promo2.usg24.com Open in urlscan Pro
2001:41d0:301:5::30 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://promo2.usg24.com/
Submission: On October 29 via api (October 29th 2024, 12:33:46 am UTC) from US — Scanned from FR

Summary HTTP 67 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 5 countries across 8 domains to perform 67 HTTP transactions. The main IP is 2001:41d0:301:5::30, located in France and belongs to OVH, FR. The main domain is promo2.usg24.com.
TLS certificate: Issued by R10 on October 28th 2024. Valid for: 3 months.

This is the only time promo2.usg24.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
47	2001:41d0:301... 2001:41d0:301:5::30	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
7	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1	18.66.102.53 18.66.102.53	16509 (AMAZON-02) (AMAZON-02)
1	13.33.187.109 13.33.187.109	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.136 142.250.186.136	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	54.72.94.65 54.72.94.65	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
67	11

47 2001:41d0:301:5::30 (France)

ASN16276 (OVH, FR)

promo2.usg24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.187.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-109.fra60.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.94.65 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-94-65.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	usg24.com promo2.usg24.com	3 MB
7	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	282 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	3 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 877 script.hotjar.com — Cisco Umbrella Rank: 1177	61 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	73 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 6755	171 B
67	8

	Domain	Requested by
47	promo2.usg24.com	promo2.usg24.com
7	cdnjs.cloudflare.com	promo2.usg24.com cdnjs.cloudflare.com
4	www.googletagmanager.com	promo2.usg24.com www.googletagmanager.com
2	www.facebook.com	promo2.usg24.com
2	connect.facebook.net	promo2.usg24.com connect.facebook.net
1	www.google-analytics.com	www.googletagmanager.com
1	content.hotjar.io	script.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	promo2.usg24.com
67	9

This site contains links to these domains. Also see Links.

Domain
maps.app.goo.gl

Subject Issuer	Validity	Valid
www.usg24.com R10	`2024-10-28` - `2025-01-26`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-07` - `2024-11-05`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-01-31` - `2025-03-01`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://promo2.usg24.com/
Frame ID: B83DF08B0BA827226735373AA0279C82
Requests: 66 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fpromo2.usg24.com
Frame ID: BEEDBC4DC96040C72FC0203159790A49
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WooCommerce (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

/woocommerce(?:\.min)?\.js(?:\?ver=([0-9.]+))?

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Lightbox (JavaScript Libraries) Expand

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

67
Requests

99 %
HTTPS

40 %
IPv6

8
Domains

9
Subdomains

11
IPs

5
Countries

3503 kB
Transfer

4860 kB
Size

13
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://maps.app.goo.gl/QTVJBMmMS3vX4J398
Title: ul. Młynarska 42, 3 piętro 01-171 Warszawa Mapa

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

67 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
promo2.usg24.com/ 55 KB
12 KB 2642ms
2484ms Document
text/html 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache / PHP/7.4
Resource Hash: 8b4cd984f84e69fb324579ccce514a950d27a39792daebbff0c4c33403cdbe99

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 29 Oct 2024 00:33:32 GMT
link: <https://promo2.usg24.com/wp-json/>; rel="https://api.w.org/" <https://promo2.usg24.com/wp-json/wp/v2/pages/11>; rel="alternate"; title="JSON"; type="application/json" <https://promo2.usg24.com/>; rel=shortlink
server: Apache
vary: Accept-Encoding
x-powered-by: PHP/7.4

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 286 KB
98 KB 215ms
77ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-16738496991

Requested by

Host: promo2.usg24.com
URL: https://promo2.usg24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

29ab1b2d9b3c0f178b5f34685773ed7f8d22ea01c4c0bc8f49edc283aecb8c87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 29 Oct 2024 00:33:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 29 Oct 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 99931
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 style.min.css
promo2.usg24.com/wp-includes/css/dist/block-library/ 110 KB
15 KB 55ms
44ms Stylesheet
text/css 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://promo2.usg24.com/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 14840
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: text/css
last-modified: Mon, 28 Oct 2024 14:17:27 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 woocommerce-layout.css
promo2.usg24.com/wp-content/plugins/woocommerce/assets/css/ 17 KB
3 KB 31ms
20ms Stylesheet
text/css 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://promo2.usg24.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=9.3.3
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: f3025cb2afeb54d4dcb1ca02606b0e2e48639ee78a9d55ef4e9a80767351e118

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 2573
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: text/css
last-modified: Mon, 28 Oct 2024 14:17:31 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 woocommerce.css
promo2.usg24.com/wp-content/plugins/woocommerce/assets/css/ 76 KB
10 KB 54ms
43ms Stylesheet
text/css 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://promo2.usg24.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=9.3.3
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: ba33b6d2718d63b3b2e0727e8bfd2a720979f1e704eb34581edb98881aca6596

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 9992
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: text/css
last-modified: Mon, 28 Oct 2024 14:17:31 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 style.css
promo2.usg24.com/wp-content/themes/usg/ 16 KB
5 KB 31ms
20ms Stylesheet
text/css 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://promo2.usg24.com/wp-content/themes/usg/style.css?ver=0.2
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 8fec0d5196eb47b69161ca451738b358f1323b2fe9743e7438f777c8dd1cf24c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 4459
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: text/css
last-modified: Mon, 28 Oct 2024 14:17:30 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 base.css
promo2.usg24.com/wp-content/themes/usg/assets/css/ 13 KB
2 KB 34ms
23ms Stylesheet
text/css 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://promo2.usg24.com/wp-content/themes/usg/assets/css/base.css?ver=0.2
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 9f1e529b4c2de15c4210443d84f04a166355f83cd972335c0be9cc6afdb76f45

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 1567
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: text/css
last-modified: Mon, 28 Oct 2024 14:17:30 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 layout.css
promo2.usg24.com/wp-content/themes/usg/assets/css/ 6 KB
2 KB 32ms
21ms Stylesheet
text/css 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://promo2.usg24.com/wp-content/themes/usg/assets/css/layout.css?ver=0.2
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 7aec4e091f5e27a2babdee7d41b46ad320df3a4808534da51dc29917f40ab239

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 1456
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: text/css
last-modified: Mon, 28 Oct 2024 14:17:30 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 front-page.css
promo2.usg24.com/wp-content/themes/usg/assets/css/ 8 KB
2 KB 32ms
22ms Stylesheet
text/css 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://promo2.usg24.com/wp-content/themes/usg/assets/css/front-page.css?ver=0.2
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: c3b6c223c0511eaf1f4ff76ca25f587ec25867c17bbc6fcab4beeb041d7f216e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 2067
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: text/css
last-modified: Mon, 28 Oct 2024 14:17:30 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 owl.carousel.min.css
promo2.usg24.com/wp-content/themes/usg/assets/owl-carousel/ 3 KB
1 KB 30ms
20ms Stylesheet
text/css 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://promo2.usg24.com/wp-content/themes/usg/assets/owl-carousel/owl.carousel.min.css?ver=2.3.4
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 1068
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: text/css
last-modified: Mon, 28 Oct 2024 14:17:30 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 owl.theme.default.min.css
promo2.usg24.com/wp-content/themes/usg/assets/owl-carousel/ 1013 B
692 B 31ms
21ms Stylesheet
text/css 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://promo2.usg24.com/wp-content/themes/usg/assets/owl-carousel/owl.theme.default.min.css?ver=2.3.4
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 479
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: text/css
last-modified: Mon, 28 Oct 2024 14:17:30 GMT
server: Apache
vary: Accept-Encoding

GET
H3 200 lightbox.min.css
cdnjs.cloudflare.com/ajax/libs/lightbox2/2.11.3/css/ 2 KB
1 KB 159ms
57ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lightbox2/2.11.3/css/lightbox.min.css?ver=6.6.2

Requested by

Host: promo2.usg24.com
URL: https://promo2.usg24.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b41c65a254473fdb8cb0414a564fa193ffde90e9573a2c4b2afc9ee56d964797

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5f093668-9e4"
age: 370730
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ostdC8nsOqBbpt55kzovv9K3vAbH9qJ7cc3H10CfxYUTjWG8IZCndd7XlRAA0N0Uuw9i%2BoGin5hW7VuyLoq9DJnT1uaIIJidur0UNwk%2FZEof0%2BFJXqUsk8ZBKaq8A31ayEceM40w"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 19 Oct 2025 00:33:32 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 11 Jul 2020 03:47:52 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d9f13218c65792d-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 683
server: cloudflare

GET
H2 200 checkout.css
promo2.usg24.com/wp-content/themes/usg/assets/css/ 3 KB
1 KB 32ms
22ms Stylesheet
text/css 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://promo2.usg24.com/wp-content/themes/usg/assets/css/checkout.css?ver=0.2
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: d3c2f409caabf0a0814b79b9472e0f433704aa79677cbec703e11fbfdfb13df2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 828
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: text/css
last-modified: Mon, 28 Oct 2024 14:17:30 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 jquery.min.js Show response
promo2.usg24.com/wp-includes/js/jquery/ 86 KB
30 KB 53ms
44ms Script
application/javascript 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://promo2.usg24.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 30368
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 14:17:26 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 jquery-migrate.min.js Show response
promo2.usg24.com/wp-includes/js/jquery/ 13 KB
5 KB 52ms
43ms Script
application/javascript 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://promo2.usg24.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 4872
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 14:17:26 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 jquery.blockUI.min.js Show response
promo2.usg24.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/ 9 KB
4 KB 228ms
155ms Script
application/javascript 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://promo2.usg24.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.9.3.3
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: d151f8c0b2659cfb63704d68654ad8d9437ae9da4410536f63ddec21689a0620

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 3537
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 14:17:34 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 js.cookie.min.js Show response
promo2.usg24.com/wp-content/plugins/woocommerce/assets/js/js-cookie/ 2 KB
1 KB 177ms
104ms Script
application/javascript 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://promo2.usg24.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.9.3.3
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 8b083f64f2e9e8ac445c730dfce7013cc6449ce155fd1c2f42b60edba4ecb4b1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 833
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 14:17:33 GMT
server: Apache
vary: Accept-Encoding

GET 52564ec1-e9dc-448a-a219-ede9df103d75
https://promo2.usg24.com/ Frame 0
0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 203 KB
72 KB 123ms
45ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WF2Z3DG2

Requested by

Host: promo2.usg24.com
URL: https://promo2.usg24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

189df492939b1576f8225aa0f1c36c3bac3d929b0cbe62132afee727a36891d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 29 Oct 2024 00:33:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 29 Oct 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 73575
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 woocommerce-smallscreen.css
promo2.usg24.com/wp-content/plugins/woocommerce/assets/css/ 7 KB
1 KB 335ms
271ms Stylesheet
text/css 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://promo2.usg24.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=9.3.3
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 401373c6cddfc333e45314482184906a357ae96d1fccd5ef6c40d8b7656e7349

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 1181
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: text/css
last-modified: Mon, 28 Oct 2024 14:17:31 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 woocommerce.min.js Show response
promo2.usg24.com/wp-content/plugins/woocommerce/assets/js/frontend/ 3 KB
1 KB 157ms
85ms Script
application/javascript 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://promo2.usg24.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=9.3.3
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 76fdc566a522dfae7370c5fd56be04ebbf48c53480523aabdefcb48b69eed168

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 1128
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 14:17:34 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 cropped-icon.png
promo2.usg24.com/wp-content/uploads/2024/09/ 2 KB
2 KB 84ms
36ms Image
image/png 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo2.usg24.com/wp-content/uploads/2024/09/cropped-icon.png
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: fc0a6c38fba1c841f15b1c8fc4b0ac42a9517458fd275ff13f4b739cdede18eb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 1784
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: image/png
last-modified: Mon, 28 Oct 2024 14:17:29 GMT
server: Apache

GET
H2 200 vertical-divider-header.svg
promo2.usg24.com/wp-content/themes/usg/assets/images/ 166 B
349 B 84ms
36ms Image
image/svg+xml 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo2.usg24.com/wp-content/themes/usg/assets/images/vertical-divider-header.svg
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: c86da726511b864b924e4da942ccd54d52eb28715961e7175ecdd240a6490f26

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 166
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Oct 2024 14:17:30 GMT
server: Apache

GET
H2 200 IMG_8777-scaled.jpg
promo2.usg24.com/wp-content/uploads/2024/09/ 456 KB
457 KB 85ms
8ms Image
image/jpeg 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo2.usg24.com/wp-content/uploads/2024/09/IMG_8777-scaled.jpg
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 1ccf3b8d8f87dbb976c6b953f3439b19366d1d0ca46fe9c4b64932f78814c729

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 467007
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: image/jpeg
last-modified: Mon, 28 Oct 2024 14:17:29 GMT
server: Apache

GET
H2 200 IMG_8855-scaled.jpg
promo2.usg24.com/wp-content/uploads/2024/09/ 373 KB
374 KB 96ms
19ms Image
image/jpeg 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo2.usg24.com/wp-content/uploads/2024/09/IMG_8855-scaled.jpg
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 0458cf52804d9a6d890d6f6718c03774388d7d7741a0d0108ce69a3736aa3ee2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 382101
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: image/jpeg
last-modified: Mon, 28 Oct 2024 14:17:29 GMT
server: Apache

GET
H2 200 IMG_8821-scaled.jpg
promo2.usg24.com/wp-content/uploads/2024/09/ 294 KB
295 KB 99ms
27ms Image
image/jpeg 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo2.usg24.com/wp-content/uploads/2024/09/IMG_8821-scaled.jpg
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 5285204af1dc13a225f27a5145e0749648377c74c923235d45927fe854bdcfff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 301347
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: image/jpeg
last-modified: Mon, 28 Oct 2024 14:17:29 GMT
server: Apache

GET
H2 200 IMG_8826-scaled.jpg
promo2.usg24.com/wp-content/uploads/2024/09/ 332 KB
333 KB 107ms
35ms Image
image/jpeg 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo2.usg24.com/wp-content/uploads/2024/09/IMG_8826-scaled.jpg
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: f518e33de9d9c0c5850151264a00b65a7063907dfac3a7496524fc9a4c2a6366

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 340420
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: image/jpeg
last-modified: Mon, 28 Oct 2024 14:17:29 GMT
server: Apache

GET
H2 200 prev.svg
promo2.usg24.com/wp-content/themes/usg/assets/images/ 230 B
413 B 212ms
141ms Image
image/svg+xml 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo2.usg24.com/wp-content/themes/usg/assets/images/prev.svg
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 91b3b6f76d8fd6df93ca40b8bd91c2788ca1afb1d6159012770f6c6ce41d04e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 230
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Oct 2024 14:17:30 GMT
server: Apache

GET
H2 200 next.svg
promo2.usg24.com/wp-content/themes/usg/assets/images/ 228 B
411 B 149ms
78ms Image
image/svg+xml 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo2.usg24.com/wp-content/themes/usg/assets/images/next.svg
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 1dfb731967f3b507df8bc1ea2c2e8a350d0b3e0a035e07911cf1157da5914f4c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 228
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Oct 2024 14:17:30 GMT
server: Apache

GET
H2 200 star.svg
promo2.usg24.com/wp-content/themes/usg/assets/images/ 764 B
947 B 180ms
113ms Image
image/svg+xml 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo2.usg24.com/wp-content/themes/usg/assets/images/star.svg
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: f922f6fadcc115468259d3dfc834ade83fe0f6157cf837af790b3d476de8a379

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 764
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Oct 2024 14:17:30 GMT
server: Apache

GET
H2 200 map-pin.svg
promo2.usg24.com/wp-content/themes/usg/assets/images/ 882 B
1 KB 117ms
51ms Image
image/svg+xml 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo2.usg24.com/wp-content/themes/usg/assets/images/map-pin.svg
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 80ec9e26829a7955cd1921ead643720c7de7c659f83b27c3b085e5ac2f31d3c8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 882
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Oct 2024 14:17:30 GMT
server: Apache

GET
H2 200 tel.svg
promo2.usg24.com/wp-content/themes/usg/assets/images/ 620 B
803 B 336ms
270ms Image
image/svg+xml 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo2.usg24.com/wp-content/themes/usg/assets/images/tel.svg
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: c9f3e7c0524c71cf199fb2cd276cde805b71088fcb49a90f8804ecd3b2f54753

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 620
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Oct 2024 14:17:30 GMT
server: Apache

GET
H2 200 arrow-badanie.svg
promo2.usg24.com/wp-content/themes/usg/assets/images/ 277 B
460 B 335ms
269ms Image
image/svg+xml 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo2.usg24.com/wp-content/themes/usg/assets/images/arrow-badanie.svg
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 7b1c8edb15a6b30f6e59cbfa3303d94a6298e0254768a74c11125109f94d5c78

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 277
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Oct 2024 14:17:30 GMT
server: Apache

GET
H2 200 arrow-up.svg
promo2.usg24.com/wp-content/themes/usg/assets/images/ 213 B
396 B 320ms
255ms Image
image/svg+xml 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo2.usg24.com/wp-content/themes/usg/assets/images/arrow-up.svg
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 8857e20572e3767d6c8e82c13817bfddf5da32f9c25fb7249db027985cdff542

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 213
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Oct 2024 14:17:30 GMT
server: Apache

GET
H2 200 close-description.svg
promo2.usg24.com/wp-content/themes/usg/assets/images/ 333 B
516 B 331ms
266ms Image
image/svg+xml 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo2.usg24.com/wp-content/themes/usg/assets/images/close-description.svg
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 0ec5fdee124e48f12672e1298748386920e7f0ec6bc3f47b3e96996c9189f4d0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 333
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Oct 2024 14:17:30 GMT
server: Apache

GET
H2 200 wc-blocks.css
promo2.usg24.com/wp-content/plugins/woocommerce/assets/client/blocks/ 12 KB
3 KB 180ms
104ms Stylesheet
text/css 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://promo2.usg24.com/wp-content/plugins/woocommerce/assets/client/blocks/wc-blocks.css?ver=wc-9.3.3
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 0f5e407c16d45ffafdfe0f16c8cc22707e80f3ea43cd3b8b4cbc405f57b7eb17

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 2556
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: text/css
last-modified: Mon, 28 Oct 2024 14:17:32 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 main.js Show response
promo2.usg24.com/wp-content/themes/usg/assets/js/ 727 B
466 B 104ms
27ms Script
application/javascript 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://promo2.usg24.com/wp-content/themes/usg/assets/js/main.js?ver=0.2
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 3ab35944bad7313dcf1f2051599c75903582fbf2d54daa0316d62d7877773dd1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 243
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 14:17:30 GMT
server: Apache
vary: Accept-Encoding

GET
H3 200 jquery.mask.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/ 8 KB
4 KB 86ms
72ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js?ver=1.14.16

Requested by

Host: promo2.usg24.com
URL: https://promo2.usg24.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec3-2087"
age: 2234151
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w2oEFIJqBqplBHJBJQHfRUugTnY9aeQl%2BjkhgUGaz0%2Fl4oR9VnVJ8g4YOwAu8FIrfzj7oWv4KdKazmobkvMDXg7407yE2qbNtfB6SwmOynNrDKUE4sgS%2BtEDXuCL1TTBwielVwi9"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 19 Oct 2025 00:33:32 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:47 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d9f13223c99792d-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3074
server: cloudflare

GET
H2 200 owl.carousel.min.js Show response
promo2.usg24.com/wp-content/themes/usg/assets/owl-carousel/ 43 KB
11 KB 139ms
63ms Script
application/javascript 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://promo2.usg24.com/wp-content/themes/usg/assets/owl-carousel/owl.carousel.min.js?ver=2.3.4
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 11412
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 14:17:30 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 badanie-select.js Show response
promo2.usg24.com/wp-content/themes/usg/assets/js/ 1 KB
653 B 152ms
77ms Script
application/javascript 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://promo2.usg24.com/wp-content/themes/usg/assets/js/badanie-select.js?ver=0.2
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: cc83e8decbe1e95c39fd744e35b07e9f93fb4d36285ec20e9e1bfffe571473ca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 430
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 14:17:30 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 calendar.js Show response
promo2.usg24.com/wp-content/themes/usg/assets/js/ 17 KB
4 KB 179ms
104ms Script
application/javascript 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://promo2.usg24.com/wp-content/themes/usg/assets/js/calendar.js?ver=0.2
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 22ff9fb1eb34847b845f2f47b1ce52303d7fc1d15f0947288d3540bdc17060b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 4030
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 14:17:30 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 order.js Show response
promo2.usg24.com/wp-content/themes/usg/assets/js/ 2 KB
1 KB 126ms
51ms Script
application/javascript 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://promo2.usg24.com/wp-content/themes/usg/assets/js/order.js?ver=0.2
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: f10c9419e7ba95605eacfb639231b7af663ea40b738402e9e398ea02edb46cb0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 865
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 14:17:30 GMT
server: Apache
vary: Accept-Encoding

GET
H3 200 lightbox.min.js Show response
cdnjs.cloudflare.com/ajax/libs/lightbox2/2.11.3/js/ 9 KB
3 KB 83ms
65ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lightbox2/2.11.3/js/lightbox.min.js

Requested by

Host: promo2.usg24.com
URL: https://promo2.usg24.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18b528527b6032b3510f50941de3acd9933fcb99964d6c47966380f42ac28f23

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5f093668-250b"
age: 614981
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zHMngf6VDRamL1h7Zxsi%2BVxyef5mvISazh8xt6Es0vjG2jwXitoAgCa1OahsPfSolqlqTHQPX1POP3z7LoJQpXTaAk8NkY4Ki8QUKROgh0s%2BCJKpEP2FhQTsiQgLQojH7oKMH210"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 19 Oct 2025 00:33:32 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 11 Jul 2020 03:47:52 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d9f13224c9d792d-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2495
server: cloudflare

GET
H2 200 lightbox.js Show response
promo2.usg24.com/wp-content/themes/usg/assets/js/ 44 B
231 B 137ms
63ms Script
application/javascript 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://promo2.usg24.com/wp-content/themes/usg/assets/js/lightbox.js?ver=0.2
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 018826a288bc98681e8255235fd6f8775570f8b32c89964909d107ce90b740b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 44
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 14:17:30 GMT
server: Apache

GET
H2 200 sourcebuster.min.js Show response
promo2.usg24.com/wp-content/plugins/woocommerce/assets/js/sourcebuster/ 15 KB
5 KB 187ms
113ms Script
application/javascript 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://promo2.usg24.com/wp-content/plugins/woocommerce/assets/js/sourcebuster/sourcebuster.min.js?ver=9.3.3
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: c50a0b33030ba0ec063be642c297f48af94359e2222ff140817248d591faf837

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 4807
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 14:17:34 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 order-attribution.min.js Show response
promo2.usg24.com/wp-content/plugins/woocommerce/assets/js/frontend/ 2 KB
1 KB 213ms
140ms Script
application/javascript 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://promo2.usg24.com/wp-content/plugins/woocommerce/assets/js/frontend/order-attribution.min.js?ver=9.3.3
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 363aa2d4106f0f661a989977347dc0a55b612de18d3c0247cecc0ca725f98270

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 1137
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 14:17:34 GMT
server: Apache
vary: Accept-Encoding

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 229 KB
58 KB 115ms
44ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: promo2.usg24.com
URL: https://promo2.usg24.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

668c6828672fa8600b7a0632cb328ee63a31361be6734987b04985fcd9d08d4f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-ryMWKDJt' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-ryMWKDJt' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=23, mss=1232, tbw=4449, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: Go/uJSMSU0WWEY2M0WZ56HowXQY9y+YZrOvEStsXXZ6K5RGxhKgcOVWnhrlgwv48KQVEQNgRS98cQlOJubkj+A==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59722
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 hotjar-5159107.js Show response
static.hotjar.com/c/ 13 KB
6 KB 241ms
62ms Script
application/javascript 18.66.102.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-5159107.js?sv=6

Requested by

Host: promo2.usg24.com
URL: https://promo2.usg24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-53.fra56.r.cloudfront.net

Software

Resource Hash

e73f04e958918b7685244ad9830a29f53fd5e1ba8de93867408f4515609c5800

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
content-encoding: br
etag: W/b93a5c4745410c4e75f4f2644ee53fbd
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-cache-hit: 1
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: RefreshHit from cloudfront
x-amz-cf-id: dAEWiFBm1uPg5PSCjwzmKBkFlSyQv77KniHVb3_o101-VOc8WJXx7w==
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-amz-cf-pop: FRA56-P2

GET
H2 200 bg.jpg
promo2.usg24.com/wp-content/themes/usg/assets/images/ 1 MB
1 MB 82ms
18ms Image
image/jpeg 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo2.usg24.com/wp-content/themes/usg/assets/images/bg.jpg
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/wp-content/themes/usg/assets/css/base.css?ver=0.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 0b2c9b1a38252efb8d36e2498f23ec1e8fb0dd4fcd4a6f720f6fb7d1c465850b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/wp-content/themes/usg/assets/css/base.css?ver=0.2

Response headers

cache-control: max-age=900
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 1325956
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: image/jpeg
last-modified: Mon, 28 Oct 2024 14:17:30 GMT
server: Apache

GET
H2 200 HelveticaNowDisplay-Medium.woff2
promo2.usg24.com/wp-content/themes/usg/assets/fonts/ 44 KB
44 KB 233ms
209ms Font
application/octet-stream 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://promo2.usg24.com/wp-content/themes/usg/assets/fonts/HelveticaNowDisplay-Medium.woff2
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/wp-content/themes/usg/assets/css/base.css?ver=0.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 9cfeb6c40f95f80700bffdfd637b4173fbf01578368e76b4be69d1ebe8fa12fb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://promo2.usg24.com
Referer: https://promo2.usg24.com/wp-content/themes/usg/assets/css/base.css?ver=0.2

Response headers

accept-ranges: bytes
content-length: 45228
date: Tue, 29 Oct 2024 00:33:32 GMT
last-modified: Mon, 28 Oct 2024 14:17:30 GMT
server: Apache

GET
H2 200 HelveticaNowDisplay-ExtLt.woff2
promo2.usg24.com/wp-content/themes/usg/assets/fonts/ 44 KB
44 KB 233ms
209ms Font
application/octet-stream 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://promo2.usg24.com/wp-content/themes/usg/assets/fonts/HelveticaNowDisplay-ExtLt.woff2
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/wp-content/themes/usg/assets/css/base.css?ver=0.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 69306c48312cc8d64f9e1f0d74b4b154ba49374129f28001857ca0a8d6d39938

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://promo2.usg24.com
Referer: https://promo2.usg24.com/wp-content/themes/usg/assets/css/base.css?ver=0.2

Response headers

accept-ranges: bytes
content-length: 44548
date: Tue, 29 Oct 2024 00:33:32 GMT
last-modified: Mon, 28 Oct 2024 14:17:30 GMT
server: Apache

GET
H2 200 HelveticaNowDisplay-Bold.woff2
promo2.usg24.com/wp-content/themes/usg/assets/fonts/ 44 KB
44 KB 232ms
208ms Font
application/octet-stream 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://promo2.usg24.com/wp-content/themes/usg/assets/fonts/HelveticaNowDisplay-Bold.woff2
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/wp-content/themes/usg/assets/css/base.css?ver=0.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 881c8fe53abc786c4895b551883e55a87f13ebd42c47dbf3ce0e0db76fda4b93

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://promo2.usg24.com
Referer: https://promo2.usg24.com/wp-content/themes/usg/assets/css/base.css?ver=0.2

Response headers

accept-ranges: bytes
content-length: 45332
date: Tue, 29 Oct 2024 00:33:32 GMT
last-modified: Mon, 28 Oct 2024 14:17:30 GMT
server: Apache

GET
H2 200 wp-emoji-release.min.js Show response
promo2.usg24.com/wp-includes/js/ 18 KB
5 KB 152ms
133ms Script
application/javascript 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://promo2.usg24.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.2
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 5062
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 14:17:27 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 HelveticaNowDisplay-Regular.woff2
promo2.usg24.com/wp-content/themes/usg/assets/fonts/ 41 KB
41 KB 16ms
16ms Font
application/octet-stream 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://promo2.usg24.com/wp-content/themes/usg/assets/fonts/HelveticaNowDisplay-Regular.woff2
Requested by: Host: promo2.usg24.com
URL: https://promo2.usg24.com/wp-content/themes/usg/assets/css/base.css?ver=0.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 9359d55c433519fe06127751f0888f14289b03ae888e4652098ddd4f7f2a81fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://promo2.usg24.com
Referer: https://promo2.usg24.com/wp-content/themes/usg/assets/css/base.css?ver=0.2

Response headers

accept-ranges: bytes
content-length: 41644
date: Tue, 29 Oct 2024 00:33:32 GMT
last-modified: Mon, 28 Oct 2024 14:17:30 GMT
server: Apache

GET
H3 200 prev.png
cdnjs.cloudflare.com/ajax/libs/lightbox2/2.11.3/images/ 1 KB
2 KB 63ms
47ms Image
image/png 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lightbox2/2.11.3/images/prev.png

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/lightbox2/2.11.3/css/lightbox.min.css?ver=6.6.2

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdnjs.cloudflare.com/ajax/libs/lightbox2/2.11.3/css/lightbox.min.css?ver=6.6.2

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5f093668-550"
age: 451503
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iHMlq9BRygjNCaO9uggAcQNS%2BaJnNRwimTR35xK8skCeqnJZZF9dKoWKfgQoiBpZI2pbdVIffPYdD67XezCcT1b%2BccnbPGY0CdS4icwJmAHOkn%2BE79m5rsAURORoFQnXcDl6wsVc"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 19 Oct 2025 00:33:33 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Oct 2024 00:33:33 GMT
content-type: image/png; charset=utf-8
last-modified: Sat, 11 Jul 2020 03:47:52 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d9f1325ae54792d-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1359
server: cloudflare

GET
H3 200 next.png
cdnjs.cloudflare.com/ajax/libs/lightbox2/2.11.3/images/ 1 KB
2 KB 63ms
47ms Image
image/png 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lightbox2/2.11.3/images/next.png

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/lightbox2/2.11.3/css/lightbox.min.css?ver=6.6.2

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdnjs.cloudflare.com/ajax/libs/lightbox2/2.11.3/css/lightbox.min.css?ver=6.6.2

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5f093668-546"
age: 455582
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=brXNyI19eFvZgdiFU2NZEVUV%2FelaSILKgpUnDhufOZBXo%2FsDZefDTPchHYzaUQn9z7Y2FU7j1gXs1MomWPNP%2BJ3oSKWLnZXJTwuJeIweIugDxApdLV%2F7RGaAIz1voqG2aZ0GArkR"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 19 Oct 2025 00:33:33 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Oct 2024 00:33:33 GMT
content-type: image/png; charset=utf-8
last-modified: Sat, 11 Jul 2020 03:47:52 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d9f1325ae55792d-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1351
server: cloudflare

GET
H3 200 loading.gif
cdnjs.cloudflare.com/ajax/libs/lightbox2/2.11.3/images/ 8 KB
8 KB 63ms
47ms Image
image/gif 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lightbox2/2.11.3/images/loading.gif

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/lightbox2/2.11.3/css/lightbox.min.css?ver=6.6.2

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdnjs.cloudflare.com/ajax/libs/lightbox2/2.11.3/css/lightbox.min.css?ver=6.6.2

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5f093668-211c"
age: 459093
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vq2pMRSqEBZ3YyoL3C0YJ1DGijKK8OTgSYUDiP7TtSRku0chZlS8GaBp%2BQtYHg3BPN4xXMu%2BZq%2FGBKi0e4lEDus3gGevEF33%2FE%2FW170dVnKlidNDx5ngfJd2hwOZTFaatqFKdcWp"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 19 Oct 2025 00:33:33 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Oct 2024 00:33:33 GMT
content-type: image/gif; charset=utf-8
last-modified: Sat, 11 Jul 2020 03:47:52 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d9f1325ae58792d-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7695
server: cloudflare

GET
H3 200 close.png
cdnjs.cloudflare.com/ajax/libs/lightbox2/2.11.3/images/ 280 B
872 B 62ms
46ms Image
image/png 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lightbox2/2.11.3/images/close.png

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/lightbox2/2.11.3/css/lightbox.min.css?ver=6.6.2

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdnjs.cloudflare.com/ajax/libs/lightbox2/2.11.3/css/lightbox.min.css?ver=6.6.2

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5f093668-118"
age: 370871
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eUQYeg9tyfYhytlcAQuTcBqGLrYfGvmBbX8DCODhzPiytHoXyB3izxDGWGZT1BN2%2FNRgHGhKrY1J3u4VM7amlZHC%2Bez7wYa8S5T4FOuDDRiqCWdlnLNIUqxR%2FN4JmnT18dl3hhOM"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 19 Oct 2025 00:33:33 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Oct 2024 00:33:33 GMT
content-type: image/png; charset=utf-8
last-modified: Sat, 11 Jul 2020 03:47:52 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d9f1325ae5a792d-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 284
server: cloudflare

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
H2 200 modules.625495a901d247c3e8d4.js Show response
script.hotjar.com/ 221 KB
55 KB 258ms
46ms Script
application/javascript 13.33.187.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.625495a901d247c3e8d4.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-5159107.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.187.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-187-109.fra60.r.cloudfront.net

Software

Resource Hash

c0d57eff0936a57e0c8d6bc93314585c734e5ade88d6de970e1e305ae5d87224

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

x-robots-tag: none
content-encoding: br
etag: "862c1be6e71cd836a43ce679991261fd"
age: 30627
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: Tph2eGtEaLFA5Xy2BzpCZ-6NDrhFIlm4ZLYFPGQpZHhHEPwcc0nCSg==
date: Mon, 28 Oct 2024 16:03:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 28 Oct 2024 16:02:55 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 2ad26f5878b778b17955978bf962dc9a.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56056
x-amz-cf-pop: FRA60-P9

GET
H3 200 858479313096348 Show response
connect.facebook.net/signals/config/ 69 KB
14 KB 134ms
133ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/858479313096348?v=2.9.174&r=stable&domain=promo2.usg24.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

8162d493e0d86162249fdcebed4e06de25254d5df5f6c5f9a4558a83846483f0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-O57eyAaW' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Oct 2024 00:33:33 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-O57eyAaW' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=33, rtx=0, c=73, mss=1232, tbw=67921, tp=64, tpl=0, uplat=86, ullat=0
pragma: public
x-fb-debug: q4Wqp0Qypr7N72I38l7iqkzSa7UBTwR+l0cR3x2yT4MAqlVeIzOHbtPGw57voiGUv1oRWOgrxLLtn7cEsWnwrA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 338 KB
111 KB 66ms
66ms Script
application/javascript 142.250.186.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H84Q3C2GDD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF2Z3DG2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d519535f8b351770fd7bee02443f4308f05a260b2d81713f61c370158b9cb901

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 29 Oct 2024 00:33:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 00:33:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 113706
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 265ms
25ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=858479313096348&ev=PageView&dl=https%3A%2F%2Fpromo2.usg24.com&rl=&if=false&ts=1730162013860&sw=1600&sh=1200&v=2.9.174&r=stable&ec=0&o=12316&fbp=fb.1.1730162013857.262570786649670954&pm=1&hrl=527c51&ler=empty&cdl=API_unavailable&it=1730162013206&coo=false&cs_cc=1&cas=8845576345473199%2C26856079367341172&rqm=GET

Requested by

Host: promo2.usg24.com
URL: https://promo2.usg24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=10, mss=1297, tbw=2908, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 29 Oct 2024 00:33:34 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 447ms
206ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=858479313096348&ev=PageView&dl=https%3A%2F%2Fpromo2.usg24.com&rl=&if=false&ts=1730162013860&sw=1600&sh=1200&v=2.9.174&r=stable&ec=0&o=12316&fbp=fb.1.1730162013857.262570786649670954&pm=1&hrl=527c51&ler=empty&cdl=API_unavailable&it=1730162013206&coo=false&cs_cc=1&cas=8845576345473199%2C26856079367341172&rqm=FGET

Requested by

Host: promo2.usg24.com
URL: https://promo2.usg24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7430989268645994827"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Oct 2024 00:33:34 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: CJeGQnzXlW1gucEQsdMRnwGIr26mjOfaZ2GArH1FdtGPbePEa7p1J5RCFVDTVER0d03wjfs+yjXxpgR1ZEQPNg==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7430989268645994827", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=10, mss=1297, tbw=3226, tp=-1, tpl=-1, uplat=177, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

POST
H2 200 / Show response
content.hotjar.io/ 56 B
171 B 1223ms
75ms XHR
application/json 54.72.94.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?site_id=5159107&gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.625495a901d247c3e8d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.72.94.65 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-94-65.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3845abc3b0f95abc1f2df381a8368ba3b37876960b39d50cec390000ecc7323b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8
Referer: https://promo2.usg24.com/

Response headers

access-control-max-age: 86400
access-control-allow-origin: *
content-length: 56
date: Tue, 29 Oct 2024 00:33:35 GMT
content-type: application/json

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame BEED 0
0 103ms
39ms Document
text/html 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fpromo2.usg24.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16738496991

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Oct 2024 00:33:34 GMT
expires: Wed, 29 Oct 2025 00:33:34 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 581ms
34ms Fetch
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-H84Q3C2GDD&gtm=45je4ao0v9196910296z89196217468za200zb9196217468&_p=1730162012416&gcd=13l3l3l2l1l1&npa=1&dma=0&tag_exp=101533421~101823848~101925629&cid=177229244.1730162014&ul=fr-fr&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730162014&sct=1&seg=0&dl=https%3A%2F%2Fpromo2.usg24.com%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4875
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H84Q3C2GDD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://promo2.usg24.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 00:33:35 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 cropped-icon.png
promo2.usg24.com/wp-content/uploads/2024/09/ 2 KB
0 241ms
240ms Other
image/png 2001:41d0:301:5::30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://promo2.usg24.com/wp-content/uploads/2024/09/cropped-icon.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:5::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: fc0a6c38fba1c841f15b1c8fc4b0ac42a9517458fd275ff13f4b739cdede18eb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo2.usg24.com/

Response headers

cache-control: max-age=900
expires: Tue, 29 Oct 2024 00:48:32 GMT
accept-ranges: bytes
content-length: 1784
date: Tue, 29 Oct 2024 00:33:32 GMT
content-type: image/png
last-modified: Mon, 28 Oct 2024 14:17:29 GMT
server: Apache

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: promo2.usg24.com
URL: blob:https://promo2.usg24.com/52564ec1-e9dc-448a-a219-ede9df103d75

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.promo2.usg24.com/	1969-12-31 23:59:59	Name: sbjs_migrations Value: 1418474375998%3D1
.promo2.usg24.com/	1969-12-31 23:59:59	Name: sbjs_current_add Value: fd%3D2024-10-29%2000%3A33%3A32%7C%7C%7Cep%3Dhttps%3A%2F%2Fpromo2.usg24.com%2F%7C%7C%7Crf%3D%28none%29
.promo2.usg24.com/	1969-12-31 23:59:59	Name: sbjs_first_add Value: fd%3D2024-10-29%2000%3A33%3A32%7C%7C%7Cep%3Dhttps%3A%2F%2Fpromo2.usg24.com%2F%7C%7C%7Crf%3D%28none%29
.promo2.usg24.com/	1969-12-31 23:59:59	Name: sbjs_current Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29
.promo2.usg24.com/	1969-12-31 23:59:59	Name: sbjs_first Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29
.promo2.usg24.com/	1969-12-31 23:59:59	Name: sbjs_udata Value: vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F130.0.0.0%20Safari%2F537.36
.promo2.usg24.com/	1970-01-21 00:36:03	Name: sbjs_session Value: pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fpromo2.usg24.com%2F
.usg24.com/	1970-01-21 02:45:38	Name: _gcl_au Value: 1.1.247638558.1730162014
.usg24.com/	1970-01-21 02:45:38	Name: _fbp Value: fb.1.1730162013857.262570786649670954
.usg24.com/	1970-01-21 09:21:38	Name: _hjSessionUser_5159107 Value: eyJpZCI6ImEyN2RmY2VhLWZlNzctNTgzYy1hZTFkLWNhMmFmMGJhZmE4OSIsImNyZWF0ZWQiOjE3MzAxNjIwMTM5MzcsImV4aXN0aW5nIjp0cnVlfQ==
.usg24.com/	1970-01-21 00:36:03	Name: _hjSession_5159107 Value: eyJpZCI6IjYzZjEyZWU3LTY0NDQtNGZkZS1hMDhiLTc3YzQ0MWYyMzMxZCIsImMiOjE3MzAxNjIwMTM5NDcsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.usg24.com/	1970-01-21 10:12:02	Name: _ga_H84Q3C2GDD Value: GS1.1.1730162014.1.0.1730162014.0.0.0
.usg24.com/	1970-01-21 10:12:02	Name: _ga Value: GA1.1.177229244.1730162014

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://promo2.usg24.com/ Message: Mixed Content: The page at 'https://promo2.usg24.com/' was loaded over HTTPS, but requested an insecure element 'http://promo2.usg24.com/wp-content/uploads/2024/09/IMG_8777-scaled.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://promo2.usg24.com/ Message: Mixed Content: The page at 'https://promo2.usg24.com/' was loaded over HTTPS, but requested an insecure element 'http://promo2.usg24.com/wp-content/uploads/2024/09/IMG_8855-scaled.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://promo2.usg24.com/ Message: Mixed Content: The page at 'https://promo2.usg24.com/' was loaded over HTTPS, but requested an insecure element 'http://promo2.usg24.com/wp-content/uploads/2024/09/IMG_8821-scaled.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://promo2.usg24.com/ Message: Mixed Content: The page at 'https://promo2.usg24.com/' was loaded over HTTPS, but requested an insecure element 'http://promo2.usg24.com/wp-content/uploads/2024/09/IMG_8826-scaled.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://promo2.usg24.com/ Message: Mixed Content: The page at 'https://promo2.usg24.com/' was loaded over HTTPS, but requested an insecure element 'http://promo2.usg24.com/wp-content/uploads/2024/09/IMG_8777-scaled.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://promo2.usg24.com/ Message: Mixed Content: The page at 'https://promo2.usg24.com/' was loaded over HTTPS, but requested an insecure element 'http://promo2.usg24.com/wp-content/uploads/2024/09/IMG_8855-scaled.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://promo2.usg24.com/ Message: Mixed Content: The page at 'https://promo2.usg24.com/' was loaded over HTTPS, but requested an insecure element 'http://promo2.usg24.com/wp-content/uploads/2024/09/IMG_8821-scaled.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://promo2.usg24.com/ Message: Mixed Content: The page at 'https://promo2.usg24.com/' was loaded over HTTPS, but requested an insecure element 'http://promo2.usg24.com/wp-content/uploads/2024/09/IMG_8826-scaled.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://promo2.usg24.com/(Line 370) Message: Mixed Content: The page at 'https://promo2.usg24.com/' was loaded over HTTPS, but requested an insecure element 'http://promo2.usg24.com/wp-content/uploads/2024/09/IMG_8777-scaled.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://promo2.usg24.com/(Line 370) Message: Mixed Content: The page at 'https://promo2.usg24.com/' was loaded over HTTPS, but requested an insecure element 'http://promo2.usg24.com/wp-content/uploads/2024/09/IMG_8855-scaled.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://promo2.usg24.com/(Line 370) Message: Mixed Content: The page at 'https://promo2.usg24.com/' was loaded over HTTPS, but requested an insecure element 'http://promo2.usg24.com/wp-content/uploads/2024/09/IMG_8821-scaled.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://promo2.usg24.com/(Line 370) Message: Mixed Content: The page at 'https://promo2.usg24.com/' was loaded over HTTPS, but requested an insecure element 'http://promo2.usg24.com/wp-content/uploads/2024/09/IMG_8826-scaled.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://promo2.usg24.com/(Line 370) Message: Mixed Content: The page at 'https://promo2.usg24.com/' was loaded over HTTPS, but requested an insecure element 'http://promo2.usg24.com/wp-content/uploads/2024/09/IMG_8777-scaled.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://promo2.usg24.com/(Line 370) Message: Mixed Content: The page at 'https://promo2.usg24.com/' was loaded over HTTPS, but requested an insecure element 'http://promo2.usg24.com/wp-content/uploads/2024/09/IMG_8855-scaled.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://promo2.usg24.com/(Line 370) Message: Mixed Content: The page at 'https://promo2.usg24.com/' was loaded over HTTPS, but requested an insecure element 'http://promo2.usg24.com/wp-content/uploads/2024/09/IMG_8821-scaled.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://promo2.usg24.com/(Line 370) Message: Mixed Content: The page at 'https://promo2.usg24.com/' was loaded over HTTPS, but requested an insecure element 'http://promo2.usg24.com/wp-content/uploads/2024/09/IMG_8826-scaled.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
connect.facebook.net
content.hotjar.io
promo2.usg24.com
script.hotjar.com
static.hotjar.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
promo2.usg24.com
104.17.24.14
13.33.187.109
142.250.186.136
157.240.0.6
18.66.102.53
2001:41d0:301:5::30
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2008
2a03:2880:f177:185:face:b00c:0:25de
54.72.94.65
018826a288bc98681e8255235fd6f8775570f8b32c89964909d107ce90b740b2
0458cf52804d9a6d890d6f6718c03774388d7d7741a0d0108ce69a3736aa3ee2
0b2c9b1a38252efb8d36e2498f23ec1e8fb0dd4fcd4a6f720f6fb7d1c465850b
0ec5fdee124e48f12672e1298748386920e7f0ec6bc3f47b3e96996c9189f4d0
0f5e407c16d45ffafdfe0f16c8cc22707e80f3ea43cd3b8b4cbc405f57b7eb17
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
189df492939b1576f8225aa0f1c36c3bac3d929b0cbe62132afee727a36891d9
18b528527b6032b3510f50941de3acd9933fcb99964d6c47966380f42ac28f23
1ccf3b8d8f87dbb976c6b953f3439b19366d1d0ca46fe9c4b64932f78814c729
1dfb731967f3b507df8bc1ea2c2e8a350d0b3e0a035e07911cf1157da5914f4c
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
22ff9fb1eb34847b845f2f47b1ce52303d7fc1d15f0947288d3540bdc17060b4
29ab1b2d9b3c0f178b5f34685773ed7f8d22ea01c4c0bc8f49edc283aecb8c87
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
363aa2d4106f0f661a989977347dc0a55b612de18d3c0247cecc0ca725f98270
3845abc3b0f95abc1f2df381a8368ba3b37876960b39d50cec390000ecc7323b
3ab35944bad7313dcf1f2051599c75903582fbf2d54daa0316d62d7877773dd1
401373c6cddfc333e45314482184906a357ae96d1fccd5ef6c40d8b7656e7349
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5285204af1dc13a225f27a5145e0749648377c74c923235d45927fe854bdcfff
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
668c6828672fa8600b7a0632cb328ee63a31361be6734987b04985fcd9d08d4f
69306c48312cc8d64f9e1f0d74b4b154ba49374129f28001857ca0a8d6d39938
76fdc566a522dfae7370c5fd56be04ebbf48c53480523aabdefcb48b69eed168
7aec4e091f5e27a2babdee7d41b46ad320df3a4808534da51dc29917f40ab239
7b1c8edb15a6b30f6e59cbfa3303d94a6298e0254768a74c11125109f94d5c78
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
80ec9e26829a7955cd1921ead643720c7de7c659f83b27c3b085e5ac2f31d3c8
8162d493e0d86162249fdcebed4e06de25254d5df5f6c5f9a4558a83846483f0
881c8fe53abc786c4895b551883e55a87f13ebd42c47dbf3ce0e0db76fda4b93
8857e20572e3767d6c8e82c13817bfddf5da32f9c25fb7249db027985cdff542
8b083f64f2e9e8ac445c730dfce7013cc6449ce155fd1c2f42b60edba4ecb4b1
8b4cd984f84e69fb324579ccce514a950d27a39792daebbff0c4c33403cdbe99
8fec0d5196eb47b69161ca451738b358f1323b2fe9743e7438f777c8dd1cf24c
91b3b6f76d8fd6df93ca40b8bd91c2788ca1afb1d6159012770f6c6ce41d04e8
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
9359d55c433519fe06127751f0888f14289b03ae888e4652098ddd4f7f2a81fc
9cfeb6c40f95f80700bffdfd637b4173fbf01578368e76b4be69d1ebe8fa12fb
9f1e529b4c2de15c4210443d84f04a166355f83cd972335c0be9cc6afdb76f45
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b41c65a254473fdb8cb0414a564fa193ffde90e9573a2c4b2afc9ee56d964797
ba33b6d2718d63b3b2e0727e8bfd2a720979f1e704eb34581edb98881aca6596
c0d57eff0936a57e0c8d6bc93314585c734e5ade88d6de970e1e305ae5d87224
c3b6c223c0511eaf1f4ff76ca25f587ec25867c17bbc6fcab4beeb041d7f216e
c50a0b33030ba0ec063be642c297f48af94359e2222ff140817248d591faf837
c86da726511b864b924e4da942ccd54d52eb28715961e7175ecdd240a6490f26
c9f3e7c0524c71cf199fb2cd276cde805b71088fcb49a90f8804ecd3b2f54753
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc83e8decbe1e95c39fd744e35b07e9f93fb4d36285ec20e9e1bfffe571473ca
d151f8c0b2659cfb63704d68654ad8d9437ae9da4410536f63ddec21689a0620
d3c2f409caabf0a0814b79b9472e0f433704aa79677cbec703e11fbfdfb13df2
d519535f8b351770fd7bee02443f4308f05a260b2d81713f61c370158b9cb901
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73f04e958918b7685244ad9830a29f53fd5e1ba8de93867408f4515609c5800
f10c9419e7ba95605eacfb639231b7af663ea40b738402e9e398ea02edb46cb0
f3025cb2afeb54d4dcb1ca02606b0e2e48639ee78a9d55ef4e9a80767351e118
f518e33de9d9c0c5850151264a00b65a7063907dfac3a7496524fc9a4c2a6366
f922f6fadcc115468259d3dfc834ade83fe0f6157cf837af790b3d476de8a379
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
fc0a6c38fba1c841f15b1c8fc4b0ac42a9517458fd275ff13f4b739cdede18eb

promo2.usg24.com Open in urlscan Pro 2001:41d0:301:5::30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

67 Requests

99 %HTTPS

40 %IPv6

8 Domains

9 Subdomains

11 IPs

5 Countries

3503 kBTransfer

4860 kBSize

13 Cookies

1 Outgoing links

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

promo2.usg24.com Open in urlscan Pro
2001:41d0:301:5::30 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

99 %
HTTPS

40 %
IPv6

8
Domains

9
Subdomains

11
IPs

5
Countries

3503 kB
Transfer

4860 kB
Size

13
Cookies

67 HTTP transactions
1 data transactions