesamplesforusa.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 06:34:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame 8FA6 3 KB
2 KB 169ms
53ms Document
text/html 52.222.206.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=F4B0D3EA-DC03-E8E2-79D2-A3F45ED5FF41&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.11&lck=D12CBC34-F803-D620-FC88-5126B38F6541&lac=262F10E5-92F1-5DE1-E89D-F5F47859F22E

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.206.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-206-97.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://freesamplesforusa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

Age: 39687
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 25 Aug 2022 00:43:27 GMT
ETag: W/"6298d697-dbb"
Last-Modified: Thu, 02 Jun 2022 15:26:15 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
X-Amz-Cf-Id: wZSJGu77njIoOe--TQFBe401C-LKpx7yRB12o9ryKQIvYb0mHLgQWw==
X-Amz-Cf-Pop: FRA56-P3
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.11.11/ 0
622 B 141ms
141ms XHR
text/plain 54.172.138.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.11/SaveDom?msn=2&pid=7f908efd-522b-4708-af5b-92224c4f898c&token=F4B0D3EA-DC03-E8E2-79D2-A3F45ED5FF41&_=360838882

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.138.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-138-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://freesamplesforusa.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 25 Aug 2022 06:34:17 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.11/ 0
622 B 140ms
140ms XHR
text/plain 54.172.138.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.11/InitFormData?msn=3&pid=7f908efd-522b-4708-af5b-92224c4f898c&token=F4B0D3EA-DC03-E8E2-79D2-A3F45ED5FF41&_=360838883

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.138.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-138-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://freesamplesforusa.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 25 Aug 2022 06:34:17 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 184ms
64ms XHR
text/plain 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1359964084&t=pageview&_s=1&dl=https%3A%2F%2Ffreesamplesforusa.com%2F%3Fcid%3Dullkd%26fname%3DBarbara%26lname%3DHaney%26gender%3DFemale%26email%3Dbhaney1227%2540gmail.com%26address%3D40%2Bspruce%2Bstreet%26mobile%3D8607298721%26zip%3D06040%26date%3D22%26month%3D01%26year%3D1963%26sessionid%3D5a952535-aaca-4c14-a855-5ceefa2b26e2%26t1%3D07102022%26t2%3D08232022%26t3%3D12067593553%26t4%3Dfollowup%26t6%3Dfreesamplesprousa.com%26t7%3Dhduf1%26t8%3D39682589&ul=en-us&de=UTF-8&dt=Find%20Your%20Free%20Samples&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=666054561&gjid=270756557&cid=598540755.1661409257&tid=UA-234660794-1&_gid=681194947.1661409257&_r=1&gtm=2wg8m05TWVWWK&z=102915577

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://freesamplesforusa.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 06:34:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://freesamplesforusa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cenw.js Show response
dts.gnvwe.com/ Frame 7027 36 B
126 B 137ms
137ms XHR
text/html 34.111.96.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dts.gnvwe.com/cenw.js
Requested by: Host: pxlgnvwe-a.akamaihd.net
URL: https://pxlgnvwe-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: f640570f6221c3cd04bb2b18304f75b335f0f3bf0e307c4f15134098b8860518

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pxlgnvwe-a.akamaihd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:17 GMT
via: 1.1 google
etag: W/"24-6uOCN0P7Wz3klEF+R3ANAQ"
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1800
alt-svc: clear
content-length: 36

POST
H2 200 update-anura-response Show response
freesamplesforusa.com/api/survey/ 27 B
391 B 148ms
147ms Fetch
application/json 138.197.231.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://freesamplesforusa.com/api/survey/update-anura-response

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.231.234 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

/ PHP/7.4.30

Resource Hash

7bbde71e5f3d9e7fbcaccebabcd5064f0de17fd4cb5a3a79dee5db1278d6ac91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
authorization: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwczpcL1wvZnJlZXNhbXBsZXNmb3J1c2EuY29tXC9hcGlcLyIsImF1ZCI6Imh0dHBzOlwvXC9mcmVlc2FtcGxlc2ZvcnVzYS5jb21cLyIsImlhdCI6MTY2MTQwOTI1NiwibmJmIjoxNjYxNDA5MjU2LCJleHAiOjE2NjE0ODEyNTYsInVpZCI6IjVhOTUyNTM1LWFhY2EtNGMxNC1hODU1LTVjZWVmYTJiMjZlMiIsImN1cnJlbnRwYWdlIjoibGFuZGVyIiwiY3VycmVudGh0bWwiOiJmbG93XC9sYW5kZXJcL2ZzZnUtbGFuZGVyLXYyLmh0bWwiLCJzdWJtaXRQYXRoIjoic3VydmV5XC9yZWdpc3Rlci11c2VyIn0.9HUo-LeTb863q1XO4pGeOtfOwnY-HBSJP4Opo4clwrE
Content-Type: application/json
Accept: application/json
Referer: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
X-VERGL: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
X-VERLS: null
X-VERLUC: 5a952535-aaca-4c14-a855-5ceefa2b26e2

Response headers

date: Thu, 25 Aug 2022 06:34:17 GMT
leadgen_env: canary
x-skip-cache: 1
x-powered-by: PHP/7.4.30
vary: Origin
content-type: application/json
access-control-allow-origin: https://freesamplesforusa.com
x-ratelimit-limit: 256
x-ratelimit-remaining: 254
cache-control: no-cache, private
access-control-allow-credentials: true
leadgen_env_cookie: always
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip

GET
H2 200 image.png
freesamplesforusa.com/event/ 70 B
1003 B 163ms
162ms Image
image/png 138.197.231.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freesamplesforusa.com/event/image.png?eventType=page&isBase64=1&eventData=eyJyZXN1bHQiOiJiYWQiLCJtb2JpbGUiOjAsImFkYmxvY2tlciI6MCwiZXZlbnQiOiJBbnVyYVNwYW1DaGVjayIsImVsdGltZSI6MH0%3D&eventType=page&eventName=anura&eventValue=spamcheck&eventPage=&r=54545

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.231.234 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

/ PHP/7.4.30

Resource Hash

497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:17 GMT
leadgen_env: canary
x-skip-cache: 1
x-powered-by: PHP/7.4.30
vary: Origin
content-type: image/png
x-fastcgi-cache: BYPASS
leadgen_env_cookie: always
cache-control: no-cache, private
strict-transport-security: max-age=15724800; includeSubDomains

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 84ms
64ms Ping
text/plain 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-5YNGWE96D1&gtm=2oe8m0&_p=1359964084&cid=598540755.1661409257&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661409257&sct=1&seg=0&dl=https%3A%2F%2Ffreesamplesforusa.com%2F%3Fcid%3Dullkd%26fname%3DBarbara%26lname%3DHaney%26gender%3DFemale%26email%3Dbhaney1227%2540gmail.com%26address%3D40%2Bspruce%2Bstreet%26mobile%3D8607298721%26zip%3D06040%26date%3D22%26month%3D01%26year%3D1963%26sessionid%3D5a952535-aaca-4c14-a855-5ceefa2b26e2%26t1%3D07102022%26t2%3D08232022%26t3%3D12067593553%26t4%3Dfollowup%26t6%3Dfreesamplesprousa.com%26t7%3Dhduf1%26t8%3D39682589&dt=Find%20Your%20Free%20Samples&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5YNGWE96D1&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 06:34:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://freesamplesforusa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame F8CB 4 KB
2 KB 443ms
139ms Document
text/html 23.23.142.3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=F4B0D3EA-DC03-E8E2-79D2-A3F45ED5FF41&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.11&lck=D12CBC34-F803-D620-FC88-5126B38F6541&lac=262F10E5-92F1-5DE1-E89D-F5F47859F22E
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=F4B0D3EA-DC03-E8E2-79D2-A3F45ED5FF41&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.11&lck=D12CBC34-F803-D620-FC88-5126B38F6541&lac=262F10E5-92F1-5DE1-E89D-F5F47859F22E
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.142.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-142-3.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

cache-control: max-age=86400 public
content-encoding: gzip
content-type: text/html
date: Thu, 25 Aug 2022 06:34:17 GMT
etag: W/"62a74f42-1049"
expires: Fri, 26 Aug 2022 06:34:17 GMT
last-modified: Mon, 13 Jun 2022 14:52:50 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server: nginx

POST
H2 201 certs Show response
api.trustedform.com/ Frame 749F 475 B
686 B 412ms
139ms XHR
application/json 52.21.229.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16614092566210.004219677001749966
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.229.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-229-184.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 2fdf0cd54b5066c0bdbde4e4691d70581c12d5736d737434ff497de5f5b55f74

Request headers

Referer
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Aug 2022 06:34:17 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

GET
H2 200 ptmd
dts.gnvwe.com/ 70 B
139 B 138ms
138ms Image
image/gif 34.111.96.116
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts.gnvwe.com/ptmd?t=1661409256957243651574908_N4IgtgniBcDasEYA0AmALAViQdgGwGYl8AGbJADl1wF1qkQB3ARxljvAgCdX2A7AQ1ZoUATjQjc2FLjRIE+NMXLZi+EUgwklaciT78AzjFH0AlvzCti7c0ejl6ADwBmMEMVzOEAY1EATACMUX2wMchQAUwD8APJiNC8UDAIUFRAnZwAXN10I3AiREQDnRQDsNFwUfGdvfAx5Zz9ibwwRYhQ-dJAAa0FoEC9sfjCUYgBadGqxhAQIvzGAwNwx1XwpYmII5wDiru6AmGQQbwA3N2AAHRAAGwB7b35rgH0DTNvOfgBzCKvoK8HhuFxpNnNNZvNFgFlqt1pttsUrkgrgYIgYDKZbrwXm8Pt9fv8EEMRsC0FMZnMFksVvg1qM4TtnIirt5brduqYIk8-PxMvx8QNCYDRhNSaDyRCqTC6VsGVcAL5dT6ZVxwYhINUa9XsJV2WCa5Aa9ivXWa03sCLeTKWfpocpdUxnaDEAB0WBArx5AFddWhZCYSEh1AgROwAF59I4AB0+bjO9E+AAs3AgqAhFCIkrgRBgpKTcPUc+IlF0TnYQLhnS7xCIuo9jLIBt4YNN6BFMqZk6n05muq8Y076AZup3cGniBnkk98+h2qSFHUuhFTJHk+QMM609hnSh5M7SSWItx+pHOLdOq3PRH6J6OwOQBETtcePRI6Xn+7rq8R2OJ1nNF1rhVI5vG9TInlMTp+k9a5rm6c8QBOUxwMgkAMH4bMkjqMZ+H4B4xjQbw02wtcMDGDBvAiLZ+BQIJ8hQRUm2gFNR27HMMHaegmAiQ56GcW8UDlIA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:17 GMT
via: 1.1 google
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
alt-svc: clear

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.11.11/ Frame F8CB 0
625 B 140ms
139ms Script
text/javascript 54.172.138.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.11/SaveDeviceId.js?lac=262F10E5-92F1-5DE1-E89D-F5F47859F22E&lck=D12CBC34-F803-D620-FC88-5126B38F6541&methods=48&token=F4B0D3EA-DC03-E8E2-79D2-A3F45ED5FF41&uuid=fcd54cc2ea844bc19f2a8ffcc4152c6f

Requested by

Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=F4B0D3EA-DC03-E8E2-79D2-A3F45ED5FF41&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.11&lck=D12CBC34-F803-D620-FC88-5126B38F6541&lac=262F10E5-92F1-5DE1-E89D-F5F47859F22E

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.138.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-138-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:17 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK NRJS-2598d96435bb8be4aff Show response
bam.nr-data.net/events/1/ 24 B
509 B 670ms
670ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-2598d96435bb8be4aff?a=1717442295&v=1216.487a282&to=blZaYUUHXUdVVUdbW1cceVZDD1xaG3dDQmhxR0xFayVcWkBEXF5YXEFLaWcHVFF3WV1GRlZfVFBFJlRRQHpSXFBcQWhUUAM%3D&rst=4049&ck=0&ref=https://freesamplesforusa.com/
Requested by: Host: freesamplesforusa.com
URL: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://freesamplesforusa.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
content-type: text/plain

Response headers

Date: Thu, 25 Aug 2022 06:34:18 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://freesamplesforusa.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 74024d1588c9c7f3-TLL
Content-Length: 24

GET
H2 200 trustedform-1.8.27.js Show response
cdn.trustedform.com/ 99 KB
37 KB 72ms
72ms Script
application/javascript 52.222.214.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Requested by: Host: freesamplesforusa.com
URL: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 67a63477cbc6cfaa632e9b56ba4c8a247f34504534b58705906f36a1627c2458

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: 6olc5v40B1RpRJGb5GYISB93fSUp4tqK
content-encoding: gzip
last-modified: Tue, 16 Aug 2022 18:53:06 GMT
server: AmazonS3
age: 18
etag: W/"2f557edcc84fd346c897a4d565e57ac0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
date: Thu, 25 Aug 2022 06:34:17 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: PQa-UaqY4hNkKJ721try8JkpNN27KQYvUM0MiNobhMyLRxz-tzEQuQ==

POST
H2 204 snapshot Show response
api.trustedform.com/certs/32dc701858d3dd5b37658ff6a4bbd7dc3d599675/ Frame 5F30 0
159 B 276ms
275ms XHR
text/plain 52.21.229.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/32dc701858d3dd5b37658ff6a4bbd7dc3d599675/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.229.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-229-184.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 25 Aug 2022 06:34:18 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

GET
H2 200 image.png
freesamplesforusa.com/event/ 70 B
1007 B 156ms
150ms Image
image/png 138.197.231.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freesamplesforusa.com/event/image.png?eventType=page&eventName=imp&eventValue=landing&theme=3

Requested by

Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.231.234 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

/ PHP/7.4.30

Resource Hash

497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:18 GMT
leadgen_env: canary
x-skip-cache: 1
x-powered-by: PHP/7.4.30
vary: Origin
content-type: image/png
x-fastcgi-cache: BYPASS
leadgen_env_cookie: always
cache-control: no-cache, private
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 image.png
freesamplesforusa.com/event/ 70 B
1007 B 177ms
170ms Image
image/png 138.197.231.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freesamplesforusa.com/event/image.png?eventType=section&eventName=imp&eventValue=registration&theme=3

Requested by

Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.231.234 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

/ PHP/7.4.30

Resource Hash

497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:18 GMT
leadgen_env: canary
x-skip-cache: 1
x-powered-by: PHP/7.4.30
vary: Origin
content-type: image/png
x-fastcgi-cache: BYPASS
leadgen_env_cookie: always
cache-control: no-cache, private
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 image.png
freesamplesforusa.com/event/ 70 B
1006 B 166ms
159ms Image
image/png 138.197.231.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freesamplesforusa.com/event/image.png?eventType=page-ab&eventName=imp&eventValue=FSFU-Minimum-PII-Flow&eventData=ullkd

Requested by

Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.231.234 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

/ PHP/7.4.30

Resource Hash

497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/?cid=ullkd&fname=Barbara&lname=Haney&gender=Female&email=bhaney1227%40gmail.com&address=40+spruce+street&mobile=8607298721&zip=06040&date=22&month=01&year=1963&sessionid=5a952535-aaca-4c14-a855-5ceefa2b26e2&t1=07102022&t2=08232022&t3=12067593553&t4=followup&t6=freesamplesprousa.com&t7=hduf1&t8=39682589
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:18 GMT
leadgen_env: canary
x-skip-cache: 1
x-powered-by: PHP/7.4.30
vary: Origin
content-type: image/png
x-fastcgi-cache: BYPASS
leadgen_env_cookie: always
cache-control: no-cache, private
strict-transport-security: max-age=15724800; includeSubDomains

GET
H3 200 session
gls.cap-cloud.co/identify/ 70 B
1 KB 214ms
167ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gls.cap-cloud.co/identify/session?id=5a952535-aaca-4c14-a855-5ceefa2b26e2

Requested by

Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.30

Resource Hash

497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:18 GMT
leadgen_env: prod
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.30
leadgen_env_cookie
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-skip-cache: 1
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YyRzHCioHO6iaJUR4sKCJYEpygDMFosvqszBY912z8NdFj%2FR59ht9cWyfPUD5Yw%2B2yRwtMxfofMcggf%2F%2BS5jcVYDFPAmglkd44cB2Uu8Dgv3sxWU1kK%2FPvq9N6OczpVwakxF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-fastcgi-cache: BYPASS
cache-control: no-cache, private
cf-ray: 74024d175a620b41-OSL

GET
H3 200 grocery-img-1.svg
canary-assets.freesamplesforusa.com/images/ 1 MB
925 KB 329ms
325ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canary-assets.freesamplesforusa.com/images/grocery-img-1.svg
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d225521e3b8da8c5889a6c163ed81813225a71593a6544b05e7755873d7178a

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 11:42:10 GMT
server: cloudflare
etag: W/"6304bd12-135b04"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xOv6zSFgDhiW1mp6OiPN5hWfpVZkt4UR1SeMkCnd8%2FWOkK4q9gobo5iBhqmJ%2FV0o%2F%2Bak8%2Bg0jSspE1ZWTeGI3JjUXDsljBk1cvzYZKPhxxn2A6c7efMknKzdWBqvNCUIExhVpZMLdikqcgc%2FS%2BsQPZVRV9asoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74024d173b25b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 arrow-left-1.svg
canary-assets.freesamplesforusa.com/images/ 1 KB
1 KB 329ms
325ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canary-assets.freesamplesforusa.com/images/arrow-left-1.svg
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8391e743111b929489427646dc7cfe9d01d9ac858f6a6a1c7855017474147c06

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 11:42:10 GMT
server: cloudflare
etag: W/"6304bd12-445"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqcGHJRK0fdV4kq7MIZyxRdYlcQNtBwZrKdAzH8rispXXQvlY1eMeNayn7NXnID%2FZCS2qXknfSdkP8AECl7JB3ESeIaZO2MLNVGOms0AIiZlRzhR%2BibbFMhuedXNA2Shy7sKuWMzzdhdD095E9bxyoRFFDkDxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74024d173b26b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 arrow-right-1.svg
canary-assets.freesamplesforusa.com/images/ 1 KB
1 KB 158ms
155ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canary-assets.freesamplesforusa.com/images/arrow-right-1.svg
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b77d1802a959e3dbc743116cfed1f8c08ee1a6e276f9902b15803de9589cc5d

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 11:42:10 GMT
server: cloudflare
etag: W/"6304bd12-436"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I7HsNfXCq8eS1cz6k8k2AQ9qhU%2BXUziGaavTCJcEUCuG%2BCfwTTLTZmGU8S53Tlxrg%2FAz%2BkHqduQmeGEp%2Bxg5SU1ViVqnBqZEava9rntRWEHKX2zYGCbWN8voJSxgI2PWnJmeYt60MDeF96OB8gLdXxamHnr2iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74024d173b27b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 fsfu-man-2.png
canary-assets.freesamplesforusa.com/images/ 180 KB
181 KB 329ms
326ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canary-assets.freesamplesforusa.com/images/fsfu-man-2.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fe042b43127ca6ed2fbd91cd4d0c7deeceab41bf1268ea7d49d6b0509284ba2

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:18 GMT
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 11:42:10 GMT
server: cloudflare
etag: "6304bd12-2d117"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eh%2B5cLmIE3tSl9uh0ownbqrst%2B6UQJgGFx%2FPEzKVV9gxORf4EkBBcqwzOAJF5VkwP5BK3dzNs2WgnI4L2yRIQtFx%2FTzBAsCFZFow0R6Uvld1SemlXTz9u0iFWs%2B16y3Ozqjw149m%2BNU7SwZ8m3zWj8mqaEMw%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74024d173b2bb92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 184599

GET
H3 200 user-bg.png
canary-assets.freesamplesforusa.com/images/ 94 KB
95 KB 645ms
641ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canary-assets.freesamplesforusa.com/images/user-bg.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2331cb936c09f333c1ee32d20ee14dacf20bc100a27728819152e9fa581ff6cf

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:18 GMT
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 11:42:10 GMT
server: cloudflare
etag: "6304bd12-177d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=144WWt6vKAbIDRgSemH9xSGVEd2WAiv%2BE%2BYCz%2Ft5d0KwMfPg25GRLSOzuI43HgZ3WfJNNCFTn2y%2BPw84DhjlX%2F31rObLdbluBsN2GBAz1F1mkhnssaG9%2Fka%2FBquMo4H1ZewXdQhgBKzJPHS8O1tggmVfIOgjcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74024d173b2eb92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 96213

GET
H3 200 charminbranded.png
canary-assets.freesamplesforusa.com/images/dynamic-ads/ 77 KB
78 KB 655ms
651ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canary-assets.freesamplesforusa.com/images/dynamic-ads/charminbranded.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 014cd52a32688c03283862bce0847e3178fba7ba4161a413afee343b245f1114

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:18 GMT
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 11:42:10 GMT
server: cloudflare
etag: "6304bd12-13486"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6g%2Bko9DzR9kfxLYpiH4QG1%2FCr6C3FnQpXgESnsP7svGt4%2F0IEuUIZT0iPVMKqHNbcqrie6kiA486tja%2F0n4hllmT%2BJkR25fhlFJ29Z8M8ibDxPBLJe5HG00zbp%2BghqvIko1U4K9xwCoSe8i6H1%2F0OTuRnvmGnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74024d173b2fb92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78982

GET
H3 200 mcdonalds.png
canary-assets.freesamplesforusa.com/images/dynamic-ads/ 97 KB
97 KB 656ms
652ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canary-assets.freesamplesforusa.com/images/dynamic-ads/mcdonalds.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d0df5dce1e80da671585b69131410cad07a404795cd02cb5b7f2fca3beb0e6c

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:18 GMT
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 11:42:10 GMT
server: cloudflare
etag: "6304bd12-18283"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cegLiMfTJNARtDU1VOz5Xlg2YQlHAfWfnbcNM9VQuY9tiSyrmWY7esHy4uL%2BFOKmbD2OcHVdQQJt1CdWn37L3nLcgzQl1nTB%2F95w%2F2%2BMLGeVTmb6jEPmLKePhYSR7wC0wMznKCrzaxfxS4dFYnwXA%2FPL%2Bb5O4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74024d173b30b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 98947

GET
H3 200 burgerking.png
canary-assets.freesamplesforusa.com/images/dynamic-ads/ 317 KB
317 KB 213ms
210ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canary-assets.freesamplesforusa.com/images/dynamic-ads/burgerking.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aeee6196a221d1735061129151b360782d9788fe0f5b05ab6dec270f24e272f2

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:18 GMT
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 11:42:10 GMT
server: cloudflare
etag: "6304bd12-4f27f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gm%2BXsocYaKL%2BoohF4%2F9dHYoIaoOUDI%2B7duXFE2IfZNVdwdUtyVemVVDt1klJBKtj3sYYGIEup3PS8yoWMmlk4WrVQDXTSEoxT3dUlLwHDRhh5dzIPFPWu3SWCv06fLnLZLG0N%2BWOggdlMI4agw54sXVLvW2d1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74024d173b32b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 324223

GET
H3 200 sephora.png
canary-assets.freesamplesforusa.com/images/dynamic-ads/ 23 KB
24 KB 710ms
706ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canary-assets.freesamplesforusa.com/images/dynamic-ads/sephora.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b3be68092e713a8347ac772538be77452ad3fdd25f1145edb7ccf48ccd890be

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:18 GMT
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 11:42:10 GMT
server: cloudflare
etag: "6304bd12-5c31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZY%2BZVdeGk8r8CXUE%2FH46afEWj4%2BbOeY7h7kzJgFY%2FsIV0p0jGRgSR4AVrgemzarmohOg%2FYOr7hUJsCzS4HOjukn%2BBZv4AramXMwxVlIf4BtBEmJklyY9qv%2FtvvboKQXxb1nHc1nVJJhz2s3wimwv0tuvUnhwiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74024d173b33b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23601

GET
H3 200 downy.png
canary-assets.freesamplesforusa.com/images/dynamic-ads/ 87 KB
88 KB 160ms
156ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canary-assets.freesamplesforusa.com/images/dynamic-ads/downy.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbbfad48a108f539f969b93f459c5984d4b9f111bae46f4018b2267108e8ae58

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:18 GMT
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 11:42:10 GMT
server: cloudflare
etag: "6304bd12-15c95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XtpdrtWzKh4AQE3vl2P5pNRP76wLFk%2BChxQimH2gEdk7vOHj08R9sgcJ%2BFS9E%2FK%2BwG%2BT5%2Fu%2BXdWEJxRLbeA9I%2FJAuoWGPabrkYwD%2B3q0nGQJ6S7dNxLXJWUTrYbOt2zY%2BP8W3jQOvyxrxVchPDMBJy3dv9f68Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74024d173b34b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 89237

GET
H3 200 esteelauder.png
canary-assets.freesamplesforusa.com/images/dynamic-ads/ 26 KB
27 KB 729ms
725ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canary-assets.freesamplesforusa.com/images/dynamic-ads/esteelauder.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d024229b74abff5260d3593df9e9b2bcc8785a5e93425fa0d0efb084357995e7

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:18 GMT
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 11:42:10 GMT
server: cloudflare
etag: "6304bd12-69d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xMwwC5kHlluH%2FCTyTblLfN8M17bU9zxjEYEU43ewPLn0rZ6m9SxW2yOlGvLRNm6viq5x2Efz1pS1Q1gkiEH4CkhmiB8yABRepI0n97%2FrBjp19MKJCkEcIw9EoknL4YrV5bsWlVE8Y4q2o%2BKDL5XTDzaiozbgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74024d173b37b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27096

GET
H2 200 noscript.gif
create.leadid.com/ 43 B
641 B 144ms
140ms Image
image/gif 54.172.138.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://create.leadid.com/noscript.gif?lac=262f10e5-92f1-5de1-e89d-f5f47859f22e&lck=262f10e5-feed-beef-cafe-f5f47859f22e&snippet_version=2

Requested by

Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.138.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-138-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:18 GMT
content-encoding: none
last-modified: Thu, 25 Aug 2022 06:34:18 GMT
server: nginx
etag: 617D9780-2664-02FE-3A67-1B469828D59E
access-control-max-age: 1728000
content-type: image/gif
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/32dc701858d3dd5b37658ff6a4bbd7dc3d599675/ Frame 5F30 0
159 B 268ms
265ms XHR
text/plain 52.21.229.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/32dc701858d3dd5b37658ff6a4bbd7dc3d599675/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.229.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-229-184.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 25 Aug 2022 06:34:18 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

GET
DATA 200
OK truncated
/ 10 KB
10 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: text/javascript

POST
H2 200 Snap Show response
create.leadid.com/2.11.11/ 0
622 B 1089ms
546ms XHR
text/plain 54.172.138.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.11/Snap?msn=4&pid=7f908efd-522b-4708-af5b-92224c4f898c&token=F4B0D3EA-DC03-E8E2-79D2-A3F45ED5FF41&_=360838884

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.138.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-138-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://freesamplesforusa.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 25 Aug 2022 06:34:19 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.11.11/ 0
622 B 1055ms
548ms XHR
text/plain 54.172.138.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.11/Snap?msn=5&pid=7f908efd-522b-4708-af5b-92224c4f898c&token=F4B0D3EA-DC03-E8E2-79D2-A3F45ED5FF41&_=360838885

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.138.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-138-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://freesamplesforusa.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 25 Aug 2022 06:34:19 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.11/ 0
621 B 502ms
275ms XHR
text/plain 54.172.138.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.11/InitFormData?msn=6&pid=7f908efd-522b-4708-af5b-92224c4f898c&token=F4B0D3EA-DC03-E8E2-79D2-A3F45ED5FF41&_=360838886

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.138.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-138-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://freesamplesforusa.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 25 Aug 2022 06:34:18 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 events
api.trustedform.com/certs/32dc701858d3dd5b37658ff6a4bbd7dc3d599675/ 0
159 B 139ms
138ms Ping
text/plain 52.21.229.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/32dc701858d3dd5b37658ff6a4bbd7dc3d599675/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.229.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-229-184.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freesamplesforusa.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 25 Aug 2022 06:34:18 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

POST
H2 200 Snap Show response
create.leadid.com/2.11.11/ 0
621 B 767ms
547ms XHR
text/plain 54.172.138.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.11/Snap?msn=7&pid=7f908efd-522b-4708-af5b-92224c4f898c&token=F4B0D3EA-DC03-E8E2-79D2-A3F45ED5FF41&_=360838887

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.138.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-138-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://freesamplesforusa.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 25 Aug 2022 06:34:19 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ptmd
dts.gnvwe.com/ 70 B
131 B 139ms
138ms Image
image/gif 34.111.96.116
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts.gnvwe.com/ptmd?t=1661409256957243651574908_N4IgpgHiBcIAwgDQgM4GMD2MQEYBseOALHAJwBMArHgPp6XkmMDMzRzlSqmAZjDsnQYALtnyESFanQZN2bDjUpoAhniIATAOxweG0gA4NOLT2Zr6YDWFM8cKuGS5DhfaAO4iNYgsTJVaekY4FgVKGgM8ODA0NDwDAxU7egAjSjAVYjQiFVNyNRiUomdMYQ03DzAAaxVsOwMigxw4AFoWHhacHCsWlIc8FrQNAzgmxJUOUi5qlP5kNAA3FGxgAB0QABsMVQ2aFGEMACcVAHMwdeh1+sbmtvYOrp6+uAGhkbGVCcpSdcR1lDAKBQAEsMAA7PYHY5nC5XHANIhNVrtTrdDS9fqDYajeGfSa-daYDBVYFgGgaFTCFSwkDXRG3FGPdHPV7Yj5fH4gAC+XB4tWgAG1mFpKEitAZqIhmgZEHBZfK5YqFcqlYqALrIPnLaB4ZAACz1MAFlC0iFFGtpFWQAFdrTAiPhNQtsNMVBsjRaMgAHI24CUAOmIWn95BwzH97BAFuBzug5EEVOE1u1AvIzEQVClMpwpAtAC9+R4vSdsM7kCdDbBxH4pHhSCaWPQcCaiKRRlwltg8P64BHSFNkG6YIxNWgYJ1kGBhMCfBJ-NRnMIS9A5agqrOawEZMFQuxOJPgT6qwGgyGwxHmB2wIdsF7DhhvJPrYWbTOV5OFu7BRavZ3BfAAAJyDgHByAAnAo0EDZ9g3SQAnrS9kA2K0QDQZNhBoYFvFga0Ng2KpHxABZgUw7CQEoFR6yoDgWk+VQWiINBiFoiVKBaZQwDAPlyBScg8DAcguBOMd3F8ODRVILRTRAABHMA5lpN9mC5IA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:19 GMT
via: 1.1 google
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
alt-svc: clear

POST
H2 204 events Show response
api.trustedform.com/certs/32dc701858d3dd5b37658ff6a4bbd7dc3d599675/ Frame 5F30 0
159 B 139ms
138ms XHR
text/plain 52.21.229.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/32dc701858d3dd5b37658ff6a4bbd7dc3d599675/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.229.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-229-184.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 25 Aug 2022 06:34:19 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

GET
H2 200 ptmd
dts.gnvwe.com/ 70 B
131 B 138ms
138ms Image
image/gif 34.111.96.116
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts.gnvwe.com/ptmd?t=1661409256957243651574908_N4IglgbiBcAsA0IDOAXAhigrkmBtAjAJwC6iAXmjPogA4DmMIUidAFo-gGyf6wAMhAEwBWToWEB2QbADMnYfkmxCfABwhEEHNBCcAdHz3LCGkGgA2MaYgBmAYxgBaaiACmKMB268BIzqdQGaD5EJABrLx5+IVEAfXlpPmkZGVlhU1cwGg5VYT1eCT1BfBkjGVMIVwAnRhoqgHsAEwzMSmgXTE9gxFcIS2hcUhAaLTwhpHNUSJ8YsWFyxHMbKkQ7bBRYsGadTHNzMObNME3tkGE0cREZYUc0NDs0R1g7Xlvcm+E7V1cbNEEAI0EnFcglMdAc7W80SBAgkEkQAEdXCsQDYurAAL5AA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://freesamplesforusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:34:21 GMT
via: 1.1 google
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
alt-svc: clear

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
imwhtrck.com/	1970-01-20 05:30:16	Name: XSRF-TOKEN Value: eyJpdiI6IkVyT0RmUkNIS1kxczVxK0V0aWlvUVE9PSIsInZhbHVlIjoiTFh1QU1VcjJqTWQ4K1JNNWswMThZK0txUHMrdG43K3UvOHFib3A4WDg3Y2x1ZUt0bEVqdUN1MUdsWHZOQkllT2E5S2lZMlZNZHZwRUwwUXZzWmJ5Tk5ZVmJQWmQxZm9VdkFteCtwVjNtUzNEY1BzRmlHYXQ2cGxXTHZzUDVocm0iLCJtYWMiOiJiNzc3OWVhMDhlMzViNzQwMTE2NTIwNDVmYTk1YzE3ZWZjMjQ2M2IzMDVhZTQ4NDQxZjNlNjRiMmY2MjAzYTQzIn0%3D
imwhtrck.com/	1970-01-20 05:30:16	Name: leadgen_session Value: eyJpdiI6Im12cHBDeGJyUW0wZzU3YlQzRmovZ1E9PSIsInZhbHVlIjoiL3VQcVFQK2RLQzZpVDRsaHVOMkl3Y0xweDdwU0loa042SUk2b2kwT3kxclNQd05RSVhGVFBJNUxPdVdvVEdmSEE5V2o5OW1xeVJCWjFGM2sybEwrdG5pVVIvTXNnMGpRYnV6UjMxT2VCZ3JoOGZ1UmMwWUJKVURKSlFJaUFrR3giLCJtYWMiOiI2YWE4N2Y3ZmRlMTViZjgwZTRhMjlkNzczYjU4ODFiNWM4NzNmODI0MzkxZmNlMjBiMGY4YmNiZWVmZThhM2Q5In0%3D
.freesamplesforusa.com/	1970-01-20 14:15:45	Name: leadgenuid Value: 0334409a-5825-47c2-9901-d2ae3f0f73d9
.freesamplesforusa.com/	1970-01-20 14:15:45	Name: usercookie Value: 5a952535-aaca-4c14-a855-5ceefa2b26e2
.freesamplesforusa.com/	1970-01-20 14:15:45	Name: leadgennewcookie Value: eyJpdiI6IklveTJXZ3NWc2ErcjBhSmNmOGF2TlE9PSIsInZhbHVlIjoiRSt4bDdVVUdVSlRtNmZCdzg2MUdHS25RR3FadnJlemhEM3EvMThXTThpb2lJMmdydzdBY2ZZY0h6Z2lsNFVEaCIsIm1hYyI6IjVkNWI4OTc3NTE1NDk0M2MzMWMzM2UwZDhhMjk3N2I5N2ExOGFkNTJlMDczNDFjODY1NTM3MzYzNTMyZTNlMTUifQ%3D%3D
freesamplesforusa.com/	1970-01-20 05:32:33	Name: nginxcanarycookie Value: always
.gls.cap-cloud.co/	1970-01-20 14:15:45	Name: globalid Value: 4f2fd65e-9f1b-4c12-9ae0-60d1f6bd5f4e
.freesamplesforusa.com/	1970-01-20 07:39:45	Name: _gcl_au Value: 1.1.1691099468.1661409257
.freesamplesforusa.com/	1970-01-20 15:06:09	Name: bfp_sn_rf_5ca64d70fd98d17f3a665ede7ff1a009 Value: Direct
.freesamplesforusa.com/	1970-01-20 15:06:09	Name: bfp_sn_rt_5ca64d70fd98d17f3a665ede7ff1a009 Value: 1661409256960
.freesamplesforusa.com/	1970-01-20 05:30:11	Name: bfp_sn_pl Value: 1661409256\|1_652402433435
freesamplesforusa.com/	1970-01-20 05:30:10	Name: leadid_token-262F10E5-92F1-5DE1-E89D-F5F47859F22E-D12CBC34-F803-D620-FC88-5126B38F6541 Value: F4B0D3EA-DC03-E8E2-79D2-A3F45ED5FF41
.freesamplesforusa.com/	1970-01-20 05:31:35	Name: _gid Value: GA1.2.681194947.1661409257
.freesamplesforusa.com/	1970-01-20 05:30:09	Name: _gat_UA-234660794-1 Value: 1
.pxlgnvwe-a.akamaihd.net/	1970-01-20 05:30:11	Name: bfp_sn Value: 1661409256_652402433435
.pxlgnvwe-a.akamaihd.net/	1970-01-20 05:30:11	Name: bfp_sn_t_5ca64d70fd98d17f3a665ede7ff1a009 Value: 1661409256_652402433435_5ca64d70fd98d17f3a665ede7ff1a009
.pxlgnvwe-a.akamaihd.net/	1970-01-20 05:30:11	Name: bfp_sn_td_860ecc688af165b5ea14c4a7f2a6ecb4 Value: 1661409256_652402433435_860ecc688af165b5ea14c4a7f2a6ecb4
.freesamplesforusa.com/	1970-01-20 15:06:09	Name: _ga_5YNGWE96D1 Value: GS1.1.1661409257.1.0.1661409257.0.0.0
.freesamplesforusa.com/	1970-01-20 15:06:09	Name: _ga Value: GA1.1.598540755.1661409257
.freesamplesforusa.com/	1970-01-20 15:06:09	Name: bafp Value: f17a5820-243f-11ed-bdb6-0337200efbbf
.pxlgnvwe-a.akamaihd.net/	1970-01-20 15:06:09	Name: bafp_t Value: f18b4810-243f-11ed-ba06-cd80818aa359
.deviceid.trueleadid.com/	1970-01-20 15:06:09	Name: uuid Value: fcd54cc2ea844bc19f2a8ffcc4152c6f
freesamplesforusa.com/	1970-01-20 05:30:16	Name: XSRF-TOKEN Value: eyJpdiI6Im52M0R3aXF0dnBTMHhXT0FiNVRuWmc9PSIsInZhbHVlIjoiOU4vUGRoMU02OWNidExDRDhuZkdldXQ3LzBBSWNRdGhzVERUK1R2UVNFTFV3YlJYblB1YUNSL1B4ZHhJbzY4eVV3bVhIbmdpNUp4cnY2SUJSUVdJOXZBUkFFa3dCM21JVStqVWFONUNtWnlqVmI4bERVcUlVS015M2ZsaWE4OC8iLCJtYWMiOiIyOTQ2MWYwZWMzNzY2MzYyMDYyMDY4Nzc2NWY1OGNiYjgwNWIwMzVlOWQ3MDQ1YWI1NDk4MjBkMWUzYWY1NWNiIn0%3D
freesamplesforusa.com/	1970-01-20 05:30:16	Name: leadgen_session Value: eyJpdiI6Iko4eE5ScjN1UFRXMGcxQUIyWjRpSUE9PSIsInZhbHVlIjoiK0hRanVHQm84bitXeHZORDRYQVNzeTBOcERFcEVPazZsYzdXVU9ERVYyS21HZVJvZ3YzRmFUM1VsazBTR3pRUXhNQmlQMUNscjZxOVFrcU42VGY5bnp0cjB5WlVBUC9TMlNHSE1sUUpBVmIzT0EzdWM1cU4vc29UZFV6MDQ0QU0iLCJtYWMiOiIxYmJmZjgxNDEzOTQ4ZjgwNTA1MjViMmViMGFhZjZiYmJkNTQyYWJiZGEwOTE3ZDcxYTg4MzkwZjUyODRlMzU0In0%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://pxlgnvwe-a.akamaihd.net/javascripts/browserfp.min.js?templateId=24(Line 14) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.anura.io
api.trustedform.com
bam.nr-data.net
canary-assets.freesamplesforusa.com
cdn.trustedform.com
cmtdo.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
dts.gnvwe.com
dts6.gnvwe.com
fonts.googleapis.com
fonts.gstatic.com
freesamplesforusa.com
gls.cap-cloud.co
imwhtrck.com
js-agent.newrelic.com
pxlgnvwe-a.akamaihd.net
s.yimg.com
script.anura.io
www.google-analytics.com
www.googletagmanager.com
138.197.231.234
142.250.185.110
142.250.185.234
142.250.186.99
151.101.130.137
162.247.241.14
172.217.16.200
172.67.41.229
18.66.139.86
188.114.97.3
23.23.142.3
23.48.23.35
34.111.96.116
35.177.202.29
52.21.229.184
52.222.206.97
52.222.214.104
54.172.138.183
87.248.119.252
014cd52a32688c03283862bce0847e3178fba7ba4161a413afee343b245f1114
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
1454d94422094de6024289d48a780af176773df756835678a7adf39c2f1c17e5
1f3bb2e889c6bab01d904eddc82b0a5913d60e6750419b026c6aafb1314e9ea0
1fe042b43127ca6ed2fbd91cd4d0c7deeceab41bf1268ea7d49d6b0509284ba2
2331cb936c09f333c1ee32d20ee14dacf20bc100a27728819152e9fa581ff6cf
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
2d225521e3b8da8c5889a6c163ed81813225a71593a6544b05e7755873d7178a
2f4c61b8a3090d86cf089478032e6213bea6aeaec5c35b22deadfc383f71e70f
2fdf0cd54b5066c0bdbde4e4691d70581c12d5736d737434ff497de5f5b55f74
3b3be68092e713a8347ac772538be77452ad3fdd25f1145edb7ccf48ccd890be
43a8671a5f897d1593aa709ddc246723cf20cc7a863cfb02020f55edca6a2e9a
497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581
4b4ae9e215938755932c46914cd18ab60dc5de29ad97f76fd4f224f678e507cd
4b77d1802a959e3dbc743116cfed1f8c08ee1a6e276f9902b15803de9589cc5d
4fcb264a1e720e563c99d094b1ed8a59b0f9fc7c944feaac84909bbb0ff288b2
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
54be7235ebc9fae405d472d16c672a31777963f3004271c7721b28773ae715ff
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
607020848525f662633b5a3d9c7826462e6dab9b39967e0ee572c91a83f7f9b1
67a63477cbc6cfaa632e9b56ba4c8a247f34504534b58705906f36a1627c2458
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7280aa126dc7f58a2f993528ecf6e192606272fc79aa799b3ef935c94afdbf61
73c54eec23bd5786eee2abde558ae996cc30db654cc6d513369ef8e6e1681de9
7bbde71e5f3d9e7fbcaccebabcd5064f0de17fd4cb5a3a79dee5db1278d6ac91
7de054acc6027c209ce78c288cceb2aca0eb11b5ceae9ac76d167cbded6f5770
7ec5561af74114c3b4b8e0a3e4e2d6f0718e60449f99d4266d8c026bfba8ddcc
82c0ba8a37670f63e3da3e4fed7feb7fcc9ceb8fbb5ace093c6c07677f792cda
8391e743111b929489427646dc7cfe9d01d9ac858f6a6a1c7855017474147c06
92dc0fa646e3f748d1bed0adf2b1ecebc85555915159ee800c0d436376a4898b
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94350a94560d49560348e99b1dadb19d92803cde005c940ce27c659671256b91
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
9d0df5dce1e80da671585b69131410cad07a404795cd02cb5b7f2fca3beb0e6c
9fd717ddcad2e1e7593b1702923e056b81d5a3d8693425400ab50da7ca2acc4b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1dee938e57b4565d350be284bdc68e46649245e51eb8ea5ab431acc2034e913
a207f540553ccb7f29ff60da4d6e5cea22dcbbaa88c22bb2b222b7bc51f519f8
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
aeee6196a221d1735061129151b360782d9788fe0f5b05ab6dec270f24e272f2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c15921a53da4b7dfd9faa47b637d3a507b25457e8f50b0bb98167ff0e6e6dbd9
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77
c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3
d024229b74abff5260d3593df9e9b2bcc8785a5e93425fa0d0efb084357995e7
d53f6f78b6059f1ae0944ba7c73e55bff8d45bfe72b40d8c32be21e5d9696aee
d65c0238b1b2ad29e66f8f2cf0b138814734f7f1b9d65409b9d788653da47d2d
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dbbfad48a108f539f969b93f459c5984d4b9f111bae46f4018b2267108e8ae58
dd3783a410137f4334a7f6c8b688737c65e2044bc58ac6dc170f2a78c3cd31e4
e2337afc281aacc683f841eeeb2a5d4714e78f00a7d1ef571cae6b2d0a10c941
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
f0e422a17f5f9c51b2e507dbde6a92c9ac26c3f4f6d3e02cc046ddced7410c41
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f640570f6221c3cd04bb2b18304f75b335f0f3bf0e307c4f15134098b8860518

freesamplesforusa.com Open in urlscan Pro 138.197.231.234 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

94 Requests

99 %HTTPS

0 %IPv6

19 Domains

23 Subdomains

20 IPs

4 Countries

4190 kBTransfer

5527 kBSize

24 Cookies

2 Outgoing links

Page URL History

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

freesamplesforusa.com Open in urlscan Pro
138.197.231.234 Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

99 %
HTTPS

0 %
IPv6

19
Domains

23
Subdomains

20
IPs

4
Countries

4190 kB
Transfer

5527 kB
Size

24
Cookies

94 HTTP transactions
1 data transactions