urlscan.io logo urlscan.io
SecurityTrails logo

promo.com Open in urlscan Pro
107.22.229.2  Public Scan

Go To Rescan Add Verdict Report
URL: https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Submission: On February 23 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 5 countries across 19 domains to perform 69 HTTP transactions. The main IP is 107.22.229.2, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is promo.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 19th 2019. Valid for: a year.
This is the only time promo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    107.22.229.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-229-2.compute-1.amazonaws.com
promo.com
29    2a02:26f0:11a:190::3272 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
ak02-promo-cdn.slidely.com
ak04-promo-cdn.slidely.com
ak01-promo-cdn.slidely.com
1    2a04:4e42:600::729 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.ravenjs.com
1    143.204.202.3 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-3.fra53.r.cloudfront.net
snippet.growsumo.com
2    2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2600:1901:0:bc29:: (United States)

ASN15169 (GOOGLE, US)
cdn.mxpnl.com
8    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    130.211.33.203 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 203.33.211.130.bc.googleusercontent.com
grsm.io
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    35.186.241.51 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 51.241.186.35.bc.googleusercontent.com
api-js.mixpanel.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    143.204.202.65 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-65.fra53.r.cloudfront.net
widget.intercom.io
3    143.204.202.38 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-38.fra53.r.cloudfront.net
js.intercomcdn.com
1    99.83.219.81 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com
api-iam.intercom.io
Domain Requested by
17 ak01-promo-cdn.slidely.com promo.com
ak02-promo-cdn.slidely.com
9 ak04-promo-cdn.slidely.com promo.com
9 promo.com 1 redirects promo.com
cdn.ravenjs.com
8 connect.facebook.net ak04-promo-cdn.slidely.com
connect.facebook.net
4 api-js.mixpanel.com cdn.ravenjs.com
cdn.mxpnl.com
3 js.intercomcdn.com js.intercomcdn.com
3 www.google.com 1 redirects ak04-promo-cdn.slidely.com
3 ak02-promo-cdn.slidely.com promo.com
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 www.facebook.com cdn.ravenjs.com
connect.facebook.net
2 cdn.mxpnl.com ak04-promo-cdn.slidely.com
2 fonts.googleapis.com promo.com
1 api-iam.intercom.io js.intercomcdn.com
1 widget.intercom.io 1 redirects
1 www.google.de promo.com
1 stats.g.doubleclick.net 1 redirects
1 www.googletagmanager.com promo.com
1 www.gstatic.com www.google.com
1 grsm.io cdn.ravenjs.com
1 static.ads-twitter.com promo.com
1 snippet.growsumo.com promo.com
1 cdn.ravenjs.com promo.com
69 22

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.linkedin.com
twitter.com
www.youtube.com
support.promo.com
Subject Issuer Validity Valid
*.promo.com
Go Daddy Secure Certificate Authority - G2		 2019-10-19 -
2020-12-18		 a year crt.sh
*.slidely.com
Go Daddy Secure Certificate Authority - G2		 2020-02-04 -
2022-02-13		 2 years crt.sh
osff.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-12-19 -
2020-12-18		 a year crt.sh
*.growsumo.com
Amazon		 2020-01-01 -
2021-02-01		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
*.mxpnl.com
RapidSSL RSA CA 2018		 2019-07-29 -
2021-07-28		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-01-16 -
2020-04-15		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2019-08-14 -
2020-08-18		 a year crt.sh
*.grsm.io
AlphaSSL CA - SHA256 - G2		 2017-11-20 -
2020-11-20		 3 years crt.sh
*.google.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
*.mixpanel.com
RapidSSL RSA CA 2018		 2018-01-11 -
2020-05-01		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
*.intercomcdn.com
Amazon		 2019-04-27 -
2020-05-27		 a year crt.sh
*.intercom.com
Amazon		 2019-06-11 -
2020-07-11		 a year crt.sh

This page contains 3 frames:

Primary Page: https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Frame ID: 1204CBE03795FD45C55B94169E2C3471
Requests: 41 HTTP requests in this frame

Frame: https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
Frame ID: B0A04808C75AA9870A7D265CBDEB76BC
Requests: 25 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.3e18b733.js
Frame ID: 92BBB955E8C10127A637368856F2D8C0
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Page Statistics

69
Requests

100 %
HTTPS

60 %
IPv6

19
Domains

22
Subdomains

18
IPs

5
Countries

3633 kB
Transfer

15007 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://promo.com/register?client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&display=popup&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt HTTP 302
  • https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
Request Chain 49
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=321327797&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.com%2Fregister%3Fdisplay%3Dpopup%26client_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D%26ref%3D%252Foauth%252Fuser%252Fauthorize%253Fclient_id%253Durxv8d28amfectar7vftir0z00xtvzn3bp%2526state%253DwWneEG9gANTscB4NNi0ddxETg69EXPPt%2526response_type%253Dtoken%2526oauth%253Dtrue%2526email%253D&ul=en-us&de=UTF-8&dt=Slidely%20-%20The%20%231%20Visual%20Content%20Creation%20Platform%2C%20Maker%20of%20Promo&sd=24-bit&sr=1600x1200&vp=554x590&je=0&_u=IEBAAUAB~&jid=946965984&gjid=82834015&cid=438429201.1582460141&tid=UA-17257037-7&_gid=1399199603.1582460141&_r=1&gtm=2ou2c0&z=1180679210 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-17257037-7&cid=438429201.1582460141&jid=946965984&_gid=1399199603.1582460141&gjid=82834015&_v=j81&z=1180679210 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17257037-7&cid=438429201.1582460141&jid=946965984&_v=j81&z=1180679210 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17257037-7&cid=438429201.1582460141&jid=946965984&_v=j81&z=1180679210&slf_rd=1&random=1866438632
Request Chain 64
  • https://widget.intercom.io/widget/van22wlo HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

69 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set create
promo.com/ 		337 KB
81 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.229.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-229-2.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef27ea408ac2e91a7b987a439ef12b3cc74c1ede04175af97139a5b1a1ee94d3

Request headers

Host
promo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 23 Feb 2020 12:15:39 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
P3p
CP="CAO PSA OUR"
Pragma
no-cache
Server
nginx/1.10.3 (Ubuntu)
Set-Cookie
EZSESSID=k1d8i977ttmk5ja74g3vljibgt; expires=Sun, 01-Mar-2020 12:36:39 GMT; Max-Age=606060; path=/ urn=68; expires=Tue, 24-Mar-2020 12:15:39 GMT; Max-Age=2592000; path=/ tid=60220210; expires=Tue, 24-Mar-2020 12:15:39 GMT; Max-Age=2592000; path=/; domain=.promo.com
transfer-encoding
chunked
Connection
keep-alive
layout.webapp.bundle.css
ak02-promo-cdn.slidely.com/1582457750/dist/ 		162 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ak02-promo-cdn.slidely.com/1582457750/dist/layout.webapp.bundle.css
Requested by
Host: promo.com
URL: https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:11a:190::3272 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ddbbcb8d17ed65b8835bc01d4e46bd218f40acb42d0c96b12d71886ebe5e14d8

Request headers

Referer
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sun, 23 Feb 2020 12:15:39 GMT
content-encoding
gzip
last-modified
Sun, 23 Feb 2020 11:53:37 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-origin
*
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=31535223
accept-ranges
bytes
content-length
26929
expires
Mon, 22 Feb 2021 12:02:42 GMT
raven.min.js
cdn.ravenjs.com/3.16.1/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.16.1/raven.min.js
Requested by
Host: promo.com
URL: https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
d97baf01955ff48b9b4ef81767c04fdd51f788719b1749cba12ec357da5dc493

Request headers

Referer
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Origin
https://promo.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 23 Feb 2020 12:15:39 GMT
content-encoding
gzip
last-modified
Fri, 30 Jun 2017 07:20:01 GMT
server
Fastly
age
22902
etag
"225e2372ec0a09cd607db28ecf942cfd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9638
create.bundle.css
ak04-promo-cdn.slidely.com/1582457750/dist/ 		737 KB
103 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ak04-promo-cdn.slidely.com/1582457750/dist/create.bundle.css
Requested by
Host: promo.com
URL: https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:11a:190::3272 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
bfa04d008fb6554d9305620c1b1a3446d075c6c4bff73cb381d25417dd291a8f

Request headers

Referer
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sun, 23 Feb 2020 12:15:39 GMT
content-encoding
gzip
last-modified
Sun, 23 Feb 2020 11:53:37 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-origin
*
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=31535304
accept-ranges
bytes
content-length
104862
expires
Mon, 22 Feb 2021 12:04:03 GMT
recaptcha-popup.scss
ak04-promo-cdn.slidely.com/1582457750/scss/applications/promoVideos/ 		201 B
447 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ak04-promo-cdn.slidely.com/1582457750/scss/applications/promoVideos/recaptcha-popup.scss
Requested by
Host: promo.com
URL: https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:11a:190::3272 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9e595822c1835f48278902ad6e937a1139c7292bc78e90983c81d6f86f80dd0a

Request headers

Referer
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

pragma
public
date
Sun, 23 Feb 2020 12:15:39 GMT
last-modified
Sun, 23 Feb 2020 12:03:28 GMT
server
nginx/1.10.3 (Ubuntu)
etag
4d391a54db4eb449d6320727cec538f0
x-scss-cache
true
p3p
CP="CAO PSA OUR"
status
200
cache-control
public, max-age=31448126
content-type
text/css;charset=UTF-8
content-length
201
expires
Sun, 21 Feb 2021 11:51:05 GMT
sdk.js
promo.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promo.com/sdk.js?ver=1582457750
Requested by
Host: promo.com
URL: https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.229.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-229-2.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
6120081e1022244bc17dde0b0b7c705147e7b5bbcf68b76c38f95d1010c10ca3

Request headers

Referer
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Pragma
no-cache
Date
Sun, 23 Feb 2020 12:15:39 GMT
Content-Encoding
gzip
Server
nginx/1.10.3 (Ubuntu)
P3p
CP="CAO PSA OUR"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
application/javascript
Content-Length
2431
Expires
Thu, 19 Nov 1981 08:52:00 GMT
babelPolyfill.bundle.js
ak02-promo-cdn.slidely.com/1582457750/dist/ 		2 KB
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ak02-promo-cdn.slidely.com/1582457750/dist/babelPolyfill.bundle.js
Requested by
Host: promo.com
URL: https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:11a:190::3272 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ce1bfb2d7662b9e570508db426d50e5bd2964af80131ccfa705fffc6c4397b62

Request headers

Referer
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 23 Feb 2020 12:15:39 GMT
content-encoding
gzip
last-modified
Sun, 23 Feb 2020 11:53:37 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-origin
*
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=31535318
accept-ranges
bytes
content-length
797
expires
Mon, 22 Feb 2021 12:04:17 GMT
vendors-webapp-chunk.js
ak02-promo-cdn.slidely.com/1582457750/dist/ 		6 MB
805 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak02-promo-cdn.slidely.com/1582457750/dist/vendors-webapp-chunk.js
Requested by
Host: promo.com
URL: https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:11a:190::3272 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
78cdf14650838d1324b9b0023069cfa54bcd2f6a47fb88c6ea57f41cc01b554d

Request headers

Referer
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 23 Feb 2020 12:15:39 GMT
content-encoding
gzip
last-modified
Sun, 23 Feb 2020 11:53:37 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-origin
*
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=31535294
accept-ranges
bytes
content-length
822730
expires
Mon, 22 Feb 2021 12:03:53 GMT
promo-common-webapp-chunk.js
ak04-promo-cdn.slidely.com/1582457750/dist/ 		2 MB
576 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak04-promo-cdn.slidely.com/1582457750/dist/promo-common-webapp-chunk.js
Requested by
Host: promo.com
URL: https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:11a:190::3272 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
6f48ae3a1bcf7a513d348336b094dd9b3997beb7c4d700bc9bc5240b06a45df9

Request headers

Referer
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 23 Feb 2020 12:15:39 GMT
content-encoding
gzip
last-modified
Sun, 23 Feb 2020 11:53:37 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-origin
*
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=31535169
accept-ranges
bytes
expires
Mon, 22 Feb 2021 12:01:48 GMT
layout.webapp.bundle.js
ak04-promo-cdn.slidely.com/1582457750/dist/ 		127 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak04-promo-cdn.slidely.com/1582457750/dist/layout.webapp.bundle.js
Requested by
Host: promo.com
URL: https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:11a:190::3272 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
8a936a09a86188b00bff1257b55151323b95d58d89b1c7290c8f218d592219ad

Request headers

Referer
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 23 Feb 2020 12:15:39 GMT
content-encoding
gzip
last-modified
Sun, 23 Feb 2020 11:53:37 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-origin
*
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=31535224
accept-ranges
bytes
content-length
28764
expires
Mon, 22 Feb 2021 12:02:43 GMT
create.bundle.js
ak01-promo-cdn.slidely.com/1582457750/dist/ 		1022 KB
238 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak01-promo-cdn.slidely.com/1582457750/dist/create.bundle.js
Requested by
Host: promo.com
URL: https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:11a:190::3272 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
7329650e1ce54258b2aeb57ceb15447f15cac581870fa55aa949655637c1be1b

Request headers

Referer
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 23 Feb 2020 12:15:39 GMT
content-encoding
gzip
last-modified
Sun, 23 Feb 2020 11:53:37 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-origin
*
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=31535218
accept-ranges
bytes
expires
Mon, 22 Feb 2021 12:02:37 GMT
growsumo.min.js
snippet.growsumo.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippet.growsumo.com/growsumo.min.js
Requested by
Host: promo.com
URL: https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-3.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4548fa8e9c908c9c68bf27038f295601892358c27ff3fc579bc6c46e4050b918

Request headers

Referer
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Sat, 22 Feb 2020 17:12:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 04 Dec 2018 21:00:45 GMT
Server
AmazonS3
Age
68586
ETag
"74a582f7416e6c3e23b0f1db51aa09d5"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 61adf71a363fe0f836dc69dbb43de824.cloudfront.net (CloudFront)
Cache-Control
max-age=592200, s-max-age=2368800, no-transform, public
X-Amz-Cf-Pop
FRA53-C1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1252
X-Amz-Cf-Id
rmB_4sXD3EdB_51E_J3xK0ZTk4w6vUlY7Vhtm8FuYwMe3kTrkQN_Hg==
css
fonts.googleapis.com/ 		2 KB
673 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: promo.com
URL: https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 23 Feb 2020 12:15:39 GMT
server
ESF
date
Sun, 23 Feb 2020 12:15:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 23 Feb 2020 12:15:39 GMT
logo_w2.svg
ak04-promo-cdn.slidely.com/images/promoVideos/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ak04-promo-cdn.slidely.com/images/promoVideos/logo_w2.svg
Requested by
Host: promo.com
URL: https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:11a:190::3272 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
5a124b6e29e0a373cf9adec6a50dc96741aad09e9bd26caaf50f25621eb1788c

Request headers

Referer
https://ak04-promo-cdn.slidely.com/1582457750/dist/create.bundle.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 23 Feb 2020 12:15:39 GMT
content-encoding
gzip
last-modified
Mon, 10 Feb 2020 12:27:04 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-origin
*
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=30465195
accept-ranges
bytes
content-length
2807
expires
Wed, 10 Feb 2021 02:48:54 GMT
Black-Foundry-Wes-FY-Medium.ttf
ak01-promo-cdn.slidely.com/1582457964003/dist/fonts/public/fonts/wes-fy/ 		87 KB
87 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ak01-promo-cdn.slidely.com/1582457964003/dist/fonts/public/fonts/wes-fy/Black-Foundry-Wes-FY-Medium.ttf
Requested by
Host: promo.com
URL: https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:11a:190::3272 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
5f7cef2df37f752a57f1d883c342d300ccbb3d5dfe758c5ae7f13d9dd7d19457

Request headers

Referer
https://ak02-promo-cdn.slidely.com/1582457750/dist/layout.webapp.bundle.css
Origin
https://promo.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 23 Feb 2020 12:15:39 GMT
last-modified
Sun, 23 Feb 2020 11:53:36 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-origin
*
content-type
application/octet-stream
status
200
cache-control
public, max-age=31556918
accept-ranges
bytes
content-length
89028
expires
Mon, 22 Feb 2021 18:04:17 GMT
Black-Foundry-Wes-FY-Bold.ttf
ak01-promo-cdn.slidely.com/1582457964003/dist/fonts/public/fonts/wes-fy/ 		81 KB
82 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ak01-promo-cdn.slidely.com/1582457964003/dist/fonts/public/fonts/wes-fy/Black-Foundry-Wes-FY-Bold.ttf
Requested by
Host: promo.com
URL: https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:11a:190::3272 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
443e0a429443e5f77a0bd31cfd8339a08bdcd932d9c376c7dd423c32cb697887

Request headers

Referer
https://ak02-promo-cdn.slidely.com/1582457750/dist/layout.webapp.bundle.css
Origin
https://promo.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 23 Feb 2020 12:15:39 GMT
last-modified
Sun, 23 Feb 2020 11:53:36 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-origin
*
content-type
application/octet-stream
status
200
cache-control
public, max-age=31556877
accept-ranges
bytes
content-length
83432
expires
Mon, 22 Feb 2021 18:03:36 GMT
icomoon.ttf
ak01-promo-cdn.slidely.com/1582457964003/dist/fonts/public/fonts/all-icons/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ak01-promo-cdn.slidely.com/1582457964003/dist/fonts/public/fonts/all-icons/icomoon.ttf
Requested by
Host: promo.com
URL: https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:11a:190::3272 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
495a890e80ef117a67c6870361f457abee5301a4c21c45553476b6936992595b

Request headers

Referer
https://ak02-promo-cdn.slidely.com/1582457750/dist/layout.webapp.bundle.css
Origin
https://promo.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 23 Feb 2020 12:15:39 GMT
last-modified
Sun, 23 Feb 2020 11:53:36 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-origin
*
content-type
application/octet-stream
status
200
cache-control
public, max-age=31556841
accept-ranges
bytes
content-length
33560
expires
Mon, 22 Feb 2021 18:03:00 GMT
session
promo.com/data/user/ 		136 B
576 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://promo.com/data/user/session
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.16.1/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.229.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-229-2.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
0c5371490d5544f9d17b997fe6ac0c859b89df29fbf84afeaea484ddbc18e8f8

Request headers

Referer
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers

Pragma
no-cache
Date
Sun, 23 Feb 2020 12:15:39 GMT
Content-Encoding
gzip
Server
nginx/1.10.3 (Ubuntu)
P3p
CP="CAO PSA OUR"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
131
Expires
Thu, 19 Nov 1981 08:52:00 GMT
logo_w.svg
ak04-promo-cdn.slidely.com/images/promoVideos/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ak04-promo-cdn.slidely.com/images/promoVideos/logo_w.svg
Requested by
Host: promo.com
URL: https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:11a:190::3272 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ac70434607d29196fde4a7049e39c5db00a184114daaa4c61776d1217b1f7e31

Request headers

Referer
https://ak04-promo-cdn.slidely.com/1582457750/dist/create.bundle.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 23 Feb 2020 12:15:39 GMT
content-encoding
gzip
last-modified
Mon, 10 Feb 2020 12:27:04 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-origin
*
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=30465183
accept-ranges
bytes
content-length
2975
expires
Wed, 10 Feb 2021 02:48:42 GMT
ProximaNova-Light.otf
ak01-promo-cdn.slidely.com/1582457964003/dist/fonts/public/fonts/proxima/ 		61 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ak01-promo-cdn.slidely.com/1582457964003/dist/fonts/public/fonts/proxima/ProximaNova-Light.otf
Requested by
Host: promo.com
URL: https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:11a:190::3272 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
0f77660e06a5f61a45c4dbdab511722357cf29e7f5ba1b2cf097550afdb0ed20

Request headers

Referer
https://ak02-promo-cdn.slidely.com/1582457750/dist/layout.webapp.bundle.css
Origin
https://promo.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 23 Feb 2020 12:15:39 GMT
last-modified
Sun, 23 Feb 2020 11:53:36 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-origin
*
content-type
application/octet-stream
status
200
cache-control
public, max-age=31556912
accept-ranges
bytes
content-length
62968
expires
Mon, 22 Feb 2021 18:04:11 GMT
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ 		72 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: ak04-promo-cdn.slidely.com
URL: https://ak04-promo-cdn.slidely.com/1582457750/dist/promo-common-webapp-chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1901:0:bc29:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
51b93d3a0f08a7a996cd669bae8b086be6a590d49f18406716c495f8f339a5aa

Request headers

Referer
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 23 Feb 2020 11:40:11 GMT
content-encoding
gzip
age
2128
status
200
x-guploader-uploadid
AEnB2UpgFj5VKBvl1sak5TxgfSDIfEROf9gsTBg24Kej9W7yN1NcWSMdOJBK0Jm16ZOnJqJP5CNu6abaDNayoMsDbScR-HNXeA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
24310
last-modified
Wed, 05 Feb 2020 00:17:19 GMT
server
UploadServer
etag
"77f71aec224927ea65e55fb94c97632f"
vary
Accept-Encoding
x-goog-hash
crc32c=d/v9hw==, md5=d/ca7CJJJ+pl5V+5TJdjLw==
content-language
en
access-control-allow-origin
*
x-goog-generation
1580861839915277
cache-control
public,max-age=86400
x-goog-stored-content-length
24310
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 24 Feb 2020 11:40:11 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: ak04-promo-cdn.slidely.com
URL: https://ak04-promo-cdn.slidely.com/1582457750/dist/promo-common-webapp-chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2be5a786f602cfed77db4af94eb9a1776029df03ac217567000828bd3af0e4e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
6L1k5/7CLSz1qdu86UIgOA==
status
200
date
Sun, 23 Feb 2020 12:15:39 GMT, Sun, 23 Feb 2020 12:15:39 GMT
expires
Sun, 23 Feb 2020 12:33:58 GMT
alt-svc
h3-24=":443"; ma=3600
content-length
1777
x-fb-debug
SYij+3nyZ9mQgh2NZA8oiuiKcrQIJAcc9t6kB3EUFGj0jhRqEuA2cw4cV99SB09N3YOytJv4CLTdpmiJxpbfUA==
x-fb-trip-id
420120009
x-fb-content-md5
8018d792ed37a4ae1c5aa9aa76d7644d
etag
"d9ee619807a1fa61afe21b59713fdc1f"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
fbevents.js
connect.facebook.net/en_US/ 		126 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ak04-promo-cdn.slidely.com
URL: https://ak04-promo-cdn.slidely.com/1582457750/dist/promo-common-webapp-chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
PPbsqzG1rLpHeH2m0V2W9jRuZex3uClNuVVOHogrCNZTTobLftYg6S3ySYumRQRJYnb6fsfQOtv4UlXwCAMq+Q==
x-fb-trip-id
420120009
date
Sun, 23 Feb 2020 12:15:39 GMT, Sun, 23 Feb 2020 12:15:39 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
api.js
www.google.com/recaptcha/ 		734 B
563 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=recpatchaOnLoad&render=explicit&_=1582460139957
Requested by
Host: ak04-promo-cdn.slidely.com
URL: https://ak04-promo-cdn.slidely.com/1582457750/dist/promo-common-webapp-chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
04076e330279f5f08ba3a63e4d92162eb27ecd940c506cb8050f85240f16acbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 23 Feb 2020 12:15:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
470
x-xss-protection
1; mode=block
expires
Sun, 23 Feb 2020 12:15:40 GMT
should-show-cookies-policy-popup
promo.com/promoVideos/data/ 		67 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://promo.com/promoVideos/data/should-show-cookies-policy-popup
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.16.1/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.229.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-229-2.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ba9a378a7d3f8d216aea38a292a0310591e322f104690110de8936afc2416007

Request headers

Accept
*/*
Referer
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Feb 2020 12:15:40 GMT
Content-Encoding
gzip
Server
nginx/1.10.3 (Ubuntu)
P3p
CP="CAO PSA OUR"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
79
Expires
Thu, 19 Nov 1981 08:52:00 GMT
session
promo.com/data/user/ 		136 B
576 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://promo.com/data/user/session
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.16.1/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.229.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-229-2.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
0c5371490d5544f9d17b997fe6ac0c859b89df29fbf84afeaea484ddbc18e8f8

Request headers

Referer
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers

Pragma
no-cache
Date
Sun, 23 Feb 2020 12:15:40 GMT
Content-Encoding
gzip
Server
nginx/1.10.3 (Ubuntu)
P3p
CP="CAO PSA OUR"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
131
Expires
Thu, 19 Nov 1981 08:52:00 GMT
ProximaNova-Regular.otf
ak01-promo-cdn.slidely.com/1582457964003/dist/fonts/public/fonts/proxima/ 		61 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ak01-promo-cdn.slidely.com/1582457964003/dist/fonts/public/fonts/proxima/ProximaNova-Regular.otf
Requested by
Host: ak02-promo-cdn.slidely.com
URL: https://ak02-promo-cdn.slidely.com/1582457750/dist/vendors-webapp-chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:11a:190::3272 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
2b80fbe521e07e4e84eb52e707b364c3e6c05c57e483276dc4b3be93a9794ba9

Request headers

Referer
https://ak02-promo-cdn.slidely.com/1582457750/dist/layout.webapp.bundle.css
Origin
https://promo.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 23 Feb 2020 12:15:40 GMT
last-modified
Sun, 23 Feb 2020 11:53:36 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-origin
*
content-type
application/octet-stream
status
200
cache-control
public, max-age=31556861
accept-ranges
bytes
content-length
62892
expires
Mon, 22 Feb 2021 18:03:21 GMT
api.js
www.google.com/recaptcha/ 		734 B
536 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=recpatchaOnLoad&render=explicit&_=1582460140063
Requested by
Host: ak04-promo-cdn.slidely.com
URL: https://ak04-promo-cdn.slidely.com/1582457750/dist/promo-common-webapp-chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
04076e330279f5f08ba3a63e4d92162eb27ecd940c506cb8050f85240f16acbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 23 Feb 2020 12:15:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
470
x-xss-protection
1; mode=block
expires
Sun, 23 Feb 2020 12:15:40 GMT
get-share-options
promo.com/data/promo-videos/ 		32 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://promo.com/data/promo-videos/get-share-options
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.16.1/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.229.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-229-2.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
982a7df12faf54fd0e70c95b2de2b646e5cfbec8e85abc95b5a5fa50e7f30476

Request headers

Accept
*/*
Referer
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Feb 2020 12:15:40 GMT
Content-Encoding
gzip
Server
nginx/1.10.3 (Ubuntu)
P3p
CP="CAO PSA OUR"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
52
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cookie set register
promo.com/ Frame B0A0
Redirect Chain
  • https://promo.com/register?client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&display=popup&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt
  • https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3F...
13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
Requested by
Host: promo.com
URL: https://promo.com/sdk.js?ver=1582457750
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.229.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-229-2.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
b49cdd80f5c7ff7478698fadf83f24a8ef09aecbd5a77d8bf8f3d4dd37f5f28d

Request headers

Host
promo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Referer
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
EZSESSID=k1d8i977ttmk5ja74g3vljibgt; urn=68; tid=60220210; ezRI=%7B%22source%22%3A%22organicdirect%22%2C%22lang%22%3A%22en%22%7D; mp_e7d2894fb113ce2e99d62bcfd0f0a3f0_mixpanel=%7B%22distinct_id%22%3A%20%2217071f97b018dc-03f0f238f07e5c-37647e03-1d4c00-17071f97b0299e%22%2C%22%24device_id%22%3A%20%2217071f97b018dc-03f0f238f07e5c-37647e03-1d4c00-17071f97b0299e%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 23 Feb 2020 12:15:40 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
P3p
CP="CAO PSA OUR"
Pragma
no-cache
Server
nginx/1.10.3 (Ubuntu)
Set-Cookie
tid=60220210; expires=Tue, 24-Mar-2020 12:15:40 GMT; Max-Age=2592000; path=/; domain=.promo.com
Content-Length
4897
Connection
keep-alive

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Content-Type
text/html; charset=utf-8
Date
Sun, 23 Feb 2020 12:15:40 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Location
/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
P3p
CP="CAO PSA OUR"
Pragma
no-cache
Server
nginx/1.10.3 (Ubuntu)
Set-Cookie
tid=60220210; expires=Tue, 24-Mar-2020 12:15:40 GMT; Max-Age=2592000; path=/; domain=.promo.com
Content-Length
0
Connection
keep-alive
uwt.js
static.ads-twitter.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: promo.com
URL: https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 23 Feb 2020 12:15:40 GMT
content-encoding
gzip
age
14516
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1954
x-served-by
cache-hhn4046-HHN
last-modified
Tue, 23 Jan 2018 20:09:00 GMT
x-timer
S1582460140.350943,VS0,VE0
etag
"b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
dummy-bg-v2.jpg
ak04-promo-cdn.slidely.com/images/promoVideos/wizard/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ak04-promo-cdn.slidely.com/images/promoVideos/wizard/dummy-bg-v2.jpg
Requested by
Host: promo.com
URL: https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:11a:190::3272 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
81a10f4e61dfbe306c461e05d3986da7638f63f5fb11072cdbdeface85c3c100

Request headers

Referer
https://ak04-promo-cdn.slidely.com/1582457750/dist/create.bundle.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 23 Feb 2020 12:15:40 GMT
last-modified
Mon, 10 Feb 2020 12:27:04 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5e414c18-30099"
content-type
image/jpeg
status
200
cache-control
max-age=30465191
accept-ranges
bytes
content-length
196761
expires
Wed, 10 Feb 2021 02:48:51 GMT
pk_esbKqgLPsPyYJCz0Nm1zHmjs7A01ilt1
grsm.io/pr/gpk/ 		0
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grsm.io/pr/gpk/pk_esbKqgLPsPyYJCz0Nm1zHmjs7A01ilt1
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.16.1/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.33.203 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
203.33.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Origin
https://promo.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 23 Feb 2020 12:15:40 GMT
via
1.1 google
status
200
p3p
CP="This is not a P3P policy! See our docs for more info."
access-control-allow-origin
https://promo.com
access-control-allow-credentials
true
content-type
text/plain; charset=utf-8
alt-svc
clear
content-length
0
Black-Foundry-Wes-FY-Regular.ttf
ak01-promo-cdn.slidely.com/1582457964003/dist/fonts/public/fonts/wes-fy/ 		96 KB
96 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ak01-promo-cdn.slidely.com/1582457964003/dist/fonts/public/fonts/wes-fy/Black-Foundry-Wes-FY-Regular.ttf
Requested by
Host: promo.com
URL: https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:11a:190::3272 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
896faeed883c92f039329aacdec4abf6dd60752b10ee18af10262985bba2862b

Request headers

Referer
https://ak02-promo-cdn.slidely.com/1582457750/dist/layout.webapp.bundle.css
Origin
https://promo.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 23 Feb 2020 12:15:40 GMT
last-modified
Sun, 23 Feb 2020 11:53:36 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-origin
*
content-type
application/octet-stream
status
200
cache-control
public, max-age=31556894
accept-ranges
bytes
content-length
97864
expires
Mon, 22 Feb 2021 18:03:54 GMT
sdk.js
connect.facebook.net/en_US/ 		194 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=5996ab0efcd6720b6adeea1b3e6806ec&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
94c9d259d672eec9df74d7eec99b2ef0dc5f6405ed70441a35877671e198ebc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Origin
https://promo.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
tgkTJm5N39xBwwhiv1qdpw==
status
200
date
Sun, 23 Feb 2020 12:15:40 GMT, Sun, 23 Feb 2020 12:15:40 GMT
expires
Mon, 22 Feb 2021 11:09:08 GMT
alt-svc
h3-24=":443"; ma=3600
content-length
59650
x-fb-debug
E3aWnDe/MEkDgPJLmYi21+fEPvqZkGrBA8wIYroNjhyZZ2gNOf11XgL1kqtt8v5sKmnQ1xHdtjRUs6rOS63wfw==
x-fb-trip-id
420120009
x-fb-content-md5
406d5299bbb3f9d94e8eb47842d8622e
etag
"6cdb5a3a1423db9c3deec2f26af4577b"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
recaptcha__en.js
www.gstatic.com/recaptcha/releases/n1ZaVsRK4TYyiKxYab0h8MUD/ 		259 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/n1ZaVsRK4TYyiKxYab0h8MUD/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=recpatchaOnLoad&render=explicit&_=1582460139957
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
327358936ae1faca746b38258cde21f2574d062dc6f939a8b9fcfa8e2adfc9ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 18 Feb 2020 17:33:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 17 Feb 2020 05:05:57 GMT
server
sffe
age
412943
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
94999
x-xss-protection
0
expires
Wed, 17 Feb 2021 17:33:17 GMT
/
api-js.mixpanel.com/decide/ 		65 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=e7d2894fb113ce2e99d62bcfd0f0a3f0&ip=1&_=1582460140293
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.16.1/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.186.241.51 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.241.186.35.bc.googleusercontent.com
Software
gunicorn/19.9.0 /
Resource Hash
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

Referer
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Origin
https://promo.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 23 Feb 2020 12:15:40 GMT
via
1.1 google
server
gunicorn/19.9.0
access-control-allow-headers
X-Requested-With
status
200
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://promo.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
alt-svc
clear
/
api-js.mixpanel.com/track/ 		1 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/track/?ip=1&_=1582460140296
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.16.1/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.186.241.51 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.241.186.35.bc.googleusercontent.com
Software
envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Origin
https://promo.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 23 Feb 2020 12:15:40 GMT
via
1.1 google
server
envoy
access-control-allow-headers
X-Requested-With
status
200
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://promo.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
alt-svc
clear
content-length
1
712371922135655
connect.facebook.net/signals/config/ 		448 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/712371922135655?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
11993df492c792aea6bdf50758da70ea37ed31bf0d7496b9f7247309e920c087
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
x9g47EPHI7c2I6c+TJ4PUe2L5OupiWnFWRycG6TbLOIbMRjWpWXahT768BkPYWqGgy1GSWTel+ZCEHuDQygjFg==
x-fb-trip-id
420120009
date
Sun, 23 Feb 2020 12:15:40 GMT, Sun, 23 Feb 2020 12:15:40 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=255083304564274&input_token&origin=1&redirect_uri=https%3A%2F%2Fpromo.com%2Fcreate%3Fmode%3Dsearch%26keyword%3Dcook%2520a%2520salad%26sort_order%3Dbest_match%26type%3Dfree&sdk=joey&wants_cookie_data=true
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.16.1/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://promo.com/
Origin
https://promo.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
x-fb-debug
bnSg7TOyDt4tPaEtqqCsmv11cnaDMSXnobpwhQlZxOZ3F/AfhlCbeha78CP1bH5S22ALk+VXDLvYOro5u0t9SA==
fb-s
unknown
status
200
date
Sun, 23 Feb 2020 12:15:40 GMT, Sun, 23 Feb 2020 12:15:40 GMT
strict-transport-security
max-age=15552000; preload
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://promo.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-24=":443"; ma=3600
content-length
0
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ Frame B0A0 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-17257037-7
Requested by
Host: promo.com
URL: https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ae853246332aa2ff73b5fb4584b0f3ce5a24a117f95731e7e789b7f9a4c3ec61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 23 Feb 2020 12:15:40 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28493
x-xss-protection
0
last-modified
Sun, 23 Feb 2020 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 23 Feb 2020 12:15:40 GMT
login-ext-register.scss
ak01-promo-cdn.slidely.com/1582457750/scss/applications/slidesong/ Frame B0A0 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ak01-promo-cdn.slidely.com/1582457750/scss/applications/slidesong/login-ext-register.scss
Requested by
Host: promo.com
URL: https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:11a:190::3272 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
877d7be37d631c517ce23dbf6017ff632c874acfd040dfcdac4b00d5ca3a862d

Request headers

Referer
https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

pragma
public
date
Sun, 23 Feb 2020 12:15:40 GMT
content-encoding
gzip
last-modified
Sun, 23 Feb 2020 12:04:07 GMT
server
nginx/1.10.3 (Ubuntu)
etag
fa0bcd4131ae550629cf86ac4dec25db
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
cache-control
public, max-age=31037382
x-scss-cache
true
content-type
text/css;charset=UTF-8
content-length
4595
expires
Tue, 16 Feb 2021 17:45:22 GMT
css
fonts.googleapis.com/ Frame B0A0 		12 KB
971 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700
Requested by
Host: promo.com
URL: https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af09b9bd74ea15400b5bcd12eaade61868a20163a6ed7cc4f61f884bd921e0a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 23 Feb 2020 12:15:40 GMT
server
ESF
date
Sun, 23 Feb 2020 12:15:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 23 Feb 2020 12:15:40 GMT
loginRegister.bundle.js
ak04-promo-cdn.slidely.com/1582457750/dist/ Frame B0A0 		321 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak04-promo-cdn.slidely.com/1582457750/dist/loginRegister.bundle.js
Requested by
Host: promo.com
URL: https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:11a:190::3272 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
3fb1f231075b5aff00eee9c7c23422c6ae5a5dd5733de4093b1c9ab436e7238e

Request headers

Referer
https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 23 Feb 2020 12:15:40 GMT
content-encoding
gzip
last-modified
Sun, 23 Feb 2020 11:42:26 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-origin
*
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=31535294
accept-ranges
bytes
content-length
102743
expires
Mon, 22 Feb 2021 12:03:54 GMT
analytics.js
www.google-analytics.com/ Frame B0A0 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-17257037-7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
1630
date
Sun, 23 Feb 2020 11:48:30 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Sun, 23 Feb 2020 13:48:30 GMT
mixins
ak01-promo-cdn.slidely.com/1582457750/scss/applications/slidesong/public/scss/ Frame B0A0 		34 B
292 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ak01-promo-cdn.slidely.com/1582457750/scss/applications/slidesong/public/scss/mixins
Requested by
Host: promo.com
URL: https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:11a:190::3272 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
53ef3fef68e52f3a3f42ca5d3331aa79ca7156324a1d02528b814d6bed17e591

Request headers

Referer
https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

pragma
public
date
Sun, 23 Feb 2020 12:15:40 GMT
content-encoding
gzip
last-modified
Sun, 23 Feb 2020 12:04:07 GMT
server
nginx/1.10.3 (Ubuntu)
etag
50974b00b631c83e2d38604c24431cb6
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
cache-control
public, max-age=31345905
content-type
text
content-length
54
expires
Sat, 20 Feb 2021 07:27:25 GMT
functions
ak01-promo-cdn.slidely.com/1582457750/scss/applications/slidesong/public/scss/ Frame B0A0 		34 B
292 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ak01-promo-cdn.slidely.com/1582457750/scss/applications/slidesong/public/scss/functions
Requested by
Host: promo.com
URL: https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:11a:190::3272 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
53ef3fef68e52f3a3f42ca5d3331aa79ca7156324a1d02528b814d6bed17e591

Request headers

Referer
https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

pragma
public
date
Sun, 23 Feb 2020 12:15:40 GMT
content-encoding
gzip
last-modified
Sun, 23 Feb 2020 12:04:07 GMT
server
nginx/1.10.3 (Ubuntu)
etag
8ea40e559842f0f304e15158d131ac79
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
cache-control
public, max-age=31463403
content-type
text
content-length
54
expires
Sun, 21 Feb 2021 16:05:43 GMT
sprites
ak01-promo-cdn.slidely.com/1582457750/scss/applications/slidesong/public/scss/ Frame B0A0 		34 B
291 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ak01-promo-cdn.slidely.com/1582457750/scss/applications/slidesong/public/scss/sprites
Requested by
Host: promo.com
URL: https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:11a:190::3272 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
53ef3fef68e52f3a3f42ca5d3331aa79ca7156324a1d02528b814d6bed17e591

Request headers

Referer
https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

pragma
public
date
Sun, 23 Feb 2020 12:15:40 GMT
content-encoding
gzip
last-modified
Sun, 23 Feb 2020 12:04:07 GMT
server
nginx/1.10.3 (Ubuntu)
etag
502f2ab0021a83efa13f3a8e0fc85105
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
cache-control
public, max-age=31142332
content-type
text
content-length
54
expires
Wed, 17 Feb 2021 22:54:32 GMT
colors-mobile
ak01-promo-cdn.slidely.com/1582457750/scss/applications/slidesong/public/scss/ Frame B0A0 		34 B
291 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ak01-promo-cdn.slidely.com/1582457750/scss/applications/slidesong/public/scss/colors-mobile
Requested by
Host: promo.com
URL: https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:11a:190::3272 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
53ef3fef68e52f3a3f42ca5d3331aa79ca7156324a1d02528b814d6bed17e591

Request headers

Referer
https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

pragma
public
date
Sun, 23 Feb 2020 12:15:40 GMT
content-encoding
gzip
last-modified
Sun, 23 Feb 2020 12:04:07 GMT
server
nginx/1.10.3 (Ubuntu)
etag
2722d5ece092745170f3be2d1b480120
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
cache-control
public, max-age=31084954
content-type
text
content-length
54
expires
Wed, 17 Feb 2021 06:58:14 GMT
fonts-mobile
ak01-promo-cdn.slidely.com/1582457750/scss/applications/slidesong/public/scss/ Frame B0A0 		34 B
292 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ak01-promo-cdn.slidely.com/1582457750/scss/applications/slidesong/public/scss/fonts-mobile
Requested by
Host: promo.com
URL: https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:11a:190::3272 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
53ef3fef68e52f3a3f42ca5d3331aa79ca7156324a1d02528b814d6bed17e591

Request headers

Referer
https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

pragma
public
date
Sun, 23 Feb 2020 12:15:40 GMT
content-encoding
gzip
last-modified
Sun, 23 Feb 2020 12:04:07 GMT
server
nginx/1.10.3 (Ubuntu)
etag
3a949eb9d699d9b3602a842808489c09
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
cache-control
public, max-age=31392063
content-type
text
content-length
54
expires
Sat, 20 Feb 2021 20:16:43 GMT
ga-audiences
www.google.de/ads/ Frame B0A0
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=321327797&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.com%2Fregister%3Fdisplay%3Dpopup%26client_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3D...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-17257037-7&cid=438429201.1582460141&jid=946965984&_gid=1399199603.1582460141&gjid=82834015&_v=j81&z=1180679210
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17257037-7&cid=438429201.1582460141&jid=946965984&_v=j81&z=1180679210
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17257037-7&cid=438429201.1582460141&jid=946965984&_v=j81&z=1180679210&slf_rd=1&random=1866438632
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17257037-7&cid=438429201.1582460141&jid=946965984&_v=j81&z=1180679210&slf_rd=1&random=1866438632
Requested by
Host: promo.com
URL: https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Feb 2020 12:15:40 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Feb 2020 12:15:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17257037-7&cid=438429201.1582460141&jid=946965984&_v=j81&z=1180679210&slf_rd=1&random=1866438632
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ Frame B0A0 		72 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: ak04-promo-cdn.slidely.com
URL: https://ak04-promo-cdn.slidely.com/1582457750/dist/loginRegister.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1901:0:bc29:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
51b93d3a0f08a7a996cd669bae8b086be6a590d49f18406716c495f8f339a5aa

Request headers

Referer
https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 23 Feb 2020 11:40:11 GMT
content-encoding
gzip
age
2129
status
200
x-guploader-uploadid
AEnB2UpgFj5VKBvl1sak5TxgfSDIfEROf9gsTBg24Kej9W7yN1NcWSMdOJBK0Jm16ZOnJqJP5CNu6abaDNayoMsDbScR-HNXeA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
24310
last-modified
Wed, 05 Feb 2020 00:17:19 GMT
server
UploadServer
etag
"77f71aec224927ea65e55fb94c97632f"
vary
Accept-Encoding
x-goog-hash
crc32c=d/v9hw==, md5=d/ca7CJJJ+pl5V+5TJdjLw==
content-language
en
access-control-allow-origin
*
x-goog-generation
1580861839915277
cache-control
public,max-age=86400
x-goog-stored-content-length
24310
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 24 Feb 2020 11:40:11 GMT
sdk.js
connect.facebook.net/en_US/ Frame B0A0 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: ak04-promo-cdn.slidely.com
URL: https://ak04-promo-cdn.slidely.com/1582457750/dist/loginRegister.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2be5a786f602cfed77db4af94eb9a1776029df03ac217567000828bd3af0e4e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
6L1k5/7CLSz1qdu86UIgOA==
status
200
date
Sun, 23 Feb 2020 12:15:40 GMT, Sun, 23 Feb 2020 12:15:40 GMT
expires
Sun, 23 Feb 2020 12:33:58 GMT
alt-svc
h3-24=":443"; ma=3600
content-length
1777
x-fb-debug
SYij+3nyZ9mQgh2NZA8oiuiKcrQIJAcc9t6kB3EUFGj0jhRqEuA2cw4cV99SB09N3YOytJv4CLTdpmiJxpbfUA==
x-fb-trip-id
420120009
x-fb-content-md5
8018d792ed37a4ae1c5aa9aa76d7644d
etag
"d9ee619807a1fa61afe21b59713fdc1f"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
fbevents.js
connect.facebook.net/en_US/ Frame B0A0 		126 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ak04-promo-cdn.slidely.com
URL: https://ak04-promo-cdn.slidely.com/1582457750/dist/loginRegister.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
PPbsqzG1rLpHeH2m0V2W9jRuZex3uClNuVVOHogrCNZTTobLftYg6S3ySYumRQRJYnb6fsfQOtv4UlXwCAMq+Q==
x-fb-trip-id
420120009
date
Sun, 23 Feb 2020 12:15:40 GMT, Sun, 23 Feb 2020 12:15:40 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
grey.gif
ak04-promo-cdn.slidely.com/images/ Frame B0A0 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ak04-promo-cdn.slidely.com/images/grey.gif
Requested by
Host: promo.com
URL: https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:11a:190::3272 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
902feb64d8b6d481ab8ddda06fbebbba4c95dfa9b7936a7beeb197266cd8b846

Request headers

Referer
https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 23 Feb 2020 12:15:40 GMT
last-modified
Mon, 10 Feb 2020 12:27:04 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5e414c18-2b"
content-type
image/gif
status
200
cache-control
max-age=30465173
accept-ranges
bytes
content-length
43
expires
Wed, 10 Feb 2021 02:48:33 GMT
Black-Foundry-Wes-FY-Medium.ttf
ak01-promo-cdn.slidely.com/1582457750/fonts/wes-fy/ Frame B0A0 		87 KB
87 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ak01-promo-cdn.slidely.com/1582457750/fonts/wes-fy/Black-Foundry-Wes-FY-Medium.ttf
Requested by
Host: promo.com
URL: https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:11a:190::3272 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
5f7cef2df37f752a57f1d883c342d300ccbb3d5dfe758c5ae7f13d9dd7d19457

Request headers

Referer
https://ak01-promo-cdn.slidely.com/1582457750/scss/applications/slidesong/login-ext-register.scss
Origin
https://promo.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 23 Feb 2020 12:15:40 GMT
last-modified
Sun, 23 Feb 2020 11:36:55 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-origin
*
content-type
application/octet-stream
status
200
cache-control
public, max-age=31556901
accept-ranges
bytes
content-length
89028
expires
Mon, 22 Feb 2021 18:04:01 GMT
logo_w2.svg
ak01-promo-cdn.slidely.com/images/promoVideos/ Frame B0A0 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ak01-promo-cdn.slidely.com/images/promoVideos/logo_w2.svg
Requested by
Host: promo.com
URL: https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:11a:190::3272 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
5a124b6e29e0a373cf9adec6a50dc96741aad09e9bd26caaf50f25621eb1788c

Request headers

Referer
https://ak01-promo-cdn.slidely.com/1582457750/scss/applications/slidesong/login-ext-register.scss
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 23 Feb 2020 12:15:40 GMT
content-encoding
gzip
last-modified
Mon, 10 Feb 2020 12:27:04 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-origin
*
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=30465194
accept-ranges
bytes
content-length
2807
expires
Wed, 10 Feb 2021 02:48:54 GMT
Black-Foundry-Wes-FY-Regular.ttf
ak01-promo-cdn.slidely.com/1582457750/fonts/wes-fy/ Frame B0A0 		96 KB
96 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ak01-promo-cdn.slidely.com/1582457750/fonts/wes-fy/Black-Foundry-Wes-FY-Regular.ttf
Requested by
Host: promo.com
URL: https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:11a:190::3272 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
896faeed883c92f039329aacdec4abf6dd60752b10ee18af10262985bba2862b

Request headers

Referer
https://ak01-promo-cdn.slidely.com/1582457750/scss/applications/slidesong/login-ext-register.scss
Origin
https://promo.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 23 Feb 2020 12:15:40 GMT
last-modified
Sun, 23 Feb 2020 11:36:55 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-origin
*
content-type
application/octet-stream
status
200
cache-control
public, max-age=31556872
accept-ranges
bytes
content-length
97864
expires
Mon, 22 Feb 2021 18:03:32 GMT
icomoon.woff
ak01-promo-cdn.slidely.com/1582457750/fonts/all-icons/ Frame B0A0 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ak01-promo-cdn.slidely.com/1582457750/fonts/all-icons/icomoon.woff?mjyjy6
Requested by
Host: promo.com
URL: https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:11a:190::3272 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
0ca9686406a0d797d071f4e251a2e9fb7d17e594e0a922c6cc4c4c362d2b4c15

Request headers

Referer
https://ak01-promo-cdn.slidely.com/1582457750/scss/applications/slidesong/login-ext-register.scss
Origin
https://promo.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 23 Feb 2020 12:15:40 GMT
last-modified
Sun, 23 Feb 2020 11:36:55 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-origin
*
content-type
application/font-woff
status
200
cache-control
public, max-age=31556918
accept-ranges
bytes
content-length
33636
expires
Mon, 22 Feb 2021 18:04:18 GMT
sdk.js
connect.facebook.net/en_US/ Frame B0A0 		194 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=5996ab0efcd6720b6adeea1b3e6806ec&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
94c9d259d672eec9df74d7eec99b2ef0dc5f6405ed70441a35877671e198ebc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
Origin
https://promo.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
tgkTJm5N39xBwwhiv1qdpw==
status
200
date
Sun, 23 Feb 2020 12:15:40 GMT, Sun, 23 Feb 2020 12:15:40 GMT
expires
Mon, 22 Feb 2021 11:09:08 GMT
alt-svc
h3-24=":443"; ma=3600
content-length
59650
x-fb-debug
E3aWnDe/MEkDgPJLmYi21+fEPvqZkGrBA8wIYroNjhyZZ2gNOf11XgL1kqtt8v5sKmnQ1xHdtjRUs6rOS63wfw==
x-fb-trip-id
420120009
x-fb-content-md5
406d5299bbb3f9d94e8eb47842d8622e
etag
"6cdb5a3a1423db9c3deec2f26af4577b"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
/
api-js.mixpanel.com/decide/ Frame B0A0 		65 B
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=e7d2894fb113ce2e99d62bcfd0f0a3f0&ip=1&_=1582460140648
Requested by
Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.186.241.51 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.241.186.35.bc.googleusercontent.com
Software
gunicorn/19.9.0 /
Resource Hash
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

Referer
https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
Origin
https://promo.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 23 Feb 2020 12:15:40 GMT
via
1.1 google
server
gunicorn/19.9.0
access-control-allow-headers
X-Requested-With
status
200
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://promo.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
alt-svc
clear
/
api-js.mixpanel.com/track/ Frame B0A0 		1 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/track/?ip=1&_=1582460140649
Requested by
Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.186.241.51 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.241.186.35.bc.googleusercontent.com
Software
envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer
https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
Origin
https://promo.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 23 Feb 2020 12:15:40 GMT
via
1.1 google
server
envoy
access-control-allow-headers
X-Requested-With
status
200
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://promo.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
alt-svc
clear
content-length
1
712371922135655
connect.facebook.net/signals/config/ Frame B0A0 		448 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/712371922135655?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
11993df492c792aea6bdf50758da70ea37ed31bf0d7496b9f7247309e920c087
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://promo.com/register?display=popup&client_id=urxv8d28amfectar7vftir0z00xtvzn3bp&state=wWneEG9gANTscB4NNi0ddxETg69EXPPt&response_type=token&oauth=true&email=&ref=%2Foauth%2Fuser%2Fauthorize%3Fclient_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
115282
x-xss-protection
0
pragma
public
x-fb-debug
x9g47EPHI7c2I6c+TJ4PUe2L5OupiWnFWRycG6TbLOIbMRjWpWXahT768BkPYWqGgy1GSWTel+ZCEHuDQygjFg==
x-fb-trip-id
420120009
date
Sun, 23 Feb 2020 12:15:40 GMT, Sun, 23 Feb 2020 12:15:40 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
status
www.facebook.com/x/oauth/ Frame B0A0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fpromo.com&client_id=255083304564274&input_token&origin=1&redirect_uri=https%3A%2F%2Fpromo.com%2Fregister%3Fdisplay%3Dpopup%26client_id%3Durxv8d28amfectar7vftir0z00xtvzn3bp%26state%3DwWneEG9gANTscB4NNi0ddxETg69EXPPt%26response_type%3Dtoken%26oauth%3Dtrue%26email%3D%26ref%3D%252Foauth%252Fuser%252Fauthorize%253Fclient_id%253Durxv8d28amfectar7vftir0z00xtvzn3bp%2526state%253DwWneEG9gANTscB4NNi0ddxETg69EXPPt%2526response_type%253Dtoken%2526oauth%253Dtrue%2526email%253D&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=5996ab0efcd6720b6adeea1b3e6806ec&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://promo.com/
Origin
https://promo.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
x-fb-debug
2ZVMWm83/r2ioEf9/4RJ24FtQXPrG8FMeadMORsKBiOkH3NeG5skMQl+HcIXhFALGWs61LbfAXa6rO/kR5Pf8A==
fb-s
unknown
status
200
date
Sun, 23 Feb 2020 12:15:40 GMT, Sun, 23 Feb 2020 12:15:40 GMT
strict-transport-security
max-age=15552000; preload
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://promo.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-24=":443"; ma=3600
content-length
0
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
check-payment-error
promo.com/data/billing/ 		2 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://promo.com/data/billing/check-payment-error
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.16.1/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.229.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-229-2.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
Origin
https://promo.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Feb 2020 12:15:40 GMT
Content-Encoding
gzip
Server
nginx/1.10.3 (Ubuntu)
P3p
CP="CAO PSA OUR"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
22
Expires
Thu, 19 Nov 1981 08:52:00 GMT
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/van22wlo
  • https://js.intercomcdn.com/shim.latest.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-38.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a47940fea97559a5b7fedb5e5863155139c38aee916d5dde778b3380c2a6085

Request headers

Referer
https://promo.com/create?mode=search&keyword=cook%20a%20salad&sort_order=best_match&type=free
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 23 Feb 2020 12:14:01 GMT
content-encoding
gzip
age
101
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
2872
last-modified
Fri, 21 Feb 2020 15:40:34 GMT
server
AmazonS3
etag
"76a4b63bf94006bb7299e56c55386618"
content-type
application/javascript; charset=UTF-8
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f7.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
bvf9keKGnJCWKKP4UimqtukCKFTew8-zL5hXIVrER96oJpnkH5-A4g==

Redirect headers

date
Fri, 21 Feb 2020 19:12:14 GMT
via
1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
server
AmazonS3
age
147807
location
https://js.intercomcdn.com/shim.latest.js
x-cache
Hit from cloudfront
status
302
x-amz-cf-pop
FRA53-C1
content-length
0
x-amz-cf-id
J5Xrh_TjnBdThRZyTP8znwKzPqmto9X8NhmQ7U_Bk5zgS8pJijt77g==
frame-modern.3e18b733.js
js.intercomcdn.com/ Frame 92BB 		261 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.3e18b733.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-38.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
352957ca5af284f47e90f5975473ce9c809cfbeaa0c7ed81f09639a53335ed26

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 23 Feb 2020 10:40:39 GMT
content-encoding
gzip
age
5760
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
74492
last-modified
Fri, 21 Feb 2020 15:29:00 GMT
server
AmazonS3
etag
"fe1a0baebbd1d24822e03b4a983b5bb4"
content-type
application/javascript; charset=UTF-8
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f7.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
Yi3y6m2Q25K0FRoBKb06bNsEoE_pPujCpUdffSYVFpkud5l-BKsqzA==
vendor-modern.9e5e6b6d.js
js.intercomcdn.com/ Frame 92BB 		413 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.9e5e6b6d.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-38.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
55176e8628123550ce4c4c7aea39900a99d20df008f20f930afb5300409bb11b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 23 Feb 2020 11:58:26 GMT
content-encoding
gzip
age
1069
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
128387
last-modified
Fri, 21 Feb 2020 11:29:43 GMT
server
AmazonS3
etag
"d955c5749fdc3420c4958805d25bc986"
content-type
application/javascript; charset=UTF-8
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f7.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
W97GSUEZF2ybhoxkxJL-7GW2w306TfUmD-VY6c9DPckiIQwr0fmnxg==
ping
api-iam.intercom.io/messenger/web/ Frame 92BB 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.3e18b733.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.219.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad8b87a22ce463223.awsglobalaccelerator.com
Software
nginx /
Resource Hash
64420573687741aee3bdc4066c890f621e961c6fffabbc95e6c965e8a9e4e49f
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://promo.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 23 Feb 2020 12:15:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
strict-transport-security
max-age=31556952; includeSubDomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
0002oin3g7qljfgkeou0
x-runtime
0.625026
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"64420573687741aee3bdc4066c890f62"
x-ratelimit-remaining
1955
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://promo.com
x-intercom-version
61f9119f3ef2fa088c379244714504ed43b580a9
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1582460160
x-ratelimit-limit
2000
access-control-allow-headers
Content-Type

Verdicts & Comments Add Verdict or Comment

140 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate boolean| localStorageCookiePolicyAccepted boolean| isReportingDisabledByGdpr object| Raven undefined| gtag boolean| ga-disable-UA-17257037-18 boolean| ga-disable-AW-854643498 boolean| ga-disable-AW-854658101 undefined| dataSendingTimer undefined| tryPushingDataTimer undefined| _vis_data undefined| _vwo_code function| getBrowser function| isFacebookBrowser object| browser boolean| noSupportRedirection boolean| isRetainEnabled string| retainApiKey object| require object| ezSession object| slidelySdk function| backToClassicEditor function| triggerLogin function| headerGetCookie function| headerSetCookie function| isLocalStorageEnabled function| saveAffiliateReportData function| getAffiliateReportData function| getAffiliateReportDataFromUrl function| toggleOpaqueHeader string| homeAddress boolean| reportToIntercomOnLogin function| onlogin function| logout function| loggedStateChange object| intercomSettings object| mixpanelPeopleSettings function| getPaymentErrors function| Intercom object| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| Backbone object| ezReportsQueue object| mixpanel function| fbAsyncInit object| _fbds object| _fbq function| fbq object| tw object| uetq object| ezAuth object| SystemInstance object| _gsQueue object| platform object| store function| recpatchaOnLoad boolean| recaptchaLoaded object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| CSSPlugin function| TimelineLite function| TimelineMax function| BezierPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| ExpoScaleEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| addResizeListener function| removeResizeListener function| HowlerGlobal object| Howler function| Howl function| Sound function| tinycolor function| Mousetrap object| WebuiPopovers function| _ function| postClips function| getPhotoClips object| Create function| twq object| growsumo object| FB object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| recaptcha object| twttr number| __INTERCOM_MESSENGER_INIT_TIME__

8 Cookies

Domain/Path Name / Value
.promo.com/ Name: mp_e7d2894fb113ce2e99d62bcfd0f0a3f0_mixpanel
Value: %7B%22distinct_id%22%3A%20%2217071f97b018dc-03f0f238f07e5c-37647e03-1d4c00-17071f97b0299e%22%2C%22%24device_id%22%3A%20%2217071f97b018dc-03f0f238f07e5c-37647e03-1d4c00-17071f97b0299e%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.promo.com/ Name: _gid
Value: GA1.2.1399199603.1582460141
.promo.com/ Name: _ga
Value: GA1.2.438429201.1582460141
promo.com/ Name: ezRI
Value: %7B%22source%22%3A%22organicdirect%22%2C%22lang%22%3A%22en%22%7D
.promo.com/ Name: tid
Value: 60220210
.promo.com/ Name: _gat_gtag_UA_17257037_7
Value: 1
promo.com/ Name: urn
Value: 68
promo.com/ Name: EZSESSID
Value: k1d8i977ttmk5ja74g3vljibgt

2 Console Messages

Source Level URL
Text
console-api warning URL: https://cdn.ravenjs.com/3.16.1/raven.min.js(Line 2)
Message:
[Facebook Pixel] - Multiple pixels with conflicting versions were detected on this page.
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
[Facebook Pixel] - Multiple pixels with conflicting versions were detected on this page.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ak01-promo-cdn.slidely.com
ak02-promo-cdn.slidely.com
ak04-promo-cdn.slidely.com
api-iam.intercom.io
api-js.mixpanel.com
cdn.mxpnl.com
cdn.ravenjs.com
connect.facebook.net
fonts.googleapis.com
grsm.io
js.intercomcdn.com
promo.com
snippet.growsumo.com
static.ads-twitter.com
stats.g.doubleclick.net
widget.intercom.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
107.22.229.2
130.211.33.203
143.204.202.3
143.204.202.38
143.204.202.65
151.101.112.157
2600:1901:0:bc29::
2a00:1450:4001:800::2008
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:821::200a
2a00:1450:4001:825::200e
2a00:1450:400c:c0a::9d
2a02:26f0:11a:190::3272
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:600::729
35.186.241.51
99.83.219.81
04076e330279f5f08ba3a63e4d92162eb27ecd940c506cb8050f85240f16acbb
0a47940fea97559a5b7fedb5e5863155139c38aee916d5dde778b3380c2a6085
0c5371490d5544f9d17b997fe6ac0c859b89df29fbf84afeaea484ddbc18e8f8
0ca9686406a0d797d071f4e251a2e9fb7d17e594e0a922c6cc4c4c362d2b4c15
0f77660e06a5f61a45c4dbdab511722357cf29e7f5ba1b2cf097550afdb0ed20
11993df492c792aea6bdf50758da70ea37ed31bf0d7496b9f7247309e920c087
2b80fbe521e07e4e84eb52e707b364c3e6c05c57e483276dc4b3be93a9794ba9
2be5a786f602cfed77db4af94eb9a1776029df03ac217567000828bd3af0e4e9
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
327358936ae1faca746b38258cde21f2574d062dc6f939a8b9fcfa8e2adfc9ee
352957ca5af284f47e90f5975473ce9c809cfbeaa0c7ed81f09639a53335ed26
3fb1f231075b5aff00eee9c7c23422c6ae5a5dd5733de4093b1c9ab436e7238e
443e0a429443e5f77a0bd31cfd8339a08bdcd932d9c376c7dd423c32cb697887
4548fa8e9c908c9c68bf27038f295601892358c27ff3fc579bc6c46e4050b918
495a890e80ef117a67c6870361f457abee5301a4c21c45553476b6936992595b
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
51b93d3a0f08a7a996cd669bae8b086be6a590d49f18406716c495f8f339a5aa
53ef3fef68e52f3a3f42ca5d3331aa79ca7156324a1d02528b814d6bed17e591
55176e8628123550ce4c4c7aea39900a99d20df008f20f930afb5300409bb11b
5a124b6e29e0a373cf9adec6a50dc96741aad09e9bd26caaf50f25621eb1788c
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5f7cef2df37f752a57f1d883c342d300ccbb3d5dfe758c5ae7f13d9dd7d19457
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
6120081e1022244bc17dde0b0b7c705147e7b5bbcf68b76c38f95d1010c10ca3
64420573687741aee3bdc4066c890f621e961c6fffabbc95e6c965e8a9e4e49f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f48ae3a1bcf7a513d348336b094dd9b3997beb7c4d700bc9bc5240b06a45df9
7329650e1ce54258b2aeb57ceb15447f15cac581870fa55aa949655637c1be1b
78cdf14650838d1324b9b0023069cfa54bcd2f6a47fb88c6ea57f41cc01b554d
81a10f4e61dfbe306c461e05d3986da7638f63f5fb11072cdbdeface85c3c100
877d7be37d631c517ce23dbf6017ff632c874acfd040dfcdac4b00d5ca3a862d
896faeed883c92f039329aacdec4abf6dd60752b10ee18af10262985bba2862b
8a936a09a86188b00bff1257b55151323b95d58d89b1c7290c8f218d592219ad
902feb64d8b6d481ab8ddda06fbebbba4c95dfa9b7936a7beeb197266cd8b846
94c9d259d672eec9df74d7eec99b2ef0dc5f6405ed70441a35877671e198ebc1
982a7df12faf54fd0e70c95b2de2b646e5cfbec8e85abc95b5a5fa50e7f30476
9e595822c1835f48278902ad6e937a1139c7292bc78e90983c81d6f86f80dd0a
a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405
ac70434607d29196fde4a7049e39c5db00a184114daaa4c61776d1217b1f7e31
ae853246332aa2ff73b5fb4584b0f3ce5a24a117f95731e7e789b7f9a4c3ec61
af09b9bd74ea15400b5bcd12eaade61868a20163a6ed7cc4f61f884bd921e0a3
b49cdd80f5c7ff7478698fadf83f24a8ef09aecbd5a77d8bf8f3d4dd37f5f28d
ba9a378a7d3f8d216aea38a292a0310591e322f104690110de8936afc2416007
bfa04d008fb6554d9305620c1b1a3446d075c6c4bff73cb381d25417dd291a8f
ce1bfb2d7662b9e570508db426d50e5bd2964af80131ccfa705fffc6c4397b62
d97baf01955ff48b9b4ef81767c04fdd51f788719b1749cba12ec357da5dc493
ddbbcb8d17ed65b8835bc01d4e46bd218f40acb42d0c96b12d71886ebe5e14d8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef27ea408ac2e91a7b987a439ef12b3cc74c1ede04175af97139a5b1a1ee94d3