urlscan.io logo urlscan.io
SecurityTrails logo

promocpx.site Open in urlscan Pro
50.116.87.73  Public Scan

Go To Rescan Add Verdict Report
URL: https://promocpx.site/
Submission: On June 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 24 HTTP transactions. The main IP is 50.116.87.73, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is promocpx.site.
TLS certificate: Issued by R10 on June 27th 2024. Valid for: 3 months.
This is the only time promocpx.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 50.116.87.73 19871 (NETWORK-S...)
2 2620:1ec:bdf::60 8075 (MICROSOFT...)
1 2a04:4e42:200... 54113 (FASTLY)
3 20.114.189.70 8075 (MICROSOFT...)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
13 104.18.3.36 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 188.114.96.3 13335 (CLOUDFLAR...)
24 8
2    50.116.87.73 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 50-116-87-73.unifiedlayer.com
promocpx.site
2    2620:1ec:bdf::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
t.clarity.ms
2    13.74.129.1 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
13    104.18.3.36 (None, )

ASN13335 (CLOUDFLARENET, US)
imagedelivery.net
1    2606:4700:3032::ac43:ce17 (United States)

ASN13335 (CLOUDFLARENET, US)
cpxfonts.cc
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
userstat.net
Apex Domain
Subdomains		 Transfer
13 imagedelivery.net
imagedelivery.net — Cisco Umbrella Rank: 17204
255 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 743
t.clarity.ms — Cisco Umbrella Rank: 7139
c.clarity.ms — Cisco Umbrella Rank: 1434
28 KB
2 promocpx.site
promocpx.site
79 KB
1 userstat.net
userstat.net — Cisco Umbrella Rank: 222499
702 B
1 cpxfonts.cc
cpxfonts.cc
67 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 224
767 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
7 KB
24 7
Domain Requested by
13 imagedelivery.net
3 t.clarity.ms www.clarity.ms
2 c.clarity.ms 1 redirects
2 www.clarity.ms promocpx.site
www.clarity.ms
2 promocpx.site promocpx.site
1 userstat.net promocpx.site
1 cpxfonts.cc
1 c.bing.com 1 redirects
1 cdn.jsdelivr.net promocpx.site
24 9

This site contains no links.

Subject Issuer Validity Valid
*.promocpx.site
R10		 2024-06-27 -
2024-09-25		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
imagedelivery.net
E5		 2024-06-25 -
2024-09-23		 3 months crt.sh
cpxfonts.cc
E1		 2024-05-23 -
2024-08-21		 3 months crt.sh
userstat.net
GTS CA 1P5		 2024-05-19 -
2024-08-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://promocpx.site/
Frame ID: 55E85FFE1364D784DBC9B577AD7BA20A
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Raspadinha - CPX

Detected technologies

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

24
Requests

96 %
HTTPS

44 %
IPv6

7
Domains

9
Subdomains

8
IPs

4
Countries

435 kB
Transfer

691 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=CB8EF37BF69E4F72A97F94486C8A58E9&RedC=c.clarity.ms&MXFR=0E1C3E1F9B7167F620452AB39F7169BF HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CB8EF37BF69E4F72A97F94486C8A58E9&MUID=2F7E775C98E26CF800D763F099696D7B

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
promocpx.site/ 		1 KB
781 B 		Document
General
Check archive.org
Download Go to
Full URL
https://promocpx.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.116.87.73 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
50-116-87-73.unifiedlayer.com
Software
Apache /
Resource Hash
5eb3edfd4535fc939f9a2d5c9fd7fe9751c1a2341fd757b40e1eb781d318cef8

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
665
content-type
text/html
date
Fri, 28 Jun 2024 02:41:27 GMT
last-modified
Fri, 28 Jun 2024 00:59:00 GMT
server
Apache
vary
Accept-Encoding
mxlansf7rt
www.clarity.ms/tag/ 		637 B
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/mxlansf7rt
Requested by
Host: promocpx.site
URL: https://promocpx.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6430b15e7cf85b0b07d222ef048f99cad5efda4be4d612ff4fb7e9459f7a33eb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://promocpx.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Fri, 28 Jun 2024 02:41:27 GMT
x-azure-ref
20240628T024127Z-17d856f5577df8f64ty5gn2b4g0000000520000000009czn
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
637
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
disable-devtool
cdn.jsdelivr.net/npm/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/disable-devtool
Requested by
Host: promocpx.site
URL: https://promocpx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2a741550c18b132b0ef573f818fc79d6c09169be71d538b968ceac551c178ad3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://promocpx.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 28 Jun 2024 02:41:27 GMT
x-content-type-options
nosniff
content-encoding
br
age
3780
x-jsd-version
0.3.7
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6741
x-served-by
cache-fra-eddf8230132-FRA
x-jsd-version-type
version
etag
W/"4372-w4TGldenTh5CcrE/nVlC0PJNCZ0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
main.e9eab19c.js
promocpx.site/js/ 		195 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promocpx.site/js/main.e9eab19c.js
Requested by
Host: promocpx.site
URL: https://promocpx.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.116.87.73 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
50-116-87-73.unifiedlayer.com
Software
Apache /
Resource Hash
f8e1e57f814efff4d6a72b44e2dddcaa0e9194e316ba9b303514aae0531c2d2e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://promocpx.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 02:41:27 GMT
content-encoding
gzip
last-modified
Thu, 27 Jun 2024 23:54:15 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
application/javascript
clarity.js
www.clarity.ms/s/0.7.32/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/mxlansf7rt
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://promocpx.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 02:41:27 GMT
content-encoding
br
last-modified
Fri, 10 May 2024 17:30:20 GMT
etag
W/"0x8DC7116DE09E645"
vary
Accept-Encoding
x-azure-ref
20240628T024127Z-17d856f5577df8f64ty5gn2b4g0000000520000000009czq
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
949203f2-601e-0050-0434-c2ec8b000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
collect
t.clarity.ms/ 		0
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://promocpx.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://promocpx.site
Date
Fri, 28 Jun 2024 02:41:28 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=CB8EF37BF69E4F72A97F94486C8A58E9&RedC=c.clarity.ms&MXFR=0E1C3E1F9B7167F620452AB39F7169BF
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CB8EF37BF69E4F72A97F94486C8A58E9&MUID=2F7E775C98E26CF800D763F099696D7B
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CB8EF37BF69E4F72A97F94486C8A58E9&MUID=2F7E775C98E26CF800D763F099696D7B
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://promocpx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jun 2024 02:41:27 GMT
last-modified
Tue, 25 Jun 2024 19:30:12 GMT
server
Microsoft-IIS/10.0
etag
"7473f1936c7da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 28 Jun 2024 02:41:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E24CBE3337DF4FC793B638BE7E2186B7 Ref B: FRA31EDGE0219 Ref C: 2024-06-28T02:41:28Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CB8EF37BF69E4F72A97F94486C8A58E9&MUID=2F7E775C98E26CF800D763F099696D7B
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
public
imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/b206ee7a-e094-460a-cb98-c20febfe4a00/ 		124 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/b206ee7a-e094-460a-cb98-c20febfe4a00/public
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3ef096aa0eae00e4009f57c74d2d63eb478a8743002fb0f21a2b6a1c52d087a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://promocpx.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=471+102 c=17+251 v=2024.6.0 l=127116
date
Fri, 28 Jun 2024 02:41:28 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
127116
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfq-oac4GTSUkezY1U31DsGkBIfb7C9F9CBQfA5-d8DQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
89aa5166b8799250-FRA
public
imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/6fa11bd7-f975-43b2-5bdb-f78e986d9500/ 		790 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/6fa11bd7-f975-43b2-5bdb-f78e986d9500/public
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
033f57b1988711b77adb74839715a8114c3b8b85bda300f93afca126e3624f78
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://promocpx.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=34+0 c=0+3 v=2024.6.0 l=790
date
Fri, 28 Jun 2024 02:41:28 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
790
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfpMcHrIkQpy0P4K-4T25Z_D1hfb7C9F9CBQfA5-d8DQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
89aa5166b8709250-FRA
public
imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/c54ec8e9-cb27-4ac2-da3f-83b77ce7aa00/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/c54ec8e9-cb27-4ac2-da3f-83b77ce7aa00/public
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e357996deabb5c5733ac0778cc2b345f4608de2bd2c93d0b7aacf4ca83e1889
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://promocpx.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=199+106 c=0+0 v=2024.6.0 l=15070
date
Fri, 28 Jun 2024 02:41:28 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
15070
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfCVbL6f1cY6iGCv2iavVQAaGnfb7C9F9CBQfA5-d8DQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
89aa5166b8769250-FRA
public
imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/550d7024-ab5e-40d8-eb45-19b7c898f400/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/550d7024-ab5e-40d8-eb45-19b7c898f400/public
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fbdcbaa13dd392379209693f29002738ceb97d0a5d3e85d980f84023b9622c3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://promocpx.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=555+0 c=0+0 v=2024.6.0 l=2019
date
Fri, 28 Jun 2024 02:41:28 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
2019
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfHSOOpRM465EhgPDYhe_xYoXNfb7C9F9CBQfA5-d8DQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
89aa5166b8759250-FRA
public
imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/6ef0d4f4-b087-485f-c951-55ff7a1fc200/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/6ef0d4f4-b087-485f-c951-55ff7a1fc200/public
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff7e6cd21c3cfba074b1250a5bf5fe82781191860d0ffd3807aab71bc769bbdb
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://promocpx.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=1470+194 c=0+0 v=2024.6.0 l=30756
date
Fri, 28 Jun 2024 02:41:28 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
30756
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfmglsaF89NglnnCtHbouqNXPofb7C9F9CBQfA5-d8DQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
89aa5166b8789250-FRA
public
imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/d2b0899e-48ac-4c75-be8a-4445d54adf00/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/d2b0899e-48ac-4c75-be8a-4445d54adf00/public
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
216a0e4f67c9e8fec5666defe0465bef497415d11060b0e3e82753139daff0bb
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://promocpx.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=852+196 c=0+0 v=2024.6.0 l=6798
date
Fri, 28 Jun 2024 02:41:28 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
6798
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cf9XNBTxuW_eXMYPyqeegBr_4Cfb7C9F9CBQfA5-d8DQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
89aa5166b8739250-FRA
public
imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/da5ac9a3-4e44-4e00-b113-753020d06100/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/da5ac9a3-4e44-4e00-b113-753020d06100/public
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9422841e630db29f4af7b39208e0ea4296183500f820b58c7b160c88ed8a89ef
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://promocpx.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=909+316 c=0+0 v=2024.6.0 l=25407
date
Fri, 28 Jun 2024 02:41:28 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
25407
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfUvSc8xD4Hrkb0bPYSnPazOhlfb7C9F9CBQfA5-d8DQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
89aa5166b8729250-FRA
Gotham-Medium.otf
cpxfonts.cc/ 		165 KB
67 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cpxfonts.cc/Gotham-Medium.otf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ce17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c583cf3a8e3887d7ae88a8a91aff3772782f8dbb87c13a97817fb23d54c7635c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://promocpx.site/
Origin
https://promocpx.site
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 02:41:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 20 May 2024 13:59:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"39b5ff14a54114e9ae92136578a0e2d3"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S98O71P7j8ZcE60zfXCRhgqdacZsZAk5hywBTs4XBpyEj8HatUXSbVGrItRin2FztgB0X1EfGDiSiQo%2BlfcVv8NJ6XzigFwnxBLwyCUaCiZGMXZbfSGUCeg%2BiY2NVdArE%2BPMDhxliDwIxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/otf
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
89aa5166dfad1a49-FRA
alt-svc
h3=":443"; ma=86400
public
imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/66f8bf68-c14c-41f3-04f2-baf85e2e3300/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/66f8bf68-c14c-41f3-04f2-baf85e2e3300/public
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de127a0f23d141403afd5401c91af99e1a647a3533dccd90ead3dbd6e15d269c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://promocpx.site/
Origin
https://promocpx.site
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=15+95 c=0+0 v=2024.6.0 l=26104
date
Fri, 28 Jun 2024 02:41:28 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
26104
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfbeEG7QcStO4IZBYW0C5UoV8Qfb7C9F9CBQfA5-d8DQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
89aa5166efaa9079-FRA
public
imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/facc3f40-008a-4a31-df80-f7ebaccc8600/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/facc3f40-008a-4a31-df80-f7ebaccc8600/public
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
905d243959b218e266d815433a7a3b2e2b88cdb892b943224d11f2aa3b37e171
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://promocpx.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=29+437 c=2+128 v=2024.6.0 l=13180
date
Fri, 28 Jun 2024 02:41:28 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
13180
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfyKEuChKC_z50yNtbGslTPGUWfb7C9F9CBQfA5-d8DQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
89aa5166b87f9250-FRA
public
imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/4c30a653-0723-4e1e-2fe1-87dca8498600/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/4c30a653-0723-4e1e-2fe1-87dca8498600/public
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2bfa2f60630636961f857ee99ce2b3a47ae23a508406bf2ede7e3d019b2ad6a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://promocpx.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=218+0 c=0+43 v=2024.6.0 l=3185
date
Fri, 28 Jun 2024 02:41:28 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
3185
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfgz-V_sSypRJ2DkV4796b_73bfb7C9F9CBQfA5-d8DQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
89aa5166b8809250-FRA
public
imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/88cabebe-7696-45fa-3bc6-f3caeebec500/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/88cabebe-7696-45fa-3bc6-f3caeebec500/public
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfbae60e7a5c57e3695f67873dbef7d53501e08be5863e789c6544f92f099978
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://promocpx.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=1039+0 c=0+157 v=2024.6.0 l=2608
date
Fri, 28 Jun 2024 02:41:28 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
2608
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfGzXm-y7eCDDQbgR7-tOJIrA9fb7C9F9CBQfA5-d8DQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
89aa5166b87e9250-FRA
public
imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/3c458750-f7be-41a4-cb47-5415d4a92900/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/3c458750-f7be-41a4-cb47-5415d4a92900/public
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ceda42c1fac0ac6d7bc5a2dd167a36d069fd17060ec16b6db0c932b55577f02d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://promocpx.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=184+0 c=0+34 v=2024.6.0 l=2599
date
Fri, 28 Jun 2024 02:41:28 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
2599
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfMVFGDdfEaoJ1hiT65Hjh-kMvfb7C9F9CBQfA5-d8DQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
89aa5166b87d9250-FRA
public
imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/8fc799a0-fd57-485d-e6e5-8d4ed431a200/ 		789 B
823 B 		Other
General
Check archive.org
Download Go to
Full URL
https://imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/8fc799a0-fd57-485d-e6e5-8d4ed431a200/public
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcd6fc7d9bcbe681f66e3e120097ed56572da01185ca0814854fa52368cfd15e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://promocpx.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=226+0 c=0+0 v=2024.6.0 l=789
date
Fri, 28 Jun 2024 02:41:28 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
cf-bgj
imgq:0,h2pri
server
cloudflare
content-encoding
gzip
etag
W/"cfvykyI_46DdYpycPhSaQDcW94fb7C9F9CBQfA5-d8DQ"
vary
Accept, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
cf-ray
89aa5166b8779250-FRA
alt-svc
h3=":443"; ma=86400
script.js
userstat.net/get/ 		129 B
702 B 		Script
General
Check archive.org
Download Go to
Full URL
https://userstat.net/get/script.js?referrer=https://promocpx.site/
Requested by
Host: promocpx.site
URL: https://promocpx.site/js/main.e9eab19c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.1
Resource Hash
15ce5c1c9ba32dcc6ad17bb12d61ead8aafba652147c3c51d0e200a16a992d67

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://promocpx.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 02:41:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.2.1
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://promocpx.site
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vCBDU8u3AUgUfek%2FOAHMAnCj6cvdL9KAnrMsoIv%2BRNql89jfFjOKa01EzXHX2j%2BQ2vMqG%2BT3kQlVN5TiGL9LYYNh1nFss%2BJqjyTZKjW1zkN7M4%2BLrNQzPdjiyzD6B%2Fw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
89aa516cddb79954-FRA
access-control-allow-headers
X-Requested-With,content-type
alt-svc
h3=":443"; ma=86400
collect
t.clarity.ms/ 		0
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://promocpx.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://promocpx.site
Date
Fri, 28 Jun 2024 02:41:29 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
collect
t.clarity.ms/ 		0
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://promocpx.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://promocpx.site
Date
Fri, 28 Jun 2024 02:41:31 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| clarity function| DisableDevtool string| __reactRouterVersion

11 Cookies

Domain/Path Name / Value
www.clarity.ms/ Name: CLID
Value: bd38d733395f46c9a2b60a430cfaaec1.20240628.20250628
.promocpx.site/ Name: _clck
Value: 3qwfvb%7C2%7Cfn0%7C0%7C1640
promocpx.site/ Name: PHPREFS
Value: full
.bing.com/ Name: MUID
Value: 2F7E775C98E26CF800D763F099696D7B
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 2F7E775C98E26CF800D763F099696D7B
.promocpx.site/ Name: _clsk
Value: 1tqrn7i%7C1719542488285%7C1%7C1%7Ct.clarity.ms%2Fcollect
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 2F7E775C98E26CF800D763F099696D7B
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cpxfonts.cc
imagedelivery.net
promocpx.site
t.clarity.ms
userstat.net
www.clarity.ms
104.18.3.36
13.74.129.1
188.114.96.3
20.114.189.70
2606:4700:3032::ac43:ce17
2620:1ec:bdf::60
2620:1ec:c11::237
2a04:4e42:200::485
50.116.87.73
033f57b1988711b77adb74839715a8114c3b8b85bda300f93afca126e3624f78
15ce5c1c9ba32dcc6ad17bb12d61ead8aafba652147c3c51d0e200a16a992d67
1fbdcbaa13dd392379209693f29002738ceb97d0a5d3e85d980f84023b9622c3
216a0e4f67c9e8fec5666defe0465bef497415d11060b0e3e82753139daff0bb
2a741550c18b132b0ef573f818fc79d6c09169be71d538b968ceac551c178ad3
2e357996deabb5c5733ac0778cc2b345f4608de2bd2c93d0b7aacf4ca83e1889
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5eb3edfd4535fc939f9a2d5c9fd7fe9751c1a2341fd757b40e1eb781d318cef8
6430b15e7cf85b0b07d222ef048f99cad5efda4be4d612ff4fb7e9459f7a33eb
905d243959b218e266d815433a7a3b2e2b88cdb892b943224d11f2aa3b37e171
9422841e630db29f4af7b39208e0ea4296183500f820b58c7b160c88ed8a89ef
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
c2bfa2f60630636961f857ee99ce2b3a47ae23a508406bf2ede7e3d019b2ad6a
c3ef096aa0eae00e4009f57c74d2d63eb478a8743002fb0f21a2b6a1c52d087a
c583cf3a8e3887d7ae88a8a91aff3772782f8dbb87c13a97817fb23d54c7635c
ceda42c1fac0ac6d7bc5a2dd167a36d069fd17060ec16b6db0c932b55577f02d
dcd6fc7d9bcbe681f66e3e120097ed56572da01185ca0814854fa52368cfd15e
de127a0f23d141403afd5401c91af99e1a647a3533dccd90ead3dbd6e15d269c
dfbae60e7a5c57e3695f67873dbef7d53501e08be5863e789c6544f92f099978
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f8e1e57f814efff4d6a72b44e2dddcaa0e9194e316ba9b303514aae0531c2d2e
ff7e6cd21c3cfba074b1250a5bf5fe82781191860d0ffd3807aab71bc769bbdb