app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
143.204.55.128200 OK 107 kB URL HTTP/1.1 app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
IP 143.204.55.128:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3561)
Size 107 kB (106854 bytes)
Hash 8da3eb7d7f5cb2d7d22c8a8a0b48a049
f5db40a1006d64d4e5de1f46844abbbaf9323258
3ef4d2f7b9063c84f2b044943948c05a1107f1da411b27cfe826c6644c69dfb9
GET /cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339 HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:23 GMT
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Pqo8a989jp4PckK0astEP_dNB3rL84WSGnRIhYjm9lXcq57mGP33Tw==
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3697
Expires: Wed, 23 Nov 2022 11:39:00 GMT
Date: Wed, 23 Nov 2022 10:37:23 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b59d95402dfb464c176610284ba13f65
1a6c62fb0d48654dd204b66161bb03fefe60f71a
40cfd59b890ec5a3570603d28d90bd7e5c506babd52c2ece93e09f1c7b2a6880
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4461
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:37:23 GMT
Last-Modified: Wed, 23 Nov 2022 09:23:02 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9334
Expires: Wed, 23 Nov 2022 13:12:57 GMT
Date: Wed, 23 Nov 2022 10:37:23 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 23 Nov 2022 10:17:07 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1216
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: yK8kBr35gzFRwf7LZhsPjX6MceUaWy5sF8a3YcmUAVTLY45Tmu2iGG8vHUkR/bJ/ci+A7eqVZYE=
x-amz-request-id: XXK9EKJ0PX6YAH6H
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 23 Nov 2022 09:42:56 GMT
age: 3267
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 10:37:23 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
app.rewardflux.com/cp/_assets/css/main.css
143.204.55.128200 OK 1.4 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/css/main.css
IP 143.204.55.128:0
Hash a8a5a5551c3f897371ed1f53aab51eea
bbe28ff17bbe17a1dc66ac8dd733ea4cdf14a6fa
bff14986f12c8762b89b842bac1c68a93adcd2d9cff43f5004f214c880adfbd3
GET /cp/_assets/css/main.css HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 22 Nov 2022 15:36:09 GMT
Last-Modified: Tue, 22 Nov 2022 13:05:46 GMT
ETag: W/"637cc92a-14fd"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ky5WxtUjUp-x0Nocf98HiQ266gtPi-vwdtS7-5j4Y7axp_lPpp7Paw==
Age: 68474
app.rewardflux.com/cp/_assets/css/style.css
143.204.55.128200 OK 3.8 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/css/style.css
IP 143.204.55.128:0
Hash 37be10e425eceb7852dd2b3bcbcab248
a423820f6a2c2084c18d9562c16fabda63054794
3271683f287baac2e7cbe3263125fbfe410bebff7c2db2530dd958334e6e055e
GET /cp/_assets/css/style.css HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 22 Nov 2022 15:36:09 GMT
Last-Modified: Tue, 22 Nov 2022 13:05:46 GMT
ETag: W/"637cc92a-3f02"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CO0eUzC3wXqwqyexXJNO1wyS7sqXkidV6biIjur58KAcD3lRJ-CWuA==
Age: 68474
app.rewardflux.com/cp/_assets/css/site-console.css
143.204.55.128200 OK 484 B URL HTTP/1.1 app.rewardflux.com/cp/_assets/css/site-console.css
IP 143.204.55.128:0
Hash 6f3a3804acf36e3741c562be4dd35eb8
8c3403c5c9c990e1b86191fc9be6c8703ccd1830
00caaa3bd383b48779304f28e5019951429fb3144128daf542e7df53f1cd547d
GET /cp/_assets/css/site-console.css HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 22 Nov 2022 15:36:09 GMT
Last-Modified: Tue, 22 Nov 2022 13:05:46 GMT
ETag: W/"637cc92a-55d"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0R2rZK9Vx4bxPuD6MAsVXz1r0lIvZJB2HZMqz8bQzAXVjsFG52M0zQ==
Age: 68474
app.rewardflux.com/cp/_assets/css/form.css
143.204.55.128200 OK 1.9 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/css/form.css
IP 143.204.55.128:0
Hash 096ad918fa21a9ca760766bac2161eb4
fbce63b634f7be89e96d7fc88d45affdacae744e
cb61749a29b15d0563f72b56520f24c4488d007fd1938cdc8a200188717e992e
GET /cp/_assets/css/form.css HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 22 Nov 2022 15:36:09 GMT
Last-Modified: Tue, 22 Nov 2022 13:05:46 GMT
ETag: W/"637cc92a-2b30"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ncAzkj0fzoXFtE7dE0li-_bSHcKJ1pwC56fpiI13IxqF0Wxh7xg8KA==
Age: 68474
app.rewardflux.com/cp/_assets/css/fonts.css
143.204.55.128200 OK 619 B URL HTTP/1.1 app.rewardflux.com/cp/_assets/css/fonts.css
IP 143.204.55.128:0
File type ASCII text, with very long lines (661)
Hash c26a184ceb57a57343aaa7e3eb88a779
87153ee62cb093ef785186792bfb18d5c40dfd4e
85eb43a172bbddaeb2d5b6de630c16044f2314febb1f4261bec3806588718690
GET /cp/_assets/css/fonts.css HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 22 Nov 2022 15:36:09 GMT
Last-Modified: Tue, 22 Nov 2022 13:05:46 GMT
ETag: W/"637cc92a-12c5"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: b_xOHvrOkD29cUrklxFF9QIkIBA45YspZzT5XlHDH_TxXKejXGSBZQ==
Age: 68474
app.rewardflux.com/cp/_assets/css/animate.css
143.204.55.128200 OK 963 B URL HTTP/1.1 app.rewardflux.com/cp/_assets/css/animate.css
IP 143.204.55.128:0
Hash 2c587ab199b840bc32de9e127f95db63
c916ca7ee5db7607e548990114036026ce536b37
7730ce43b64a5a060c075437da34bebbfe9ecd67dcee0b5ab5a5e468cc9dd13c
GET /cp/_assets/css/animate.css HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 22 Nov 2022 15:36:09 GMT
Last-Modified: Tue, 22 Nov 2022 13:05:46 GMT
ETag: W/"637cc92a-1ab5"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qPKCdZVBbWSWI4bzAFBrwka3tLmaK4jPL_OZ4XLYuNLr4nAv-klv_A==
Age: 68474
app.rewardflux.com/cp/_assets/css/modal.css
143.204.55.128200 OK 882 B URL HTTP/1.1 app.rewardflux.com/cp/_assets/css/modal.css
IP 143.204.55.128:0
Hash 2d3971299b4211890eecbc4a384d42b0
01e9251d22b64d5f465338ceb8aca8ee73aa82cd
117ec6d72ca22980951e5535c431af21c8c130270f5fbe526165668005448775
GET /cp/_assets/css/modal.css HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 22 Nov 2022 15:36:09 GMT
Last-Modified: Tue, 22 Nov 2022 13:05:46 GMT
ETag: W/"637cc92a-9b7"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0IFPRtKHpDoGobWFbSfgqvluv9WmWa0MefSIUqqEFJPPiMsJ9z24Xw==
Age: 68473
cdnjs.cloudflare.com/ajax/libs/gsap/3.6.1/gsap.min.js
104.17.24.14200 OK 22 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/gsap/3.6.1/gsap.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (62252)
Hash 7795b48dff9afc7a54abdd114789a925
f47eddf891b23473693724bcdc3f2e71e67ac72c
88c37a281c166b5962acc2ac30a2a8c46ea1e5474a45ddec9e4495e253a48c58
GET /ajax/libs/gsap/3.6.1/gsap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 10:37:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 22334
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "605c4223-f455"
last-modified: Thu, 25 Mar 2021 07:56:19 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3004976
expires: Mon, 13 Nov 2023 10:37:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UOdOKGS5csGOdHs5NLpMzL7fJfzFLdb%2BJsXBg9zkmkpOIZkmIVv4LYWqF5kqPFHzVzq2Xiqroi9SujuJDjSaGSvLwu8uYswpn%2F1D5xJ53eqgy2rQcCYWCHmdy%2BkzRTkuQaPzjBsh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76e944ef2bd00b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
app.rewardflux.com/cp/_assets/js/responsive.js
143.204.55.128200 OK 454 B URL HTTP/1.1 app.rewardflux.com/cp/_assets/js/responsive.js
IP 143.204.55.128:0
Hash 7a065c83bbffdfcf73ca7e36f0388498
bf1ae261c3826981ae8f4a9dd31fdf632b44b60d
09210cfc575bc762a1f685cd7db2d5369d619d82b78b1fd6ceb2c7159c6725b4
GET /cp/_assets/js/responsive.js HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 22 Nov 2022 15:36:09 GMT
Last-Modified: Tue, 22 Nov 2022 13:05:46 GMT
ETag: W/"637cc92a-610"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eSIqLwQYNFNgqm8l-wu_3mw2WA_YLVZVJKBW8C1TXble3afWuwHoeQ==
Age: 68473
app.rewardflux.com/cp/_assets/js/jquery.min.js
143.204.55.128200 OK 34 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/js/jquery.min.js
IP 143.204.55.128:0
File type ASCII text, with very long lines (1963)
Hash 0b098e5d2dcaf34aa0b4dac1c3fc870a
5160fef043df2867a83ca0287e0354329bd9cb98
14b2d4cb1f6f09e54d7ebf71830ec6240fc3f4841ad92b336d7a1b4d1f6b4aed
GET /cp/_assets/js/jquery.min.js HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 22 Nov 2022 15:36:09 GMT
Last-Modified: Tue, 22 Nov 2022 13:05:46 GMT
ETag: W/"637cc92a-1b9fc"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ItuIdBR_EmylCDsTE4I_fbq0LOP5FOq02AMb2pSIl99BDLJtC5R7Xw==
Age: 68474
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css
151.101.85.229200 OK 24 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css
IP 151.101.85.229:0
File type Unicode text, UTF-8 text, with very long lines (65306)
Hash 57a992194d8a5b4bbd4ade561fd348bb
bb66f00fe168c6df50af51abdededdfceb15c59f
be95ec6ab71f5fa87401a698cb9566490258fa9012bb0e8467920b0f74163a0a
GET /npm/bootstrap@5.1.3/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.1.3
x-jsd-version-type: version
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 23 Nov 2022 10:37:23 GMT
age: 18001999
x-served-by: cache-fra19136-FRA, cache-bma1627-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23938
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js
151.101.85.229200 OK 23 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (65299)
Hash 1753c16688d0d51f0b3dc7ed7d4dbc4d
6a4842b3dc99394c6584c203175570ff8737c777
a61044d56003744699349a1ffbd6f85e0c62d4ac59b50d185363dd85d755b5c9
GET /npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.1.3
x-jsd-version-type: version
etag: W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 23 Nov 2022 10:37:23 GMT
age: 7569376
x-served-by: cache-fra19170-FRA, cache-bma1627-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23046
X-Firefox-Spdy: h2
app.rewardflux.com/cp/_assets/js/bootstrap.min.js
143.204.55.128200 OK 15 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/js/bootstrap.min.js
IP 143.204.55.128:0
File type ASCII text, with very long lines (1289)
Hash c025c3a595d1f265ac9a16b9a1de9967
f3e9b34949a17bbed8b090daa59c2256129cc0ab
bad19e57eabe16f555e5fcca5e4db658237aba1ecf98c2a9e7aa3b817df7da91
GET /cp/_assets/js/bootstrap.min.js HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 22 Nov 2022 15:36:09 GMT
Last-Modified: Tue, 22 Nov 2022 13:05:46 GMT
ETag: W/"637cc92a-f2fc"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wEhFhlzTAOz3dVBm8WrmtrL7RJoqjdfWHZ1Hs6P_-SxtmSu_U49xSA==
Age: 68474
app.rewardflux.com/cp/iga/au/css/campaign.css
143.204.55.128200 OK 441 B URL HTTP/1.1 app.rewardflux.com/cp/iga/au/css/campaign.css
IP 143.204.55.128:0
Hash 95718ccc3aba1a0e5c9ebae52f387d97
1fd956064cb6cc3dcba3796916d1e5cc8f117408
505144afe05c3a2cdbc15d2311fba848c74e22b99cebae937109fcda588c5208
GET /cp/iga/au/css/campaign.css HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:23 GMT
Last-Modified: Wed, 23 Nov 2022 07:20:28 GMT
ETag: W/"637dc9bc-508"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1BZEMaePV-TSQweSVbiZsBI8PD25OkKdV-Gssycm_AIPmBVCI3k9yA==
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0ba3745f356d5e37f035e89023a6f035
65516a3d1c52c38132744c24b0ab46f68eb84c59
c82f1f1732fd34c0a73ccc71b9f80098885dff3c54448fb2d3479bd837596efd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6299
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:37:23 GMT
Last-Modified: Wed, 23 Nov 2022 08:52:24 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
app.rewardflux.com/cp/iga/au/js/teaser.js
143.204.55.128200 OK 1.6 kB URL HTTP/1.1 app.rewardflux.com/cp/iga/au/js/teaser.js
IP 143.204.55.128:0
Hash d3a6690594777f29a60ef9f1afcffed4
e8a31cf43df0c1d5453f3e58d2b2a84145aa1080
d5d4a01d5aa2917ca5dfdeffdfd403e7696c4655cc6cac414369a74161e6f5b7
GET /cp/iga/au/js/teaser.js HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:23 GMT
Last-Modified: Wed, 23 Nov 2022 07:20:28 GMT
ETag: W/"637dc9bc-1c49"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aCk6cL13Us4zql3RDdJ8UlbTuDb_3MGWOlm882sZihw9yuuxpyd3HA==
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ad60897e149f308b98f935dde0fee5ad
99a41856983b57f3c1065d5848309c51bb9acefd
dcca1e5b84e06d345dcc3f713b2c03b33daff6ec2fd906a1cfb6b6eeaf534e79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5894
Cache-Control: max-age=97665
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:37:23 GMT
Etag: "637cbb5e-118"
Expires: Thu, 24 Nov 2022 13:45:08 GMT
Last-Modified: Tue, 22 Nov 2022 12:06:54 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 5ce1e4554310d961e47b3f113f2b35f9
2a614bc60d6e29c00696cd78e7be752f2900acb1
b82ccd93513d3c6d36e2f1f41ff56d90d79c1c4628633137925d6114c9e4f52d
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 10:37:23 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "45D62751EB8C99050148DBA50C8A82B8170ECCEF"
Expires: Wed, 23 Nov 2022 21:00:00 GMT
Last-Modified: Wed, 23 Nov 2022 09:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2316
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e944f01b6e1bfe-OSL
use.fontawesome.com/1744f3f671.js
172.64.132.15200 OK 3.8 kB URL HTTP/2 use.fontawesome.com/1744f3f671.js
IP 172.64.132.15:0
File type Unicode text, UTF-8 text, with very long lines (9239)
Hash 7fb348b2a9a49d8e35004b94f8f2a9f8
6c7b9c39ce15ebe5c143e75bfaad74fcee555ab3
62bdc5512699f7b2cfcdec207da02a6e470bfabf8d22c61a04b13d4b0df427f4
GET /1744f3f671.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 10:37:23 GMT
content-type: text/javascript
x-amz-id-2: EnyBIaHzZh0xcLR2mx1fPJBsTV30am9VexqHbosXntXik5pMV4p3rFT/WNNj9PdsQ20rDgz7gOo=
x-amz-request-id: JRB96JAZTZA1CNYM
last-modified: Wed, 30 Jun 2021 17:02:42 GMT
etag: W/"8be700ece8699a7c3f7a870ee2840cdf"
cache-control: max-age=1800
cf-cache-status: HIT
age: 2877
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d641JxVXowVQ3YRz5mdWnOQOP6xAOxbfffzjoum7sUe4PtpPKzJNPeG%2Fh3%2BZgPJw0neer1gQvlPhQe42NAh%2FVwE7JXJoE3z6R7TjD67EIhUeAXBJWhYHvGxfxVewLSQmLbVZDFog"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e944f03f23885f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a243f8c9cfb294b6dc819082d3202809
59738547a24e9e849a29e096ed8def5e8d605829
66be4a4ddc87e888472469b71f8e73c9163e86227996fa6b8dce263fb92d682f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "66BE4A4DDC87E888472469B71F8E73C9163E86227996FA6B8DCE263FB92D682F"
Last-Modified: Tue, 22 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21598
Expires: Wed, 23 Nov 2022 16:37:22 GMT
Date: Wed, 23 Nov 2022 10:37:24 GMT
Connection: keep-alive
content2020.qubiqlabs.com/cp/_assets/css/footer.css
34.78.252.25200 OK 1.7 kB URL HTTP/1.1 content2020.qubiqlabs.com/cp/_assets/css/footer.css
IP 34.78.252.25:0
Hash b8c24be466dd044ddc136be9e2ea477e
d05d66fee34a02d193d045ce48493b438d16a271
998ed2817e3c070e9f2d53a3cdaed41f6d12f3101ac63d6d6a561edb075bc52c
GET /cp/_assets/css/footer.css HTTP/1.1
Host: content2020.qubiqlabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:24 GMT
Content-Type: text/css
Content-Length: 1652
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 07:20:03 GMT
ETag: "637dc9a3-674"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
app.rewardflux.com/cp/_assets/images/icons/lineal_color/present.png
143.204.55.128200 OK 6.2 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/icons/lineal_color/present.png
IP 143.204.55.128:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash c5f1eb33bad623fd8b7ee96b6de47b28
f48d3461497fa58e10a5d332a1095aacefd41f0b
d318baa8e1c9b13869a85f162d197b5fa81254b3abafc1f5b9de9a936989d856
GET /cp/_assets/images/icons/lineal_color/present.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 6180
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 22 Nov 2022 15:36:09 GMT
Last-Modified: Tue, 22 Nov 2022 13:05:46 GMT
ETag: "637cc92a-1824"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1EQL_fEG49o2D_sN4Kw4GVSB3J-ZGkd6YcYU0sW_QmtCRRD8wfcSZg==
Age: 68475
app.rewardflux.com/cp/_assets/images/icons/lineal_color/binoculars.png
143.204.55.128200 OK 14 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/icons/lineal_color/binoculars.png
IP 143.204.55.128:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 159d0ef8b0ddc4de86a5b16855c98af2
797b5bb7a7b50325b4e3750092e846f57b9d65c1
b154a78ad913021f5ea01c1060fe0c7469fd50d2e71f4ba71d4d6ac551e11420
GET /cp/_assets/images/icons/lineal_color/binoculars.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 14322
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 22 Nov 2022 15:36:09 GMT
Last-Modified: Tue, 22 Nov 2022 13:05:46 GMT
ETag: "637cc92a-37f2"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: o26ZdSGg0OpDvxeLDLDP1vrERQvIpC4Bbujbq_aNBgLXk4SQb5SYFg==
Age: 68475
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 4cdb3082800152bcc35105de17d8bbce
772a8850b8eb24bfdf577e78d572139e26835a44
c92208735eb7e96bbf0235a105f29491c128ca3d6301bf48cdfa5bd41f2a08a4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=160885
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:37:23 GMT
Etag: "637dc958-2d7"
Expires: Fri, 25 Nov 2022 07:18:48 GMT
Last-Modified: Wed, 23 Nov 2022 07:18:48 GMT
Server: nginx
Content-Length: 727
app.rewardflux.com/cp/_assets/images/testimonials/comment1.jpg
143.204.55.128200 OK 1.3 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/testimonials/comment1.jpg
IP 143.204.55.128:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash 3f57a6c594d57090575ee1715e04617e
7b1fab765e1fc3b499d1b786d7b85fe215adfe16
fceaeb0915f0c970b08a93487a701f78076b4c6deaa27c8b99670b04a9096826
GET /cp/_assets/images/testimonials/comment1.jpg HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 1251
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 22 Nov 2022 21:50:48 GMT
Last-Modified: Tue, 22 Nov 2022 13:05:46 GMT
ETag: "637cc92a-4e3"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vQvy-oVRt0wWEq3ugWZAiRtYdYYeNFYDK9XKWjUyXw4yE6gyFXNMQA==
Age: 45996
app.rewardflux.com/cp/_assets/images/elements/booking.png
143.204.55.128200 OK 8.0 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/elements/booking.png
IP 143.204.55.128:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 4502c30e56e441c011fbd0788a868ff4
8076a3085ca30896c2290772cbdcc0cf2fd06125
0fc0a1c7bf5c0cbf5048e1dd45a4881a92a72779cd8ed3e683f2db68ef927796
GET /cp/_assets/images/elements/booking.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 7976
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 22 Nov 2022 19:06:18 GMT
Last-Modified: Tue, 22 Nov 2022 13:05:46 GMT
ETag: "637cc92a-1f28"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HeHviFoZ_lnC6TarTCY6iL0Vkjt6sVdZOZ2CuPj5J1KIw4vidT-KNg==
Age: 55866
app.rewardflux.com/cp/_assets/images/testimonials/guy4.jpg
143.204.55.128200 OK 1.5 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/testimonials/guy4.jpg
IP 143.204.55.128:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash 515009e55a18fe50cd5cb2ad7d8fb3ce
dd8880315921ddde67f3a6b71b2d79ca0b5d381b
5fa8c8913d8307f7915d65ab2c938e17ad965658e6670dab465979cbe2fc5242
GET /cp/_assets/images/testimonials/guy4.jpg HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 1489
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 22 Nov 2022 21:50:48 GMT
Last-Modified: Tue, 22 Nov 2022 13:05:46 GMT
ETag: "637cc92a-5d1"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BpKbOfyQVIKGksNGsCg01tra8jfdgrdJOo6-duay3D5EflRS6OeXkg==
Age: 45996
app.rewardflux.com/cp/_assets/images/testimonials/comment4.jpg
143.204.55.128200 OK 1.2 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/testimonials/comment4.jpg
IP 143.204.55.128:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash 229ba22fce63f085ca59b85d31b6eb62
28e302207b79917a9e1485516919bcb0236f978c
ffe3aeb0ccb1431f7f14f40b47ef100e805f59a78e482227b69629f8ab54f41e
GET /cp/_assets/images/testimonials/comment4.jpg HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 1200
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 22 Nov 2022 21:50:47 GMT
Last-Modified: Tue, 22 Nov 2022 13:05:46 GMT
ETag: "637cc92a-4b0"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7KiYCDRDH59YLWcpRsdIMDTD68bIjifWDAGKK_y9KLh9K9Ha0RObwA==
Age: 45997
app.rewardflux.com/cp/_assets/images/testimonials/comment8.jpg
143.204.55.128200 OK 1.2 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/testimonials/comment8.jpg
IP 143.204.55.128:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 4bc4bb8a43aea3578af4a4cffc1ea983
276c96f4d6d1bdf03381d33c92323ca71e795aae
490adcb33271e416d05908764cad72e1f8b6571d0d8b77998633e675c975e344
GET /cp/_assets/images/testimonials/comment8.jpg HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 1160
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 22 Nov 2022 21:50:49 GMT
Last-Modified: Tue, 22 Nov 2022 13:05:46 GMT
ETag: "637cc92a-488"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JLVNX7Def1mkvdHvnBX8rO6zngi_lkwfuFpdqXldxBZXjJHpisc9vA==
Age: 45995
app.rewardflux.com/cp/iga/au/images/header-wap_rw.png
143.204.55.128200 OK 5.8 kB URL HTTP/1.1 app.rewardflux.com/cp/iga/au/images/header-wap_rw.png
IP 143.204.55.128:0
File type PNG image data, 760 x 123, 8-bit colormap, non-interlaced\012- data
Hash 3fff92515a3c13e57a14a3f05b1343b6
e9496a040bb801d4bb0c0599c3747e312689b545
80b85859cef81907a5bdd59327a52cd6c30a16d8b671bbee9be32b59208c32a1
GET /cp/iga/au/images/header-wap_rw.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 5838
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:24 GMT
Last-Modified: Wed, 23 Nov 2022 07:20:28 GMT
ETag: "637dc9bc-16ce"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bl0UoaWMcLme2NqDXF2QEefGaclCXGAFDGWBhkALStpq6lrpNsh2DA==
uk.earnyourswag.com/media/y3ipgjsc/checked.svg
51.104.28.72200 OK 1.2 kB URL HTTP/1.1 uk.earnyourswag.com/media/y3ipgjsc/checked.svg
IP 51.104.28.72:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 4190ac1189db82bcbe4eddaa6a7908d7
be00ad6f13a8dcb16d7c3447c293b663e0c986dd
2cf7d25f0e20d80e39ccc8f2d2d4fc80e534583aaa741924921e86511648c27d
GET /media/y3ipgjsc/checked.svg HTTP/1.1
Host: uk.earnyourswag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 1153
Content-Type: image/svg+xml
Date: Wed, 23 Nov 2022 10:37:24 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8b07798e26081"
Last-Modified: Mon, 15 Aug 2022 07:21:12 GMT
Set-Cookie: ARRAffinity=ce191300a22334fcd7df4840ad2810e48c88730820dfca407a77954990f78ec4;Path=/;HttpOnly;Secure;Domain=uk.earnyourswag.com
ARRAffinitySameSite=ce191300a22334fcd7df4840ad2810e48c88730820dfca407a77954990f78ec4;Path=/;HttpOnly;SameSite=None;Secure;Domain=uk.earnyourswag.com
X-Powered-By: ASP.NET
app.rewardflux.com/cp/_assets/images/testimonials/comment7.jpg
143.204.55.128200 OK 1.3 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/testimonials/comment7.jpg
IP 143.204.55.128:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash ec04902380bb6d8066a53112d3e9600a
fbd86dbb22a27018a67e8d8066efa859f955111d
11ed7960dbda7b2e816e66a69cd8983dfdfb8ef1a94e3fdca3017c7f65de4491
GET /cp/_assets/images/testimonials/comment7.jpg HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 1288
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 22 Nov 2022 21:50:49 GMT
Last-Modified: Tue, 22 Nov 2022 13:05:46 GMT
ETag: "637cc92a-508"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3mKvSdCNYsU5K3ljr1VQ7baDOT3kmn6iqxk0YBn045wnIyk3X8pflA==
Age: 45995
app.rewardflux.com/cp/iga/au/images/prizemob_rw.png
143.204.55.128200 OK 50 kB URL HTTP/1.1 app.rewardflux.com/cp/iga/au/images/prizemob_rw.png
IP 143.204.55.128:0
File type PNG image data, 550 x 201, 8-bit colormap, non-interlaced\012- data
Hash fb83659cca9f828977d4a782d5bfcadb
6321cb6b1b9e112264605813db47d802b39f2505
961dd4cf1fb146f30a89c06f16bd3deaa080f6e2f3ef11985174270051c90cfb
GET /cp/iga/au/images/prizemob_rw.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 50408
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:24 GMT
Last-Modified: Wed, 23 Nov 2022 07:20:28 GMT
ETag: "637dc9bc-c4e8"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MU148ro45Sti0awgt0bw70Pt0pZCquOeeOEpR7FMADt_jfgt6ZF2Yw==
app.rewardflux.com/cp/iga/au/images/background.jpg
143.204.55.128200 OK 109 kB URL HTTP/1.1 app.rewardflux.com/cp/iga/au/images/background.jpg
IP 143.204.55.128:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1600x878, components 3\012- data
Size 109 kB (108980 bytes)
Hash 19a0bed3161aca3f491b48986fb94a75
3905c3ddfbedee04de98c97c05cde4ab0c8e72a9
b9342c155aa6715fe3dadadaf178d19e74971892b9e39879191e99dcc051ddbb
GET /cp/iga/au/images/background.jpg HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/css/campaign.css
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 108980
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:24 GMT
Last-Modified: Wed, 23 Nov 2022 07:20:28 GMT
ETag: "637dc9bc-1a9b4"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1LIW4gmRb4d7JMiusQS-vhRD6bOH1_E1RDtWaUsUy5E26_HDqSHYjQ==
app.rewardflux.com/cp/_assets/modals/unsubscribe/en/header.html
143.204.55.128200 OK 30 B URL HTTP/1.1 app.rewardflux.com/cp/_assets/modals/unsubscribe/en/header.html
IP 143.204.55.128:0
File type ASCII text, with no line terminators
Hash 1bbdf3fc2578ff5ff8ceae9e7fcfeedd
1d130818d1f719f874a425f564a77697cdcdec44
680a7c81d2efb11a0e72f611150d24ebd6480bba82d226c7bc48b6b70de58573
GET /cp/_assets/modals/unsubscribe/en/header.html HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 00:16:57 GMT
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OJTwPUHbiAY23re5aANAbhKwvl2QKCMbIDJvoGvSVvxto7XHHnAPpQ==
Age: 37227
ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=0711a5d108
172.64.202.28200 OK 27 kB URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=0711a5d108
IP 172.64.202.28:0
File type ASCII text, with very long lines (60130)
Hash 8dc9d61b0837f8e212d580a3271469f7
151e7946d4df2942e125367ecc74c80e1dae2978
a6fa61aa001a53dcbbd640e9517af17be3a6b3942b6600d74eab1e61309d62c4
GET /releases/v5.15.4/css/free.min.css?token=0711a5d108 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://app.rewardflux.com/
Origin: http://app.rewardflux.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 10:37:24 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 59970c86d3717db509a968eaad0da4de.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: gl3pkG559DnsyUDm3sPjgRHFAuZpSjS_EK0CAO5T7nM1FR2EXbhHxA==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WS%2B7MB5oWGvafzwxSltSJ1blpsN2k4uJJBILmgTG92ztK9UpLsvZDKDVzgedJHX92EJs1umiIE9uIvmr%2BJblUNGxNjM5NBEazTTuvXfPTXDHQnApepiQnDiR1WdkJklMqYeYc6uJ0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e944f21dae72f0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
app.rewardflux.com/cp/_assets/modals/privacy/au/header.html
143.204.55.128200 OK 33 B URL HTTP/1.1 app.rewardflux.com/cp/_assets/modals/privacy/au/header.html
IP 143.204.55.128:0
File type ASCII text, with no line terminators
Hash 18682cfde3f1fec7358aa01d0739ab81
2f613cf374433e50afdd940770d34283f2b2655d
a2f944be95f9120874b7998305072b45c4ffc006014bd402f43a60dea7d0f501
GET /cp/_assets/modals/privacy/au/header.html HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:24 GMT
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xv8Ftf9jrjlCO9kFE9T1GkDoaXHecCnCL66lWexTmr-FUQglz3TcrQ==
app.rewardflux.com/cp/_assets/modals/unsubscribe/en/index.html
143.204.55.128200 OK 6.4 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/modals/unsubscribe/en/index.html
IP 143.204.55.128:0
File type HTML document text\012- exported SGML document, ASCII text
Hash 8d8b17624129688171363415d7e6c896
40ea0a90467e6e603379e54f13e418a4f0bcdd6c
2332defa0722eecdae2a7a53fa9f05cc87887804e9245b563aa7cf967fe146b9
GET /cp/_assets/modals/unsubscribe/en/index.html HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 00:16:57 GMT
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iqAA-rXae_qDtclHBJXwUAEzJuP9O6q2F5HdphPRl0isRfbpDIdPRg==
Age: 37227
app.rewardflux.com/cp/_assets/modals/gdpr/en/header.html
143.204.55.128200 OK 36 B URL HTTP/1.1 app.rewardflux.com/cp/_assets/modals/gdpr/en/header.html
IP 143.204.55.128:0
File type ASCII text, with no line terminators
Hash 023a610eaca5723c83c1414dfb355ee8
21ad50fe1404cab1f3b26988b37b09579a54cf63
56c25ec40a57b4949e582a40553828d7c022baaa25b5c7a704ee2f4358dfb5b5
GET /cp/_assets/modals/gdpr/en/header.html HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 00:16:57 GMT
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: U4DNQ5-sEnJRK88GQhfPTkNiLCq9V134MCD-uf-LvXbp9sR4FXBThQ==
Age: 37227
app.rewardflux.com/cp/_assets/modals/gdpr/en/index.html
143.204.55.128200 OK 1.2 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/modals/gdpr/en/index.html
IP 143.204.55.128:0
Hash 1285f5fc9939a2919dfbd8bfc0a39944
b84a80a3926fb13d198087d746c2149c78af8ba9
21cae204325b89a623319ee934dd1d6905916f63b2b31b3665413376c7fca6aa
GET /cp/_assets/modals/gdpr/en/index.html HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 00:16:57 GMT
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZG8PIJKSmAhewSEyX1OOvqBi1RSXYBgTd0NPJ49l42yffDDfHDO0Aw==
Age: 37227
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8b3c734dfafe2c81af7d8de460b22b75
f542fbfe4c9ea363bc6d3c3cbf4589d4be946785
8fa9ceabc0ec97061e1048cd17446de5a15821229a306427cd694897b77f0ffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8FA9CEABC0EC97061E1048CD17446DE5A15821229A306427CD694897B77F0FFD"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18552
Expires: Wed, 23 Nov 2022 15:46:36 GMT
Date: Wed, 23 Nov 2022 10:37:24 GMT
Connection: keep-alive
app.rewardflux.com/cp/_assets/modals/terms/reward-terms/au/index.html
143.204.55.128200 OK 25 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/modals/terms/reward-terms/au/index.html
IP 143.204.55.128:0
File type HTML document, Unicode text, UTF-8 text
Hash 5c3e2cad9b071be6cbfdb3c3b6473e1f
2621917517d6ec0ecdea9930d4c6a72f75fe5e2a
baf6925908dad74d0b1aebc61dcaa57ce054e3126edf54a9dd9a6735f17bccab
GET /cp/_assets/modals/terms/reward-terms/au/index.html HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:24 GMT
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WtfUDclvAqGWaVCkUwVE1DiTY1OEC3MAgY_7f7TUlO-iB_vSgbJVMA==
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8b3c734dfafe2c81af7d8de460b22b75
f542fbfe4c9ea363bc6d3c3cbf4589d4be946785
8fa9ceabc0ec97061e1048cd17446de5a15821229a306427cd694897b77f0ffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8FA9CEABC0EC97061E1048CD17446DE5A15821229A306427CD694897B77F0FFD"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18452
Expires: Wed, 23 Nov 2022 15:44:56 GMT
Date: Wed, 23 Nov 2022 10:37:24 GMT
Connection: keep-alive
app.rewardflux.com/cp/_assets/modals/reward-status/en/header.html
143.204.55.128200 OK 91 B URL HTTP/1.1 app.rewardflux.com/cp/_assets/modals/reward-status/en/header.html
IP 143.204.55.128:0
Hash 0b01c85fef5a1fdf88007a496ce12c38
5d403a9ca03d88243e9dccbe5f5b1a41b0b8b452
3500569aeabea9e551a2f99361ce949bb7b8ec0fceae510372d71f4c80063a4c
GET /cp/_assets/modals/reward-status/en/header.html HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 00:16:57 GMT
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zkInCZ_HMBlAWfK92i2ZZwTJ0e_-kBk3mpAQExDCoEjHdJTJ1mFt4A==
Age: 37227
app.rewardflux.com/cp/_assets/modals/terms/reward-terms/au/header.html
143.204.55.128200 OK 91 B URL HTTP/1.1 app.rewardflux.com/cp/_assets/modals/terms/reward-terms/au/header.html
IP 143.204.55.128:0
Hash 0b01c85fef5a1fdf88007a496ce12c38
5d403a9ca03d88243e9dccbe5f5b1a41b0b8b452
3500569aeabea9e551a2f99361ce949bb7b8ec0fceae510372d71f4c80063a4c
GET /cp/_assets/modals/terms/reward-terms/au/header.html HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:24 GMT
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gqetOYu0ofQmlh1fKd5wwnTdcWK5t1_B8nTwhcWnqId6ZpkU0po9bg==
app.rewardflux.com/cp/_assets/modals/reward-status/en/index.html
143.204.55.128200 OK 6.4 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/modals/reward-status/en/index.html
IP 143.204.55.128:0
File type HTML document text\012- exported SGML document, ASCII text
Hash 15e82b8d80b1fb20d574da1dd863088c
5247c660a33e507f139717f9fdb2e0c535bcf50c
dd9b1eb7be6aa23694536e68771b1b124663f7022ead1eb67f1dbfc0581977e5
GET /cp/_assets/modals/reward-status/en/index.html HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 00:16:57 GMT
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nzmjpjYXGZr6Z4Q33Wtzgd1Z6Tiwxpric4G-QN5A6ZWjMOcO-mHtBg==
Age: 37227
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 23 Nov 2022 10:08:53 GMT
cache-control: public,max-age=3600
age: 1711
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=0711a5d108
172.64.202.28200 OK 5.3 kB URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=0711a5d108
IP 172.64.202.28:0
File type ASCII text, with very long lines (2774)
Hash 70c21e5def0824eb5e21d6900b8d002f
ddf959e14d6716ed198f994184f083204adc0551
ffb02ee4e1c94e85b90a65b613fb9d3e4a28d3513ffab5cccaa64ad2dca78aa2
GET /releases/v5.15.4/css/free-v4-font-face.min.css?token=0711a5d108 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://app.rewardflux.com/
Origin: http://app.rewardflux.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 10:37:24 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aa96b55d26f4ea74047e87b840fdea7c.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR52-C1
x-amz-cf-id: 7EFUA9T2qPjFcvfsY7Hfni1HPazfBAAUgTv0_zBSAHGvJWfMG5wUIA==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rq2e9lwuW9hr084MHH7U3Prtlc%2FIcKySf%2FsIKs3hr%2FO1zJW4u4oM5jCuU875MnmJktiebfQ5dNZv90LYkRdaInwJE%2BXHoSE4pwHHOx5k%2By7Fd80csWktinVTwmB%2FuOCbYE%2FFTzzAEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e944f21da472f0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
app.rewardflux.com/cp/_assets/modals/reward-requirements/au/header.html
143.204.55.128200 OK 73 B URL HTTP/1.1 app.rewardflux.com/cp/_assets/modals/reward-requirements/au/header.html
IP 143.204.55.128:0
Hash d48992bd25e2329eb522826929daabb7
ec11abd7f219c36467c885a2ad13d03d9cc43ea5
af23d89232bd898ac9bb215eb49f4bedc65ccddff684b8f2b945f0b3d5c98c61
GET /cp/_assets/modals/reward-requirements/au/header.html HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:24 GMT
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ztTAysiKrrI2_5z14nhv6vpwGbGCgrw74D0RuhRrEFaJu2uo2eW2cQ==
app.rewardflux.com/cp/_assets/modals/reward-options/au/header.html
143.204.55.128200 OK 23 B URL HTTP/1.1 app.rewardflux.com/cp/_assets/modals/reward-options/au/header.html
IP 143.204.55.128:0
File type ASCII text, with no line terminators
Hash cde9442dfee623a6474ad8599e26f708
0fe37907156cf1c34c875c9ba14a597179208652
b1b77078662fbdbc853d957986ea079a4dcbb9987883b8c7eafc5b663278a7fc
GET /cp/_assets/modals/reward-options/au/header.html HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:24 GMT
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: f04OelGDPlg5NIsyjBH_56RFAD2M0Lxd1bSLG4sW-bypJEA-3dBdxQ==
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 4f3d66bd47bb9910cebd81a29dbb9d83
6ec3f91c1224d2b87abd23d1aab2105ce576b98c
d7496fc4e60b0930cd401d46842cf5f865ca22afa9df14279c27f85ee7dc3861
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=133557
Date: Wed, 23 Nov 2022 10:37:24 GMT
Etag: "637d5e99-1d7"
Expires: Thu, 24 Nov 2022 23:43:21 GMT
Last-Modified: Tue, 22 Nov 2022 23:43:21 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AQaMLCPjw7JCtGoMKdJ8bDZZRZ-Y1TP9vz1TeRkoaErfoepHOGoFeA==
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=0711a5d108
172.64.202.28200 OK 4.7 kB URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=0711a5d108
IP 172.64.202.28:0
File type ASCII text, with very long lines (26500)
Hash 158cf28c9cecdccffd83c702a11bc918
13ac12bb8fc32bfaf4d959366a2ea01807ee8d77
a715ab9e967dfb9396edf97317aab12f99c7474f239226c2fe6adf3cbe2b74c6
GET /releases/v5.15.4/css/free-v4-shims.min.css?token=0711a5d108 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://app.rewardflux.com/
Origin: http://app.rewardflux.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 10:37:24 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 7b4a490cbf8618afeab9ef9e754bca44.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR52-C1
x-amz-cf-id: esUJ43xmAVRONEIdFLAz7nI1WIX2lLNcUYdoQvA2fHH6xh7pSY_zTA==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bM266uxC%2FN%2B9O%2FgqRhyDsUmeO8JWIFDxYnx9oKWQMJuuYIWvNyi1vVeXjTLck2f2oSWJ1dbjmcO3BTh0t1s94TM4AmvOuT1b1KYw%2BAcSOPe2xPNDktW6RWJxlAlf9meI02wfgqsAQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e944f21da872f0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.formulead.com/css/main.min.css
34.78.252.25200 OK 94 kB URL HTTP/1.1 cdn.formulead.com/css/main.min.css
IP 34.78.252.25:0
File type ASCII text, with very long lines (65518)
Hash 47cff21534298308fde67abd81cd499d
7ee3430aea39c1ded2b22b0403f37a2f65b88621
2167f959a425770b49bea9a49a6d46e9541f4ad5d0b46c80376953cfdc3db8ac
GET /css/main.min.css HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:24 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Accept-Ranges: bytes
Cache-Control: public, max-age=2678400
Last-Modified: Tue, 15 Nov 2022 14:10:54 GMT
ETag: W/"b2182-1847ba0e9b0"
Vary: Accept-Encoding
Content-Encoding: gzip
app.rewardflux.com/cp/_assets/modals/reward-options/au/index.html
143.204.55.128200 OK 2.7 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/modals/reward-options/au/index.html
IP 143.204.55.128:0
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 60d332e756c417eb85c36068d0c987a3
68596227dab8abbc583df76b7fe9169cd1f7fc23
bcf734c986cc30975cb62b01773e85a73d95edd19f2e683cdeefd8014b9ff103
GET /cp/_assets/modals/reward-options/au/index.html HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:24 GMT
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7ROK__O0HQQAcv3MedxIxeOpjahGWhtKcPTWYhz_Mf1RbE_xzuuCoA==
app.rewardflux.com/cp/_assets/images/icons/lineal_color/survey.png
143.204.55.128200 OK 10 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/icons/lineal_color/survey.png
IP 143.204.55.128:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 908dc49319852374cd2a92c01a19efc9
6922fa7b698e1f29e186b1fef17dad6dbce982ba
aa1aa68d58ea30810c5d517566285d4cf1426a06bcf8d68fd5b96dc6078392bd
GET /cp/_assets/images/icons/lineal_color/survey.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 10147
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 22 Nov 2022 15:36:09 GMT
Last-Modified: Tue, 22 Nov 2022 13:05:46 GMT
ETag: "637cc92a-27a3"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rGT-wW1azmiL6pNr6J_FVJR-AdEc_THT9e4GbgITJ0udhFjy_xZSMw==
Age: 68475
app.rewardflux.com/cp/_assets/images/logo/logo_rw.png
143.204.55.128200 OK 35 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/logo/logo_rw.png
IP 143.204.55.128:0
File type PNG image data, 3528 x 624, 8-bit colormap, non-interlaced\012- data
Hash b306899ffcc2db03542cad29adc62b10
dc3fe4b3935452dd9580edd566405fb85a329dae
d4c3cd3ffa16ab3188c83401e4a93962cdfd713912e84e6ec03c36da4cec2d86
GET /cp/_assets/images/logo/logo_rw.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 34706
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 22 Nov 2022 15:36:09 GMT
Last-Modified: Tue, 22 Nov 2022 13:05:46 GMT
ETag: "637cc92a-8792"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eAL_kTgUwwbPZ_GHY1jKCGmEHkUwL1-SNsNTlgUqs054qEvepXd3MA==
Age: 68475
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eb52164d651f5f45416e873aec29eb04
405b29bb7e7cd4367cf82988f8603e53db65f139
ed885e05db822ff30fe951e10b6d4f21e574d053939afca792992a1549a15301
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1365
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:37:24 GMT
Last-Modified: Wed, 23 Nov 2022 10:14:39 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
app.rewardflux.com/cp/_assets/images/elements/money.png
143.204.55.128200 OK 8.7 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/elements/money.png
IP 143.204.55.128:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 301c03bbfba6cfa47598db8026889cd1
026456d63a74a99dac6875009a61fa3a0a993382
4f28ffde1e8b2e727300e5d55c2fb85507663bd3645a9589500742d8133e4b32
GET /cp/_assets/images/elements/money.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 8656
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 22 Nov 2022 19:06:18 GMT
Last-Modified: Tue, 22 Nov 2022 13:05:46 GMT
ETag: "637cc92a-21d0"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vbVLqzJK_cZq7rU6KaeR2dLSiw3C4YvkJoHIzSkskf_9h9RkbJ-faQ==
Age: 55866
app.rewardflux.com/cp/_assets/images/elements/open-box.png
143.204.55.128200 OK 7.1 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/elements/open-box.png
IP 143.204.55.128:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash b7c100fd14ba7475f2204c4a865757d8
f01c444eecc15853d05a058b4e3f5abd1546b6d8
e3df18122f72ed681f950979b2674618f619c2eee19778a286fc86456135ee63
GET /cp/_assets/images/elements/open-box.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 7079
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 22 Nov 2022 19:06:18 GMT
Last-Modified: Tue, 22 Nov 2022 13:05:46 GMT
ETag: "637cc92a-1ba7"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JVo9C8Fn-fQ6-u-jjVah7WFa-PE_kvp5uOXChsnSXdkJ-ooJdMchrw==
Age: 55866
app.rewardflux.com/cp/_assets/images/elements/gambling.png
143.204.55.128200 OK 11 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/elements/gambling.png
IP 143.204.55.128:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 6397e160592649f47870ff232f3e2310
1135eeaefac9f90e7b9ae3679b46c2ab135d1c2a
bd5e8aff971903ff48baac716161e58a768261833425d263eae2db151c0436f8
GET /cp/_assets/images/elements/gambling.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 11280
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 22 Nov 2022 19:06:18 GMT
Last-Modified: Tue, 22 Nov 2022 13:05:46 GMT
ETag: "637cc92a-2c10"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jVRMJbv1Vsr_Z2ZXPFIQoGU_Ab_FT6WG-ShgE-dxtT3fSdcbNaV7MQ==
Age: 55866
app.rewardflux.com/cp/_assets/images/elements/travel.png
143.204.55.128200 OK 10 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/elements/travel.png
IP 143.204.55.128:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 7fcc95726d5cd93dce20ba6d639e3774
1819c4017cc205cf737fd560e8f4dbb328f691b8
9714a3c28dcb3d96f95e94c58ab070e2702d7155f06dbfbdc3b0adac188ebaa8
GET /cp/_assets/images/elements/travel.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 10155
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 22 Nov 2022 19:06:18 GMT
Last-Modified: Tue, 22 Nov 2022 13:05:46 GMT
ETag: "637cc92a-27ab"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kIoPpHut0VaF-zzNhYSQXvbwW05u6e4F7bZE0DBGhQglqKgNRaA9tA==
Age: 55866
content2020.qubiqlabs.com/fonts/Poppins/poppins-v19-latin-regular.woff2
34.78.252.25200 OK 8.2 kB URL HTTP/1.1 content2020.qubiqlabs.com/fonts/Poppins/poppins-v19-latin-regular.woff2
IP 34.78.252.25:0
Hash 00464d22c93abd2ce44fadc8d7c0e751
1122e016a5c3c179a444c5b9657cf41e66078c5a
cb73921750d23d0c89f0f6fee31855bb5349f404c49b7d3b8d940c94db6fec19
Analyzer Verdict Alert fortinet Phishing
GET /fonts/Poppins/poppins-v19-latin-regular.woff2 HTTP/1.1
Host: content2020.qubiqlabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:24 GMT
Content-Type: application/octet-stream
Content-Length: 7884
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 07:20:55 GMT
ETag: "637dc9d7-1ecc"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
app.rewardflux.com/cp/iga/au/images/prize_rw.png
143.204.55.128200 OK 114 kB URL HTTP/1.1 app.rewardflux.com/cp/iga/au/images/prize_rw.png
IP 143.204.55.128:0
File type PNG image data, 708 x 530, 8-bit colormap, non-interlaced\012- data
Size 114 kB (114093 bytes)
Hash ed0e7cf525677d1622cac5d179daf216
8894178690ad9b3f9209e7c258dc13447fefa9ac
6158e433c3494f1fc08fae7be2b6d30c8cb107e0b50df0823ac9e9d6c21e8c2e
GET /cp/iga/au/images/prize_rw.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 114093
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:24 GMT
Last-Modified: Wed, 23 Nov 2022 07:20:28 GMT
ETag: "637dc9bc-1bdad"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aoQK56MicMzoPtTJQOgEOB1oORLdHKM-_nTuGDpk01QVjMyx5di26w==
app.rewardflux.com/cp/_assets/images/elements/slots.png
143.204.55.128200 OK 6.7 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/elements/slots.png
IP 143.204.55.128:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 2bf90d0f321ff9e0362658a49b9850b9
2ccfe8ae7a0a9101bb11ab6ac3f6c6cad1d12939
5f184765b3fcb4dfc3e2d0c4f7f98e8f18a766959a2bcaa7a845b4be302dc7f3
GET /cp/_assets/images/elements/slots.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 6659
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 22 Nov 2022 19:06:18 GMT
Last-Modified: Tue, 22 Nov 2022 13:05:46 GMT
ETag: "637cc92a-1a03"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jK7Ep-rfB_wWUpBnCVaf9KTpz_PmTl4kWrOb_2n6MSzcKMmbdd-JAA==
Age: 55866
app.rewardflux.com/ssi/elements/base/check.png
143.204.55.128200 OK 348 B URL HTTP/1.1 app.rewardflux.com/ssi/elements/base/check.png
IP 143.204.55.128:0
File type PNG image data, 35 x 35, 8-bit colormap, non-interlaced\012- data
Hash 1aecb247e31cfe8ecdf4c1a30fd32799
8ca486751ab6c31c1acaa7868ee26f7d5dd98f83
9f15d5a161e11ec46c3474002d4ae27144633b19413b3ad8608ce11eefb810ad
GET /ssi/elements/base/check.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 348
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 22 Nov 2022 15:36:09 GMT
Last-Modified: Tue, 22 Nov 2022 13:07:31 GMT
ETag: "637cc993-15c"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: uSAkP3evD3CRufEL_HPB2PgthoM5D0NeuVtdTGyfeXCdomH_NUSc6w==
Age: 68475
cdn.formulead.com/p/626a73a389f5f12b71b50d1a/p.js
34.78.252.25200 OK 427 kB URL HTTP/1.1 cdn.formulead.com/p/626a73a389f5f12b71b50d1a/p.js
IP 34.78.252.25:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 427 kB (426893 bytes)
Hash 87a3910c818528acff24e6b08a046c03
a552c4dbe8fa65b10fb88d08bf8653b9c2761e61
7a46e56169eb0b52ca5f3af46a13a7d5f29bef7d53daa0980ad27fae79f8079f
GET /p/626a73a389f5f12b71b50d1a/p.js HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:24 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
set-cookie: lid=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
plc=626a73a389f5f12b71b50d1a; Path=/; Expires=Fri, 22 Nov 2024 10:37:24 GMT; Secure; SameSite=None
qst.sid=s%3AOwQ_bNP5oskJrAaQRIlFgnMoH8HP7jPr.JsC8tfsSvZ%2BjzqYUVomxdpS5Ah%2BFmqIi%2BqCDWLlOc6M; Path=/; HttpOnly
Vary: Accept-Encoding
Content-Encoding: gzip
app.rewardflux.com/cp/iga/au/images/header_rw.png
143.204.55.128200 OK 8.8 kB URL HTTP/1.1 app.rewardflux.com/cp/iga/au/images/header_rw.png
IP 143.204.55.128:0
File type PNG image data, 1068 x 152, 8-bit colormap, non-interlaced\012- data
Hash e90cd1552a21425509b17b494fdcb7dd
1ba0fb26a4b8bbddc2c4988abb32a0e0437029fa
4da87fc93495aa8be1c77eb62ba943ef80750116419afaa6a39ad559a02f2d40
GET /cp/iga/au/images/header_rw.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 8774
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:24 GMT
Last-Modified: Wed, 23 Nov 2022 07:20:28 GMT
ETag: "637dc9bc-2246"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9EwL2lB1qjkVyhHXSWhhbyl51BSblfLtST4OQRLqDPsJBEmrbCHTFw==
app.rewardflux.com/cp/_assets/images/road_loader/checked.svg
143.204.55.128200 OK 512 B URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/road_loader/checked.svg
IP 143.204.55.128:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Hash 5207f8e02658822f0610471768eef257
5f18addee2db1f9c6371066ca5896ad94e46884b
ff61914b39d0f76d58c6e39e093d56c08cf988e30f79d9811d29661f632a0cf7
GET /cp/_assets/images/road_loader/checked.svg HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:24 GMT
Last-Modified: Wed, 23 Nov 2022 07:20:03 GMT
ETag: W/"637dc9a3-456"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: D3IUTYXSvCmMvgBT8nlOnXKYQNDicxjoD2W0ILQYsAxNpPY8aK1o4Q==
app.rewardflux.com/cp/iga/au/images/header_image.png
143.204.55.128200 OK 315 B URL HTTP/1.1 app.rewardflux.com/cp/iga/au/images/header_image.png
IP 143.204.55.128:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash bf204738cc45ba40ddbc1833f7e3fd08
c1cd4d940ed2679bf940e09e5048c914d224cf52
f5e322bbdb5b74a13a08dbe967d05a3554e3547d48aa1789663d677056921ad8
GET /cp/iga/au/images/header_image.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:24 GMT
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KQ7g_-hM7KqY1c8dLryPwbsFjgfS2p5tF3DQSl-Z55Oyiy8_l8Macg==
app.rewardflux.com/cp/_assets/images/favicon/favicon.ico
143.204.55.128200 OK 15 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/favicon/favicon.ico
IP 143.204.55.128:0
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 360c6446288d4278c0c6598f14e33211
187e40e5ab056456f0b49b52b425e70c8f0a86a3
fbbe3016634bf0bb643c407a9a4e3b676362e9e0a1eb25dd3e8e3d898fbb6c1e
GET /cp/_assets/images/favicon/favicon.ico HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/iga/au/reward.html?pre=0&p_id=626a73a389f5f12b71b50d1a&_c_id=aff_code:LDA;request_id:27244d853ba20549247a855e78335e94;aff_tid:;aff_goal_id:10981;aff_goal_id2:10982;aff_id:1339;aff_version:no_teaser;aff_adv_id:546;aff_offer_id:2245;aff_inc:iga&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_city:&_c_dob=ld_dob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&aff_ttp=&ch=&request_id=27244d853ba20549247a855e78335e94&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/x-icon
Content-Length: 15406
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 22 Nov 2022 15:36:11 GMT
Last-Modified: Tue, 22 Nov 2022 13:05:46 GMT
ETag: "637cc92a-3c2e"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lYlbML4kJSKFVnVtJbL30DYcg6o6XvPv9ukBVs5LCrc1NjH-yT6Qog==
Age: 68473
cdn.formulead.com/v/country
34.78.252.25200 OK 51 B URL HTTP/1.1 cdn.formulead.com/v/country
IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 91440c116c92d75cfc02cd72bd060a82
591d3adc1d1d80e012b0dd0214df1f0438ae37f5
1b35c679adcfb2f8fbf92afcaf9f7a741f3c6273503a54b6c55448e1b2807c80
GET /v/country HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:24 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 51
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"33-WR063B0dgOASsN0CFN8fBDiuN/U"
set-cookie: qst.sid=s%3APwpq7rBhtEFQinJYgWu1ZVQpd6K8bCLJ.9rE3UmuWl4SbWsbM0ybW15X3CkAOgAn3hZiGx%2BG52DQ; Path=/; HttpOnly
Vary: Accept-Encoding
push.services.mozilla.com/
44.237.163.41101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.163.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ou0V6azyqW1x6ncqXjmiiQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: clUnxSW06PND/jYCJRaYSqaRc7A=
d25m05rhmo2ok7.cloudfront.net/microsite_picture/843d5f48-ee99-476c-a3ac-6111d3ab7235/secure1.png
143.204.42.230200 OK 3.2 kB URL HTTP/2 d25m05rhmo2ok7.cloudfront.net/microsite_picture/843d5f48-ee99-476c-a3ac-6111d3ab7235/secure1.png
IP 143.204.42.230:0
File type PNG image data, 140 x 60, 8-bit colormap, non-interlaced\012- data
Hash 7154d5a363fcfa8553caabf2998c98f2
d6880dce09104e5a5316f6663d7a72852d7b2a2f
6fa1996e350236b3b2427804baff4672e991bb1ee942cd749b62f43134c81369
GET /microsite_picture/843d5f48-ee99-476c-a3ac-6111d3ab7235/secure1.png HTTP/1.1
Host: d25m05rhmo2ok7.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 3217
x-amz-replication-status: COMPLETED
last-modified: Fri, 24 Aug 2018 07:47:53 GMT
x-amz-version-id: y8wr51Nn.xPOMxliMD7.WPL_irWBZeZA
accept-ranges: bytes
server: AmazonS3
date: Wed, 23 Nov 2022 10:37:25 GMT
etag: "7154d5a363fcfa8553caabf2998c98f2"
x-cache: RefreshHit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: L5ATU1DuTn2alruFRIV3LMAOipz8lPKTxDwrlsMnpp7wDgQqxY3XDg==
X-Firefox-Spdy: h2
d25m05rhmo2ok7.cloudfront.net/microsite_picture/9f4bd660-852c-494c-afba-1dadfe10f1fe/secure2.png
143.204.42.230200 OK 2.9 kB URL HTTP/2 d25m05rhmo2ok7.cloudfront.net/microsite_picture/9f4bd660-852c-494c-afba-1dadfe10f1fe/secure2.png
IP 143.204.42.230:0
File type PNG image data, 140 x 60, 8-bit colormap, non-interlaced\012- data
Hash 7730bc66025ca4d800d235089631ff10
b09ea5503764c03fecb0022af532e4ffa6d33be1
e9846a5c43ea69813d973e44146575a5ef3a76616f7c22c5c163b7bcf82bfea9
GET /microsite_picture/9f4bd660-852c-494c-afba-1dadfe10f1fe/secure2.png HTTP/1.1
Host: d25m05rhmo2ok7.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 2916
x-amz-replication-status: COMPLETED
last-modified: Fri, 24 Aug 2018 07:47:54 GMT
x-amz-version-id: p92_7RAnaYT0eeH5mIk71qybMVBNbFvu
accept-ranges: bytes
server: AmazonS3
date: Wed, 23 Nov 2022 10:37:25 GMT
etag: "7730bc66025ca4d800d235089631ff10"
x-cache: RefreshHit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ma1SLHxbksrjbXZYpH6vixapUim0ETzcU1oKMADewy4vsojBZWJN5w==
X-Firefox-Spdy: h2
d25m05rhmo2ok7.cloudfront.net/microsite_picture/b2ec14f6-5b50-4da0-ba50-8655fed5211a/secure3.png
143.204.42.230200 OK 3.0 kB URL HTTP/2 d25m05rhmo2ok7.cloudfront.net/microsite_picture/b2ec14f6-5b50-4da0-ba50-8655fed5211a/secure3.png
IP 143.204.42.230:0
File type PNG image data, 140 x 60, 8-bit colormap, non-interlaced\012- data
Hash 49ce47d7b75cd4c9ebf33a96ad588834
d331bf5584e6f00961942b7ce693093bfae7ea48
7c33a402486be20064bb9b175a03957ecbc0e7ad71ebb3b9887c22222412a1ff
GET /microsite_picture/b2ec14f6-5b50-4da0-ba50-8655fed5211a/secure3.png HTTP/1.1
Host: d25m05rhmo2ok7.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 2961
x-amz-replication-status: COMPLETED
last-modified: Fri, 24 Aug 2018 07:47:54 GMT
x-amz-version-id: nEi6ItVcFl1vrhE0svFWvt_pZtgq2mnn
accept-ranges: bytes
server: AmazonS3
date: Wed, 23 Nov 2022 10:37:25 GMT
etag: "49ce47d7b75cd4c9ebf33a96ad588834"
x-cache: RefreshHit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: L78axDZca_xxSo82HHyGm24q_nKGm-36USEhIw0aR_E06G2HgMz73g==
X-Firefox-Spdy: h2
cdn.formulead.com/p/626a73a389f5f12b71b50d1a/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=626a73a389f5f12b71b50d1a&qb_offer_id=631ba319c04dabe56fc7d6cb&qb_flow_id=631ba319c04dabe56fc7d6cb&qb_vendor_id=576309b368f48b0100f7082f&qb_country=AU&ql_session_id=OwQ_bNP5oskJrAaQRIlFgnMoH8HP7jPr&pre=0&p_id=626a73a389f5f12b71b50d1a&aff_code=LDA&request_id=27244d853ba20549247a855e78335e94&aff_goal_id=10981&aff_goal_id2=10982&aff_id=1339&aff_version=no_teaser&aff_adv_id=546&aff_offer_id=2245&aff_inc=iga&aff_tt=dp&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Figa%2Fau%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Figa%2Fau%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Figa%2Fau%2Freward.html&stp=1&feed_type=initial
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/p/626a73a389f5f12b71b50d1a/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=626a73a389f5f12b71b50d1a&qb_offer_id=631ba319c04dabe56fc7d6cb&qb_flow_id=631ba319c04dabe56fc7d6cb&qb_vendor_id=576309b368f48b0100f7082f&qb_country=AU&ql_session_id=OwQ_bNP5oskJrAaQRIlFgnMoH8HP7jPr&pre=0&p_id=626a73a389f5f12b71b50d1a&aff_code=LDA&request_id=27244d853ba20549247a855e78335e94&aff_goal_id=10981&aff_goal_id2=10982&aff_id=1339&aff_version=no_teaser&aff_adv_id=546&aff_offer_id=2245&aff_inc=iga&aff_tt=dp&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Figa%2Fau%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Figa%2Fau%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Figa%2Fau%2Freward.html&stp=1&feed_type=initial
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /p/626a73a389f5f12b71b50d1a/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=626a73a389f5f12b71b50d1a&qb_offer_id=631ba319c04dabe56fc7d6cb&qb_flow_id=631ba319c04dabe56fc7d6cb&qb_vendor_id=576309b368f48b0100f7082f&qb_country=AU&ql_session_id=OwQ_bNP5oskJrAaQRIlFgnMoH8HP7jPr&pre=0&p_id=626a73a389f5f12b71b50d1a&aff_code=LDA&request_id=27244d853ba20549247a855e78335e94&aff_goal_id=10981&aff_goal_id2=10982&aff_id=1339&aff_version=no_teaser&aff_adv_id=546&aff_offer_id=2245&aff_inc=iga&aff_tt=dp&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Figa%2Fau%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Figa%2Fau%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Figa%2Fau%2Freward.html&stp=1&feed_type=initial HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-iivmxswc,x-request-id,x-session-id
Referer: http://app.rewardflux.com/
Origin: http://app.rewardflux.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:25 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ae7674294f5a17ef8761b33ac4dad848
30a771e623dd1e3cb8694bb5f71393aaa9e87b6a
cac85ed50ce25c45d5093aaaa231a0d1cd9667f47bd2312947070ba202c5d96b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:37:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6Le28S4hAAAAAA_HM_1PgW6fsQqLb2dZORF4Hbu-
142.250.74.164200 OK 584 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Le28S4hAAAAAA_HM_1PgW6fsQqLb2dZORF4Hbu-
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 2a1f1b94d15f7574926aaf6b01fd9134
c2ae255da35bd16ba364e83bbdf88d03b64e435c
3cdeb8f735f3a56a71b449ae7f2dcf5e70a6110d16ec6673926da9b373dda90c
GET /recaptcha/api.js?render=6Le28S4hAAAAAA_HM_1PgW6fsQqLb2dZORF4Hbu- HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 23 Nov 2022 10:37:25 GMT
date: Wed, 23 Nov 2022 10:37:25 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8069f5e67c25fc0b7388ba5d4decd8c9
64a85ba44c80ea206f4382f573c3d61e4f607ccf
7587cd04333ddf1cff15ae219cb8fca0618786a9fe4cee989975f4d50889e72a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:37:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.formulead.com/p/626a73a389f5f12b71b50d1a/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=626a73a389f5f12b71b50d1a&qb_offer_id=631ba319c04dabe56fc7d6cb&qb_flow_id=631ba319c04dabe56fc7d6cb&qb_vendor_id=576309b368f48b0100f7082f&qb_country=AU&ql_session_id=OwQ_bNP5oskJrAaQRIlFgnMoH8HP7jPr&pre=0&p_id=626a73a389f5f12b71b50d1a&aff_code=LDA&request_id=27244d853ba20549247a855e78335e94&aff_goal_id=10981&aff_goal_id2=10982&aff_id=1339&aff_version=no_teaser&aff_adv_id=546&aff_offer_id=2245&aff_inc=iga&aff_tt=dp&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Figa%2Fau%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Figa%2Fau%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Figa%2Fau%2Freward.html&stp=1&feed_type=initial
34.78.252.25200 OK 5.7 kB URL HTTP/1.1 cdn.formulead.com/p/626a73a389f5f12b71b50d1a/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=626a73a389f5f12b71b50d1a&qb_offer_id=631ba319c04dabe56fc7d6cb&qb_flow_id=631ba319c04dabe56fc7d6cb&qb_vendor_id=576309b368f48b0100f7082f&qb_country=AU&ql_session_id=OwQ_bNP5oskJrAaQRIlFgnMoH8HP7jPr&pre=0&p_id=626a73a389f5f12b71b50d1a&aff_code=LDA&request_id=27244d853ba20549247a855e78335e94&aff_goal_id=10981&aff_goal_id2=10982&aff_id=1339&aff_version=no_teaser&aff_adv_id=546&aff_offer_id=2245&aff_inc=iga&aff_tt=dp&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Figa%2Fau%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Figa%2Fau%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Figa%2Fau%2Freward.html&stp=1&feed_type=initial
IP 34.78.252.25:0
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (25598), with no line terminators
Hash b8453b98ecb1ee4e410ff29d9c517c84
2ef74cde8bc8a00bd8c47bcc58a0736e0d5f12d4
10cffc35d5730c558d52d90b31beb50ced32b7919b7b7d3ad0abd39205baefba
GET /p/626a73a389f5f12b71b50d1a/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=626a73a389f5f12b71b50d1a&qb_offer_id=631ba319c04dabe56fc7d6cb&qb_flow_id=631ba319c04dabe56fc7d6cb&qb_vendor_id=576309b368f48b0100f7082f&qb_country=AU&ql_session_id=OwQ_bNP5oskJrAaQRIlFgnMoH8HP7jPr&pre=0&p_id=626a73a389f5f12b71b50d1a&aff_code=LDA&request_id=27244d853ba20549247a855e78335e94&aff_goal_id=10981&aff_goal_id2=10982&aff_id=1339&aff_version=no_teaser&aff_adv_id=546&aff_offer_id=2245&aff_inc=iga&aff_tt=dp&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Figa%2Fau%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Figa%2Fau%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Figa%2Fau%2Freward.html&stp=1&feed_type=initial HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Session-Id: s:OwQ_bNP5oskJrAaQRIlFgnMoH8HP7jPr.JsC8tfsSvZ+jzqYUVomxdpS5Ah+FmqIi+qCDWLlOc6M
X-Request-Id: 1c1bd4ad332c8ac286fbda3c
X-iivmxswc: 145f415023468eef47bc249e83170aaf7c8c459f5f079c54a472a1d7c59bd4d4
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Cookie: plc=626a73a389f5f12b71b50d1a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:25 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: stp=1; Path=/; Expires=Fri, 22 Nov 2024 10:37:25 GMT; Secure; SameSite=None
ck_tsp=2022-11-23T10%3A37%3A25.240Z; Path=/; Expires=Fri, 22 Nov 2024 10:37:25 GMT; Secure; SameSite=None
sip=91.90.42.154; Path=/; Expires=Fri, 22 Nov 2024 10:37:25 GMT; Secure; SameSite=None
ETag: W/"64ce-hsZF+bC18Kkn1y0x/0M2E7G2d1s"
Vary: Accept-Encoding
Content-Encoding: gzip
cdn.formulead.com/v/reverse-dns-lookup
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/v/reverse-dns-lookup
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /v/reverse-dns-lookup HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-lead-id
Referer: http://app.rewardflux.com/
Origin: http://app.rewardflux.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:25 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
cdn.formulead.com/v/fingerprint-cache?vl_fp=9233aa210fa7da7061a624224377a2bb&vl_fp_cljs=803716228
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/v/fingerprint-cache?vl_fp=9233aa210fa7da7061a624224377a2bb&vl_fp_cljs=803716228
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /v/fingerprint-cache?vl_fp=9233aa210fa7da7061a624224377a2bb&vl_fp_cljs=803716228 HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-lead-id
Referer: http://app.rewardflux.com/
Origin: http://app.rewardflux.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:25 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
cdn.formulead.com/v/reverse-dns-lookup
34.78.252.25200 OK 16 B URL HTTP/1.1 cdn.formulead.com/v/reverse-dns-lookup
IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
GET /v/reverse-dns-lookup HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Lead-Id: 1c1bd4ad332c8ac286fbda3c
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Cookie: plc=626a73a389f5f12b71b50d1a; stp=1; ck_tsp=2022-11-23T10%3A37%3A25.240Z; sip=91.90.42.154
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:25 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 16
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
set-cookie: qst.sid=s%3A7IWtiZ0oEVN4U9c3O-FtzT95KjNqDCp9.tHOFoaC12PvUPfBGFtUsouxPBomYO6OPueImhns9pZI; Path=/; HttpOnly
Vary: Accept-Encoding
content2020.qubiqlabs.com/fonts/myriad-pro/MyriadPro-Regular.woff
34.78.252.25200 OK 52 kB URL HTTP/1.1 content2020.qubiqlabs.com/fonts/myriad-pro/MyriadPro-Regular.woff
IP 34.78.252.25:0
File type Web Open Font Format, CFF, length 51572, version 0.0\012- data
Hash 6a324f29ef3efabd2176f8b697ad71ed
dd696f0c713eb491c6e16bec9fda63f3f23999ba
6d64c461708b8f11e06451c96779d22fc2b8de582214c77493ecc57c32ede06e
Analyzer Verdict Alert fortinet Phishing
GET /fonts/myriad-pro/MyriadPro-Regular.woff HTTP/1.1
Host: content2020.qubiqlabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:25 GMT
Content-Type: application/font-woff
Content-Length: 51572
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 07:20:55 GMT
ETag: "637dc9d7-c974"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
cdn.formulead.com/v/fingerprint-cache?vl_fp=9233aa210fa7da7061a624224377a2bb&vl_fp_cljs=803716228
34.78.252.25200 OK 16 B URL HTTP/1.1 cdn.formulead.com/v/fingerprint-cache?vl_fp=9233aa210fa7da7061a624224377a2bb&vl_fp_cljs=803716228
IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
GET /v/fingerprint-cache?vl_fp=9233aa210fa7da7061a624224377a2bb&vl_fp_cljs=803716228 HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Lead-Id: 1c1bd4ad332c8ac286fbda3c
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Cookie: plc=626a73a389f5f12b71b50d1a; stp=1; ck_tsp=2022-11-23T10%3A37%3A25.240Z; sip=91.90.42.154
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:25 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 16
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
set-cookie: qst.sid=s%3A0t53IlYKmx3ClqG49ljG-CdD8_7WBoxH.rZ7iMmqf%2BqsS3ycNGWtRx9Vs2GL5ICbqipmQrx4xTu0; Path=/; HttpOnly
Vary: Accept-Encoding
cdn.formulead.com/p/626a73a389f5f12b71b50d1a/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=626a73a389f5f12b71b50d1a&qb_offer_id=631ba319c04dabe56fc7d6cb&qb_flow_id=631ba319c04dabe56fc7d6cb&qb_vendor_id=576309b368f48b0100f7082f&qb_country=AU&ql_session_id=OwQ_bNP5oskJrAaQRIlFgnMoH8HP7jPr&pre=0&p_id=626a73a389f5f12b71b50d1a&aff_code=LDA&request_id=27244d853ba20549247a855e78335e94&aff_goal_id=10981&aff_goal_id2=10982&aff_id=1339&aff_version=no_teaser&aff_adv_id=546&aff_offer_id=2245&aff_inc=iga&aff_tt=dp&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Figa%2Fau%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Figa%2Fau%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Figa%2Fau%2Freward.html&stp=1&feed_type=full
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/p/626a73a389f5f12b71b50d1a/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=626a73a389f5f12b71b50d1a&qb_offer_id=631ba319c04dabe56fc7d6cb&qb_flow_id=631ba319c04dabe56fc7d6cb&qb_vendor_id=576309b368f48b0100f7082f&qb_country=AU&ql_session_id=OwQ_bNP5oskJrAaQRIlFgnMoH8HP7jPr&pre=0&p_id=626a73a389f5f12b71b50d1a&aff_code=LDA&request_id=27244d853ba20549247a855e78335e94&aff_goal_id=10981&aff_goal_id2=10982&aff_id=1339&aff_version=no_teaser&aff_adv_id=546&aff_offer_id=2245&aff_inc=iga&aff_tt=dp&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Figa%2Fau%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Figa%2Fau%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Figa%2Fau%2Freward.html&stp=1&feed_type=full
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /p/626a73a389f5f12b71b50d1a/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=626a73a389f5f12b71b50d1a&qb_offer_id=631ba319c04dabe56fc7d6cb&qb_flow_id=631ba319c04dabe56fc7d6cb&qb_vendor_id=576309b368f48b0100f7082f&qb_country=AU&ql_session_id=OwQ_bNP5oskJrAaQRIlFgnMoH8HP7jPr&pre=0&p_id=626a73a389f5f12b71b50d1a&aff_code=LDA&request_id=27244d853ba20549247a855e78335e94&aff_goal_id=10981&aff_goal_id2=10982&aff_id=1339&aff_version=no_teaser&aff_adv_id=546&aff_offer_id=2245&aff_inc=iga&aff_tt=dp&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Figa%2Fau%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Figa%2Fau%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Figa%2Fau%2Freward.html&stp=1&feed_type=full HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-iivmxswc,x-request-id,x-session-id
Referer: http://app.rewardflux.com/
Origin: http://app.rewardflux.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:25 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
app.rewardflux.com/assets/svg/check/check.svg
143.204.55.128200 OK 250 B URL HTTP/1.1 app.rewardflux.com/assets/svg/check/check.svg
IP 143.204.55.128:0
Hash 5e2891649c75b864d832175430ad8cb9
762ff0e2638e71e3a8d76893744c623ef4826b8b
7fd9520b93ec38a8c7e093d213c08bc79dd328ba41b4f6dcf46db195fdb36438
GET /assets/svg/check/check.svg HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/_assets/css/style.css
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Content-Length: 250
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 00:17:06 GMT
Last-Modified: Tue, 22 Nov 2022 21:45:53 GMT
ETag: "637d4311-fa"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hOQ7GYoM40TI399WDwxFtO8mwVrDeY5HO33cxNML4oLatz2ACkju0g==
Age: 37219
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d1d7ee1871d1b67ef7957f3ed20b7dde
f50eb99d882985b13a3d119adb3186de1f36932e
3c3c6954db2023a8ebc94d79884768807124d59d5ca67bec500c1656b893917f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6169
Cache-Control: max-age=117732
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:37:25 GMT
Etag: "637d08b1-117"
Expires: Thu, 24 Nov 2022 19:19:37 GMT
Last-Modified: Tue, 22 Nov 2022 17:36:49 GMT
Server: ECS (amb/6BC8)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8069
Expires: Wed, 23 Nov 2022 12:51:55 GMT
Date: Wed, 23 Nov 2022 10:37:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8069
Expires: Wed, 23 Nov 2022 12:51:55 GMT
Date: Wed, 23 Nov 2022 10:37:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8069
Expires: Wed, 23 Nov 2022 12:51:55 GMT
Date: Wed, 23 Nov 2022 10:37:26 GMT
Connection: keep-alive
cdn.formulead.com/t/errors
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/t/errors
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /t/errors HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-session-id
Referer: http://app.rewardflux.com/
Origin: http://app.rewardflux.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:26 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d1d7ee1871d1b67ef7957f3ed20b7dde
f50eb99d882985b13a3d119adb3186de1f36932e
3c3c6954db2023a8ebc94d79884768807124d59d5ca67bec500c1656b893917f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6170
Cache-Control: max-age=117732
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:37:26 GMT
Etag: "637d08b1-117"
Expires: Thu, 24 Nov 2022 19:19:38 GMT
Last-Modified: Tue, 22 Nov 2022 17:36:49 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd46b36d-1888-40f4-b55e-f6905fed9018.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd46b36d-1888-40f4-b55e-f6905fed9018.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cdc70ea570bedb3a19294a2e3cfcb1b
c3abc52da2458971b00416c5513894a8b60389f0
71f4c91b66b84d7bff6416d8efd1b95ca3aa3543a25489553d1acb6cd9b77308
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd46b36d-1888-40f4-b55e-f6905fed9018.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8740
x-amzn-requestid: 7bb62ac1-5774-4e82-8438-9eded7ea71a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-JKMGFMIAMFovg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bef0d-06bd21480b42efd67f62c690;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:35:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: FjB6qa579_iDdG_QfQwnlYUEnwv0vZHG0JetZw_gtSVuet7BROTwDw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:50:31 GMT
age: 46015
etag: "c3abc52da2458971b00416c5513894a8b60389f0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 06:36:36 GMT
age: 14450
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c6380f73d47906bd63b9c48137e4df61
94e053461d2db89e9d08321f26a2555ebcd7e0b9
84144e3c3e7acc7339fd1da9b373f18582734b6f4d235b2aef8c90616ed1c8a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5914
x-amzn-requestid: 8dea187e-ee61-4691-aff7-59202f978565
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b2P4MF0UIAMFWBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6378c69a-011430f86689624a29d71215;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 12:05:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: c2w_q7fYc60JSQ4GcAlmUFyp7csfflgG8GvCXJuy_wWlvf9mIG0u9g==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:38:55 GMT
age: 43111
etag: "94e053461d2db89e9d08321f26a2555ebcd7e0b9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe1bda54-5235-4786-bafa-a111a9acd500.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe1bda54-5235-4786-bafa-a111a9acd500.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 448adf31ef3a09f7d8a45e1c038fe1d8
88e9613f90c14dca0b2c0b60103d0c8e4d859cc8
cedf0f3bd94dfde56b90f130fc960fe73d0131594b9b4ff0e8dbbe27d76b0926
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe1bda54-5235-4786-bafa-a111a9acd500.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8000
x-amzn-requestid: 9761ee4c-6da2-4b57-8fab-4d94ec810717
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bn1pXGrCIAMFe3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63730308-7628d58a621de956205e1f9c;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 03:10:00 GMT
x-amz-cf-pop: SFO5-C3, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XlHerM1xe1mm1PGiw1jao15GRW9b1qemXZ3aLODebRK-nZnRMyMfbA==
via: 1.1 100e7eca600d702a8613a94cb0899fe8.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:56:53 GMT
age: 45633
etag: "88e9613f90c14dca0b2c0b60103d0c8e4d859cc8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0cc111ba6ae699fca7fbff3490640960
18084197b48ea3b4a143636250396e8791d0285f
34fbba92e665ad371ea2bd1a871251cf0c5b7832d6f4661b21b2cfbd7f786923
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4977
x-amzn-requestid: 3e56de91-7ed1-4b1e-b230-5f19b2cc6601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bxQKBHzdIAMFpUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376c70c-41c572d27999534d3c198372;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 23:43:08 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 414rX74hOWUS2W1d9SVHs7McxZ4QDE249cjU-1EyIe0nMkZrQz2rrQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 3236f234d59c0fda99b416088c283260.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:56:48 GMT
age: 45638
etag: "18084197b48ea3b4a143636250396e8791d0285f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e8d7af3a5d030774447a0f71c7824f0
663cace8681891ad55943dd0273493aa9474d102
22068df04672281e392caa485259df103d591ab247c3eb5e0ccba10ffd8a9ef0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9766
x-amzn-requestid: ca8b7a9f-3c1a-419d-953e-2944bf820e5e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcR_Hd4IAMFWUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d40d9-4ca5e9b2476a47cd199b9cba;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:36:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RZqqB_Aaam7hYpdAB2fbx-i3iQth9M-OgA25IgCB5Uz0swqVi3-bVg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:48:19 GMT
age: 46147
etag: "663cace8681891ad55943dd0273493aa9474d102"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.formulead.com/t/errors
34.78.252.25200 OK 16 B URL HTTP/1.1 cdn.formulead.com/t/errors
IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
POST /t/errors HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Session-Id: s:OwQ_bNP5oskJrAaQRIlFgnMoH8HP7jPr.JsC8tfsSvZ+jzqYUVomxdpS5Ah+FmqIi+qCDWLlOc6M
Content-Type: application/json
Content-Length: 148
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:26 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 16
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
Vary: Accept-Encoding
trk-consulatu.com/scripts/push/script/z75dnkdk4q?url=app.rewardflux.com
172.64.168.3200 OK 2.1 kB URL HTTP/2 trk-consulatu.com/scripts/push/script/z75dnkdk4q?url=app.rewardflux.com
IP 172.64.168.3:0
File type ASCII text, with very long lines (6943)
Hash 114e489c5c864ade991249c332b13dd3
3b2336255f230f5844e8367f18bd943872030ef3
3f2fe1dcf98e6cf8f81321af82353ed471c654f1d0194fee38972f96588896ff
GET /scripts/push/script/z75dnkdk4q?url=app.rewardflux.com HTTP/1.1
Host: trk-consulatu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 10:37:26 GMT
content-type: application/javascript;charset=UTF-8
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: DENY
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sbjRKlf%2BHAp7fFnmxeGreuhwKi35DMVhEqaYhzbfdU8FXY%2FwfqVP5P9pu1Ik%2FUS7KmHTTGi94YnIbS46KS6zklHsuN9onYESbNayB32RfwtCjnJJ0LC%2BKp87V1IQZa1AvAxlgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e944fd994672af-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
event.trk-consulatu.com/register/event_log/z0grl55ygx
172.64.169.3200 OK 0 B URL HTTP/2 event.trk-consulatu.com/register/event_log/z0grl55ygx
IP 172.64.169.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /register/event_log/z0grl55ygx HTTP/1.1
Host: event.trk-consulatu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://app.rewardflux.com/
Content-type: application/json
Origin: http://app.rewardflux.com
Content-Length: 103
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 10:37:26 GMT
content-length: 0
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-pushplatformapp-params:
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
x-frame-options: DENY
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: http://app.rewardflux.com
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WF3tj4NYtlIVHld712dldhizW%2B3Wezr6U0GrBx3kyJr9gwUjrggYrxoy%2F3yRF1t254%2FVBIKh%2BsLe0D6ALTj9WK1EtqoNXgJB4S2RuhdmvtNKi%2FJMFzeyWvV9YAO01o20e3co3UIU38E20A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e944ffbb5c889e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:37:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 10:35:38 GMT
expires: Thu, 23 Nov 2023 10:35:38 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 108
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:37:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.formulead.com/t/validator
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/t/validator
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /t/validator HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-session-id
Referer: http://app.rewardflux.com/
Origin: http://app.rewardflux.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:26 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
cdn.formulead.com/t/validator
34.78.252.25200 OK 16 B URL HTTP/1.1 cdn.formulead.com/t/validator
IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
POST /t/validator HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Session-Id: s:OwQ_bNP5oskJrAaQRIlFgnMoH8HP7jPr.JsC8tfsSvZ+jzqYUVomxdpS5Ah+FmqIi+qCDWLlOc6M
Content-Type: application/json
Content-Length: 1854
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:26 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 16
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
Vary: Accept-Encoding
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Nov 2022 12:31:58 GMT
expires: Sun, 19 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 338728
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 21:46:16 GMT
expires: Fri, 17 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 478270
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.formulead.com/t/page
34.78.252.25200 OK 2 B IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /t/page HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-session-id
Referer: http://app.rewardflux.com/
Origin: http://app.rewardflux.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:27 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
cdn.formulead.com/v/recaptcha3?token=03AEkXODCr-pp_45qbql7Jogq8aLAh0hHzhg-0Js_SWxYeTJRhQVGCTrsKHghgniBMq_YGJm5YMSKIaisIOHaKZUaYuI2WzACNucjlhxUHvPvXzIlJoyCS5IaGUPJgv5MBEVGebvTidm-MCy22yNbpzX-GiahtSCHb9PE6hEPtwvFxtEzICG2WzhDa2PuWag_NF5MD9eS34g7_kMTCQwH-UlSQeAERax5T_CMuNUtROtgKPnoLd99t3bGxUMtEAoxZdTCkiiRjgRldNjIfaDkBDO7wTMEQ8jreBdIqDWHH2H3aJlLFHy7wUeNHWFDPycj7J6fEpJby_uiJ_opkB-8XCeo-YxKOa1y4bSVYGGD7c3r1FWh1MPQSwpD-rx0A_2eGD6kES-ybMzYJhFUEqhsAUUithzi-vCeB5g_uS9b-rQ-ax2YI_c103qgTrKdWvLOde1p47FoOjSDTPaErY38ynHsnnETypvNrv2wRweibC_zccWizLnj02l2-ydSASa5cI71zTupSHYQ0G7b2Ftcja0rHfAZJ4_scQA&step=1
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/v/recaptcha3?token=03AEkXODCr-pp_45qbql7Jogq8aLAh0hHzhg-0Js_SWxYeTJRhQVGCTrsKHghgniBMq_YGJm5YMSKIaisIOHaKZUaYuI2WzACNucjlhxUHvPvXzIlJoyCS5IaGUPJgv5MBEVGebvTidm-MCy22yNbpzX-GiahtSCHb9PE6hEPtwvFxtEzICG2WzhDa2PuWag_NF5MD9eS34g7_kMTCQwH-UlSQeAERax5T_CMuNUtROtgKPnoLd99t3bGxUMtEAoxZdTCkiiRjgRldNjIfaDkBDO7wTMEQ8jreBdIqDWHH2H3aJlLFHy7wUeNHWFDPycj7J6fEpJby_uiJ_opkB-8XCeo-YxKOa1y4bSVYGGD7c3r1FWh1MPQSwpD-rx0A_2eGD6kES-ybMzYJhFUEqhsAUUithzi-vCeB5g_uS9b-rQ-ax2YI_c103qgTrKdWvLOde1p47FoOjSDTPaErY38ynHsnnETypvNrv2wRweibC_zccWizLnj02l2-ydSASa5cI71zTupSHYQ0G7b2Ftcja0rHfAZJ4_scQA&step=1
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /v/recaptcha3?token=03AEkXODCr-pp_45qbql7Jogq8aLAh0hHzhg-0Js_SWxYeTJRhQVGCTrsKHghgniBMq_YGJm5YMSKIaisIOHaKZUaYuI2WzACNucjlhxUHvPvXzIlJoyCS5IaGUPJgv5MBEVGebvTidm-MCy22yNbpzX-GiahtSCHb9PE6hEPtwvFxtEzICG2WzhDa2PuWag_NF5MD9eS34g7_kMTCQwH-UlSQeAERax5T_CMuNUtROtgKPnoLd99t3bGxUMtEAoxZdTCkiiRjgRldNjIfaDkBDO7wTMEQ8jreBdIqDWHH2H3aJlLFHy7wUeNHWFDPycj7J6fEpJby_uiJ_opkB-8XCeo-YxKOa1y4bSVYGGD7c3r1FWh1MPQSwpD-rx0A_2eGD6kES-ybMzYJhFUEqhsAUUithzi-vCeB5g_uS9b-rQ-ax2YI_c103qgTrKdWvLOde1p47FoOjSDTPaErY38ynHsnnETypvNrv2wRweibC_zccWizLnj02l2-ydSASa5cI71zTupSHYQ0G7b2Ftcja0rHfAZJ4_scQA&step=1 HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-lead-id
Referer: http://app.rewardflux.com/
Origin: http://app.rewardflux.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:27 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
cdn.formulead.com/v/recaptcha3?token=03AEkXODCr-pp_45qbql7Jogq8aLAh0hHzhg-0Js_SWxYeTJRhQVGCTrsKHghgniBMq_YGJm5YMSKIaisIOHaKZUaYuI2WzACNucjlhxUHvPvXzIlJoyCS5IaGUPJgv5MBEVGebvTidm-MCy22yNbpzX-GiahtSCHb9PE6hEPtwvFxtEzICG2WzhDa2PuWag_NF5MD9eS34g7_kMTCQwH-UlSQeAERax5T_CMuNUtROtgKPnoLd99t3bGxUMtEAoxZdTCkiiRjgRldNjIfaDkBDO7wTMEQ8jreBdIqDWHH2H3aJlLFHy7wUeNHWFDPycj7J6fEpJby_uiJ_opkB-8XCeo-YxKOa1y4bSVYGGD7c3r1FWh1MPQSwpD-rx0A_2eGD6kES-ybMzYJhFUEqhsAUUithzi-vCeB5g_uS9b-rQ-ax2YI_c103qgTrKdWvLOde1p47FoOjSDTPaErY38ynHsnnETypvNrv2wRweibC_zccWizLnj02l2-ydSASa5cI71zTupSHYQ0G7b2Ftcja0rHfAZJ4_scQA&step=1
34.78.252.25200 OK 165 B URL HTTP/1.1 cdn.formulead.com/v/recaptcha3?token=03AEkXODCr-pp_45qbql7Jogq8aLAh0hHzhg-0Js_SWxYeTJRhQVGCTrsKHghgniBMq_YGJm5YMSKIaisIOHaKZUaYuI2WzACNucjlhxUHvPvXzIlJoyCS5IaGUPJgv5MBEVGebvTidm-MCy22yNbpzX-GiahtSCHb9PE6hEPtwvFxtEzICG2WzhDa2PuWag_NF5MD9eS34g7_kMTCQwH-UlSQeAERax5T_CMuNUtROtgKPnoLd99t3bGxUMtEAoxZdTCkiiRjgRldNjIfaDkBDO7wTMEQ8jreBdIqDWHH2H3aJlLFHy7wUeNHWFDPycj7J6fEpJby_uiJ_opkB-8XCeo-YxKOa1y4bSVYGGD7c3r1FWh1MPQSwpD-rx0A_2eGD6kES-ybMzYJhFUEqhsAUUithzi-vCeB5g_uS9b-rQ-ax2YI_c103qgTrKdWvLOde1p47FoOjSDTPaErY38ynHsnnETypvNrv2wRweibC_zccWizLnj02l2-ydSASa5cI71zTupSHYQ0G7b2Ftcja0rHfAZJ4_scQA&step=1
IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 59b26077001f6f25394b97d662d0358b
f0ac03a371eeb64dcd9790fc25de1e2507df6c16
1839806bb61a17617d7739b87f3f2379b9a534677dc3790917e67b3e5a2852a2
GET /v/recaptcha3?token=03AEkXODCr-pp_45qbql7Jogq8aLAh0hHzhg-0Js_SWxYeTJRhQVGCTrsKHghgniBMq_YGJm5YMSKIaisIOHaKZUaYuI2WzACNucjlhxUHvPvXzIlJoyCS5IaGUPJgv5MBEVGebvTidm-MCy22yNbpzX-GiahtSCHb9PE6hEPtwvFxtEzICG2WzhDa2PuWag_NF5MD9eS34g7_kMTCQwH-UlSQeAERax5T_CMuNUtROtgKPnoLd99t3bGxUMtEAoxZdTCkiiRjgRldNjIfaDkBDO7wTMEQ8jreBdIqDWHH2H3aJlLFHy7wUeNHWFDPycj7J6fEpJby_uiJ_opkB-8XCeo-YxKOa1y4bSVYGGD7c3r1FWh1MPQSwpD-rx0A_2eGD6kES-ybMzYJhFUEqhsAUUithzi-vCeB5g_uS9b-rQ-ax2YI_c103qgTrKdWvLOde1p47FoOjSDTPaErY38ynHsnnETypvNrv2wRweibC_zccWizLnj02l2-ydSASa5cI71zTupSHYQ0G7b2Ftcja0rHfAZJ4_scQA&step=1 HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Lead-Id: 1c1bd4ad332c8ac286fbda3c
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Cookie: plc=626a73a389f5f12b71b50d1a; stp=1; ck_tsp=2022-11-23T10%3A37%3A25.240Z; sip=91.90.42.154
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:27 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 165
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"a5-8KwDo3Hutk3Nl5D8Jd4eJQffbBY"
set-cookie: qst.sid=s%3AtMOxGYb4eYavXH6BJU6xUiIOpQroKp_J.9Ojxk7uFbYm60yrtrwHlXnKktJ1ikQOoVjTwBH94eU8; Path=/; HttpOnly
Vary: Accept-Encoding
cdn.formulead.com/p/626a73a389f5f12b71b50d1a/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=626a73a389f5f12b71b50d1a&qb_offer_id=631ba319c04dabe56fc7d6cb&qb_flow_id=631ba319c04dabe56fc7d6cb&qb_vendor_id=576309b368f48b0100f7082f&qb_country=AU&ql_session_id=OwQ_bNP5oskJrAaQRIlFgnMoH8HP7jPr&pre=0&p_id=626a73a389f5f12b71b50d1a&aff_code=LDA&request_id=27244d853ba20549247a855e78335e94&aff_goal_id=10981&aff_goal_id2=10982&aff_id=1339&aff_version=no_teaser&aff_adv_id=546&aff_offer_id=2245&aff_inc=iga&aff_tt=dp&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Figa%2Fau%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Figa%2Fau%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Figa%2Fau%2Freward.html&stp=1&feed_type=full
34.78.252.25200 OK 29 kB URL HTTP/1.1 cdn.formulead.com/p/626a73a389f5f12b71b50d1a/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=626a73a389f5f12b71b50d1a&qb_offer_id=631ba319c04dabe56fc7d6cb&qb_flow_id=631ba319c04dabe56fc7d6cb&qb_vendor_id=576309b368f48b0100f7082f&qb_country=AU&ql_session_id=OwQ_bNP5oskJrAaQRIlFgnMoH8HP7jPr&pre=0&p_id=626a73a389f5f12b71b50d1a&aff_code=LDA&request_id=27244d853ba20549247a855e78335e94&aff_goal_id=10981&aff_goal_id2=10982&aff_id=1339&aff_version=no_teaser&aff_adv_id=546&aff_offer_id=2245&aff_inc=iga&aff_tt=dp&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Figa%2Fau%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Figa%2Fau%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Figa%2Fau%2Freward.html&stp=1&feed_type=full
IP 34.78.252.25:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (65274), with no line terminators
Hash 5e20f35e557de739f6411472b44c43a2
faa7c0389fc7fec5f1484fd81e0e017803fd6c7a
c80fc08425902a920c104fc0205e08ee583f55ee723f8519f6a71e8d41869d6c
GET /p/626a73a389f5f12b71b50d1a/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=626a73a389f5f12b71b50d1a&qb_offer_id=631ba319c04dabe56fc7d6cb&qb_flow_id=631ba319c04dabe56fc7d6cb&qb_vendor_id=576309b368f48b0100f7082f&qb_country=AU&ql_session_id=OwQ_bNP5oskJrAaQRIlFgnMoH8HP7jPr&pre=0&p_id=626a73a389f5f12b71b50d1a&aff_code=LDA&request_id=27244d853ba20549247a855e78335e94&aff_goal_id=10981&aff_goal_id2=10982&aff_id=1339&aff_version=no_teaser&aff_adv_id=546&aff_offer_id=2245&aff_inc=iga&aff_tt=dp&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Figa%2Fau%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Figa%2Fau%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Figa%2Fau%2Freward.html&stp=1&feed_type=full HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Session-Id: s:OwQ_bNP5oskJrAaQRIlFgnMoH8HP7jPr.JsC8tfsSvZ+jzqYUVomxdpS5Ah+FmqIi+qCDWLlOc6M
X-Request-Id: 1c1bd4ad332c8ac286fbda3c
X-iivmxswc: 145f415023468eef47bc249e83170aaf7c8c459f5f079c54a472a1d7c59bd4d4
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Cookie: plc=626a73a389f5f12b71b50d1a; stp=1; ck_tsp=2022-11-23T10%3A37%3A25.240Z; sip=91.90.42.154
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:28 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: stp=1; Path=/; Expires=Fri, 22 Nov 2024 10:37:26 GMT; Secure; SameSite=None
ck_tsp=2022-11-23T10%3A37%3A26.003Z; Path=/; Expires=Fri, 22 Nov 2024 10:37:26 GMT; Secure; SameSite=None
sip=91.90.42.154; Path=/; Expires=Fri, 22 Nov 2024 10:37:26 GMT; Secure; SameSite=None
ETag: W/"353e9-ZeWI6jQB6AWr2CKTp3+fAsEAsTo"
Vary: Accept-Encoding
Content-Encoding: gzip
cdn.formulead.com/t/page
34.78.252.25200 OK 16 B IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
POST /t/page HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Session-Id: s:OwQ_bNP5oskJrAaQRIlFgnMoH8HP7jPr.JsC8tfsSvZ+jzqYUVomxdpS5Ah+FmqIi+qCDWLlOc6M
Content-Type: application/json
Content-Length: 146
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 23 Nov 2022 10:37:30 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 16
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
Vary: Accept-Encoding
kit.fontawesome.com/0711a5d108.js
104.18.22.52200 OK 0 B URL HTTP/2 kit.fontawesome.com/0711a5d108.js
IP 104.18.22.52:0
GET /0711a5d108.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 10:37:24 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: Fyn5JBa5-ThCMSB7c4EC
cf-cache-status: MISS
server: cloudflare
cf-ray: 76e944f00b200afe-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
st.formulead.com/assets/img/spinner/puff.svg
54.230.111.123200 OK 0 B URL HTTP/2 st.formulead.com/assets/img/spinner/puff.svg
IP 54.230.111.123:0
GET /assets/img/spinner/puff.svg HTTP/1.1
Host: st.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx/1.19.0
last-modified: Tue, 20 Sep 2022 15:27:41 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Tue, 22 Nov 2022 15:14:20 GMT
etag: W/"6329dbed-5b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OpUweal9VEAVgvK41wqjIlworMBG1fUrEOHsE-eS5gs1PSzxz9VWUw==
age: 69784
X-Firefox-Spdy: h2
st.formulead.com/assets/js/bioep.min.js
54.230.111.123200 OK 0 B URL HTTP/2 st.formulead.com/assets/js/bioep.min.js
IP 54.230.111.123:0
GET /assets/js/bioep.min.js HTTP/1.1
Host: st.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf8
server: nginx/1.19.0
last-modified: Tue, 20 Sep 2022 15:27:41 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Tue, 22 Nov 2022 12:42:54 GMT
etag: W/"6329dbed-14c4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: w-MDsbGA07ZBMhMPitjGt1sustRy1CyJOR19QcO0xaInksAV_BgzUw==
age: 78870
X-Firefox-Spdy: h2
st.formulead.com/assets/js/helpers.js
54.230.111.123200 OK 0 B URL HTTP/2 st.formulead.com/assets/js/helpers.js
IP 54.230.111.123:0
GET /assets/js/helpers.js HTTP/1.1
Host: st.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf8
server: nginx/1.19.0
last-modified: Tue, 20 Sep 2022 15:27:41 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Tue, 22 Nov 2022 12:15:13 GMT
etag: W/"6329dbed-fefc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RKQwxQ8M80Fvc7_c8eNAlLMMXftLKd1Tk2AgK4jriJ2z9NZTKRzMGg==
age: 80531
X-Firefox-Spdy: h2