urlscan.io logo urlscan.io
SecurityTrails logo

www.marcopromos.com Open in urlscan Pro
2606:4700:10::ac43:106d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://d15n7r04.na1.hubspotlinks.com/Btc/DN+113/d15N7r04/VVPYzY6QNdqSW3zPSR55JrmhHW178YCN4x2RQ_N1h3yrL3q90JV1-WJV7CgVWVW7YB0FD34MjSLW...
Effective URL: https://www.marcopromos.com/info/promo-pack-ship-service?code=E0921-04&utm_campaign=Content%202021&utm_medium=email&_hsmi=15...
Submission: On September 07 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 3 countries across 22 domains to perform 62 HTTP transactions. The main IP is 2606:4700:10::ac43:106d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.marcopromos.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 28th 2021. Valid for: a year.
This is the only time www.marcopromos.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
17 2600:9000:223... 16509 (AMAZON-02)
5 2600:9000:218... 16509 (AMAZON-02)
1 13.226.155.68 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.12.233 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 142.250.185.194 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 151.101.192.233 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.66.97.49 16509 (AMAZON-02)
1 74.121.50.17 19795 (ACOUSTIC-...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.66.112.6 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.66.112.30 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
1 2a00:1450:400... 15169 (GOOGLE)
62 28
2    2606:4700::6812:1e69 (United States)

ASN13335 (CLOUDFLARENET, US)
d15n7r04.na1.hubspotlinks.com
3    2606:4700:10::ac43:106d (United States)

ASN13335 (CLOUDFLARENET, US)
www.marcopromos.com
17    2600:9000:223f:cc00:8:4e36:8300:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.marcopromos.com
5    2600:9000:2182:8400:1b:9315:9980:21 (United States)

ASN16509 (AMAZON-02, US)
dki9zok8ilpi.cloudfront.net
1    13.226.155.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-68.dus51.r.cloudfront.net
www.sc.pages03.net
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    151.101.12.233 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
td.yieldify.com
1    2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
www.googleadservices.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    151.101.192.233 (United States)

ASN54113 (FASTLY, US)
custom.yieldify.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
static.hotjar.com
1    74.121.50.17 (United States)

ASN19795 (ACOUSTIC-ATL-01, US)
PTR: pages03.net
www.pages03.net
1    2606:4700::6811:80ab (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
3    2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:46b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    18.66.112.6 (United States)

ASN16509 (AMAZON-02, US)
script.hotjar.com
1    2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
1    18.66.112.30 (United States)

ASN16509 (AMAZON-02, US)
vars.hotjar.com
1    2606:4700::6810:5605 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
4    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
1    2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Domain Requested by
17 cdn.marcopromos.com www.marcopromos.com
cdn.marcopromos.com
5 dki9zok8ilpi.cloudfront.net www.marcopromos.com
cdn.marcopromos.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 js.hs-banner.com js.hs-scripts.com
js.hs-banner.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
3 www.marcopromos.com d15n7r04.na1.hubspotlinks.com
www.marcopromos.com
2 s.yimg.com d15n7r04.na1.hubspotlinks.com
s.yimg.com
2 www.google.de www.marcopromos.com
2 www.google.com www.marcopromos.com
2 www.facebook.com www.marcopromos.com
connect.facebook.net
2 connect.facebook.net d15n7r04.na1.hubspotlinks.com
connect.facebook.net
2 d15n7r04.na1.hubspotlinks.com 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 forms.hsforms.com
1 vars.hotjar.com static.hotjar.com
1 track.hubspot.com
1 script.hotjar.com static.hotjar.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hscollectedforms.net js.hs-scripts.com
1 www.pages03.net
1 static.hotjar.com d15n7r04.na1.hubspotlinks.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 custom.yieldify.com td.yieldify.com
1 www.googleadservices.com www.googletagmanager.com
1 js.hs-scripts.com www.marcopromos.com
1 td.yieldify.com d15n7r04.na1.hubspotlinks.com
1 www.googletagmanager.com d15n7r04.na1.hubspotlinks.com
1 www.sc.pages03.net www.marcopromos.com
62 28

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
shop.marcopromos.com
Subject Issuer Validity Valid
hubspotlinks.com
Cloudflare Inc ECC CA-3		 2021-06-17 -
2022-06-16		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-28 -
2022-06-27		 a year crt.sh
*.marcopromos.com
Sectigo RSA Domain Validation Secure Server CA		 2021-01-14 -
2022-02-13		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.silverpop.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-25 -
2022-07-26		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.yieldify.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-07-06 -
2022-01-06		 6 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-20 -
2021-10-18		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2021-06-26 -
2022-06-25		 a year crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-09-06 -
2021-10-27		 2 months crt.sh

This page contains 2 frames:

Primary Page: https://www.marcopromos.com/info/promo-pack-ship-service?code=E0921-04&utm_campaign=Content%202021&utm_medium=email&_hsmi=155544580&_hsenc=p2ANqtz-8Pn73pXJdNppgJhRvCX8zHvRV9HesClkJ6npzL46_OHNczDTJZKx-uE350DVx_3sS3SwpiNCsNCJjKg2mgLiMjal4LHYuPhYAGsph0dSvDYptpWq0&utm_content=155544580&utm_source=hs_email
Frame ID: 36EEE4FEECE94EB5D2949C6638D831E0
Requests: 60 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 8132FA1F6361A08D59EC00A99F7CE6CD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Drop Ship Promotional Items | MARCO Promosâ„¢

Page URL History Show full URLs

  1. https://d15n7r04.na1.hubspotlinks.com/Btc/DN+113/d15N7r04/VVPYzY6QNdqSW3zPSR55JrmhHW178YCN4x2RQ_N1h3yrL3q90JV1-WJV... Page URL
  2. https://d15n7r04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/DN+113/d15N7r04/VVPYzY6QNdqSW3zPSR55JrmhHW... HTTP 307
    https://www.marcopromos.com/info/promo-pack-ship-service?code=E0921-04&utm_campaign=Content%202021&utm_m... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

62
Requests

100 %
HTTPS

71 %
IPv6

22
Domains

28
Subdomains

28
IPs

3
Countries

1123 kB
Transfer

3943 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://d15n7r04.na1.hubspotlinks.com/Btc/DN+113/d15N7r04/VVPYzY6QNdqSW3zPSR55JrmhHW178YCN4x2RQ_N1h3yrL3q90JV1-WJV7CgVWVW7YB0FD34MjSLW4chHr_700-BWW4Gdcpz5VkZkjW75JCJb8HH-PbN8LK4Y7bQSCNVl1BWp6KCqPrW4q6nry2mx4xkN2CWBbPsm-M9W5rcxlN2Zk1qlW3pVS7S56JJ7_W2KXRzF5kC1gkW8WqBTL7PKMdqW1sqnZZ4qhG1cW7PSqPT5jMNb6W31jvhm4t_WbzW6dhdRw2FPl59N7r9VfZm_LJhW4NgCrc4DWWk7W5c7YrC7CymYcW8T4_4D7_zsN8W6z1fZ91MKYZlVSTWn069CWwJW5RQX352ty07xVvMbx831rhvbW5g7NVZ3rMGCXN6QsMSVrn9sZN7khnL431qj-V9pdzf5zpspJ3fWy1 Page URL
  2. https://d15n7r04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/DN+113/d15N7r04/VVPYzY6QNdqSW3zPSR55JrmhHW178YCN4x2RQ_N1h3yrL3q90JV1-WJV7CgVWVW7YB0FD34MjSLW4chHr_700-BWW4Gdcpz5VkZkjW75JCJb8HH-PbN8LK4Y7bQSCNVl1BWp6KCqPrW4q6nry2mx4xkN2CWBbPsm-M9W5rcxlN2Zk1qlW3pVS7S56JJ7_W2KXRzF5kC1gkW8WqBTL7PKMdqW1sqnZZ4qhG1cW7PSqPT5jMNb6W31jvhm4t_WbzW6dhdRw2FPl59N7r9VfZm_LJhW4NgCrc4DWWk7W5c7YrC7CymYcW8T4_4D7_zsN8W6z1fZ91MKYZlVSTWn069CWwJW5RQX352ty07xVvMbx831rhvbW5g7NVZ3rMGCXN6QsMSVrn9sZN7khnL431qj-V9pdzf5zpspJ3fWy1?_ud=b824b819-c892-48bf-b410-11d9976cab47&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
    https://www.marcopromos.com/info/promo-pack-ship-service?code=E0921-04&utm_campaign=Content%202021&utm_medium=email&_hsmi=155544580&_hsenc=p2ANqtz-8Pn73pXJdNppgJhRvCX8zHvRV9HesClkJ6npzL46_OHNczDTJZKx-uE350DVx_3sS3SwpiNCsNCJjKg2mgLiMjal4LHYuPhYAGsph0dSvDYptpWq0&utm_content=155544580&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

62 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VVPYzY6QNdqSW3zPSR55JrmhHW178YCN4x2RQ_N1h3yrL3q90JV1-WJV7CgVWVW7YB0FD34MjSLW4chHr_700-BWW4Gdcpz5VkZkjW75JCJb8HH-PbN8LK4Y7bQSCNVl1BWp6KCqPrW4q6nry2mx4xkN2CWBbPsm-M9W5rcxlN2Zk1qlW3pVS7S56JJ7_W2KXRzF5...
d15n7r04.na1.hubspotlinks.com/Btc/DN+113/d15N7r04/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d15n7r04.na1.hubspotlinks.com/Btc/DN+113/d15N7r04/VVPYzY6QNdqSW3zPSR55JrmhHW178YCN4x2RQ_N1h3yrL3q90JV1-WJV7CgVWVW7YB0FD34MjSLW4chHr_700-BWW4Gdcpz5VkZkjW75JCJb8HH-PbN8LK4Y7bQSCNVl1BWp6KCqPrW4q6nry2mx4xkN2CWBbPsm-M9W5rcxlN2Zk1qlW3pVS7S56JJ7_W2KXRzF5kC1gkW8WqBTL7PKMdqW1sqnZZ4qhG1cW7PSqPT5jMNb6W31jvhm4t_WbzW6dhdRw2FPl59N7r9VfZm_LJhW4NgCrc4DWWk7W5c7YrC7CymYcW8T4_4D7_zsN8W6z1fZ91MKYZlVSTWn069CWwJW5RQX352ty07xVvMbx831rhvbW5g7NVZ3rMGCXN6QsMSVrn9sZN7khnL431qj-V9pdzf5zpspJ3fWy1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
d15n7r04.na1.hubspotlinks.com
:scheme
https
:path
/Btc/DN+113/d15N7r04/VVPYzY6QNdqSW3zPSR55JrmhHW178YCN4x2RQ_N1h3yrL3q90JV1-WJV7CgVWVW7YB0FD34MjSLW4chHr_700-BWW4Gdcpz5VkZkjW75JCJb8HH-PbN8LK4Y7bQSCNVl1BWp6KCqPrW4q6nry2mx4xkN2CWBbPsm-M9W5rcxlN2Zk1qlW3pVS7S56JJ7_W2KXRzF5kC1gkW8WqBTL7PKMdqW1sqnZZ4qhG1cW7PSqPT5jMNb6W31jvhm4t_WbzW6dhdRw2FPl59N7r9VfZm_LJhW4NgCrc4DWWk7W5c7YrC7CymYcW8T4_4D7_zsN8W6z1fZ91MKYZlVSTWn069CWwJW5RQX352ty07xVvMbx831rhvbW5g7NVZ3rMGCXN6QsMSVrn9sZN7khnL431qj-V9pdzf5zpspJ3fWy1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 02:49:42 GMT
content-type
text/html;charset=utf-8
x-robots-tag
none
referrer-policy
no-referrer
vary
Accept-Encoding
x-hubspot-correlation-id
d2284cd3-c08e-44e5-bcd2-1a926aba7b98
access-control-allow-credentials
false
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
68aca0144f0a5363-FRA
content-encoding
br
Primary Request promo-pack-ship-service
www.marcopromos.com/info/
Redirect Chain
  • https://d15n7r04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/DN+113/d15N7r04/VVPYzY6QNdqSW3zPSR55JrmhHW178YCN4x2RQ_N1h3yrL3q90JV1-WJV7CgVWVW7YB0FD34MjSLW4chHr_700-BWW4Gdcpz5VkZkjW75JCJb8...
  • https://www.marcopromos.com/info/promo-pack-ship-service?code=E0921-04&utm_campaign=Content%202021&utm_medium=email&_hsmi=155544580&_hsenc=p2ANqtz-8Pn73pXJdNppgJhRvCX8zHvRV9HesClkJ6npzL46_OHNczDTJZ...
105 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.marcopromos.com/info/promo-pack-ship-service?code=E0921-04&utm_campaign=Content%202021&utm_medium=email&_hsmi=155544580&_hsenc=p2ANqtz-8Pn73pXJdNppgJhRvCX8zHvRV9HesClkJ6npzL46_OHNczDTJZKx-uE350DVx_3sS3SwpiNCsNCJjKg2mgLiMjal4LHYuPhYAGsph0dSvDYptpWq0&utm_content=155544580&utm_source=hs_email
Requested by
Host: d15n7r04.na1.hubspotlinks.com
URL: https://d15n7r04.na1.hubspotlinks.com/Btc/DN+113/d15N7r04/VVPYzY6QNdqSW3zPSR55JrmhHW178YCN4x2RQ_N1h3yrL3q90JV1-WJV7CgVWVW7YB0FD34MjSLW4chHr_700-BWW4Gdcpz5VkZkjW75JCJb8HH-PbN8LK4Y7bQSCNVl1BWp6KCqPrW4q6nry2mx4xkN2CWBbPsm-M9W5rcxlN2Zk1qlW3pVS7S56JJ7_W2KXRzF5kC1gkW8WqBTL7PKMdqW1sqnZZ4qhG1cW7PSqPT5jMNb6W31jvhm4t_WbzW6dhdRw2FPl59N7r9VfZm_LJhW4NgCrc4DWWk7W5c7YrC7CymYcW8T4_4D7_zsN8W6z1fZ91MKYZlVSTWn069CWwJW5RQX352ty07xVvMbx831rhvbW5g7NVZ3rMGCXN6QsMSVrn9sZN7khnL431qj-V9pdzf5zpspJ3fWy1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:106d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b4a05aeb962f91e74f0e48cb78dcb24322fb1deacc348e87db098f98fc6c966
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
www.marcopromos.com
:scheme
https
:path
/info/promo-pack-ship-service?code=E0921-04&utm_campaign=Content%202021&utm_medium=email&_hsmi=155544580&_hsenc=p2ANqtz-8Pn73pXJdNppgJhRvCX8zHvRV9HesClkJ6npzL46_OHNczDTJZKx-uE350DVx_3sS3SwpiNCsNCJjKg2mgLiMjal4LHYuPhYAGsph0dSvDYptpWq0&utm_content=155544580&utm_source=hs_email
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://d15n7r04.na1.hubspotlinks.com/Btc/DN+113/d15N7r04/VVPYzY6QNdqSW3zPSR55JrmhHW178YCN4x2RQ_N1h3yrL3q90JV1-WJV7CgVWVW7YB0FD34MjSLW4chHr_700-BWW4Gdcpz5VkZkjW75JCJb8HH-PbN8LK4Y7bQSCNVl1BWp6KCqPrW4q6nry2mx4xkN2CWBbPsm-M9W5rcxlN2Zk1qlW3pVS7S56JJ7_W2KXRzF5kC1gkW8WqBTL7PKMdqW1sqnZZ4qhG1cW7PSqPT5jMNb6W31jvhm4t_WbzW6dhdRw2FPl59N7r9VfZm_LJhW4NgCrc4DWWk7W5c7YrC7CymYcW8T4_4D7_zsN8W6z1fZ91MKYZlVSTWn069CWwJW5RQX352ty07xVvMbx831rhvbW5g7NVZ3rMGCXN6QsMSVrn9sZN7khnL431qj-V9pdzf5zpspJ3fWy1

Response headers

date
Tue, 07 Sep 2021 02:49:43 GMT
content-type
text/html; charset=utf-8
set-cookie
LoginDetails=hnCEe5Ow0rv%2FSXwuAUxgop6egDQYnd5i2910kni4Z1Cg1y9VSg7f9iqZ68jn1R%2Fbqb2udgg%2BD3xWrzCSRpnmuG4alO%2BYjwSZn%2BD%2BiluuitDtT6eQAC5t%2BMqn7nHzVSZT1ooD5fhkO3N4pjCRrIMuuXsqss5%2Bv55faTl9t7SgURR8N4cxohhT%2FWVXzCygTJBx3FVw0nGZuPxNTURv62NCcKKcWMVikMkPJUvIqTN6nAAeK9em11q6RaOy0bdsb0JJHgoYvUZOFUaX%2BysFU%2Blmthgy9HGIyqWbThlIevfknvWiGk3nPWLKp89IX%2FFUUmXkAU3NrtPC4UxVuBB3gwDS2%2FgrrPtxQfdNa68AIk%2FteIAj0e%2Fj%2BXSsYGdPeEkMBxZs3BHevJ3K%2B53HkZ0mWvCkOHSaUK1tdJ2UQceEfur4Vby%2B2Mu4Ku1%2BbccT%2Bb6hQ4RY3DSKwAXNvxxqF4dWZB8GMrx7X0O2rvzX0By8vvJfkLhw%2BwbieZ54U9HXfunfV5Aik%2B21IhEQbTTiNU3WDpytpSX59ArUjgHJEw%2BmHAW39OLCPlrntOl%2B%2FJOB9zpXy6%2FrWVWe43lJj3ctQU3PIKkciReLqpl73qSD%2BigQPxXSw4LzeTVNKzyX%2FsXIrEaO0QXHRelI4uhrhuAf67nWZsZIxx0RbF6BZK1JDxnN3EWk1cKW%2BOuKzcIWz2zW37Rs2TpZTAY%2FIrokF94mYeGF1FshBacNwKfVuspEm%2BDsu9rgg%2Bhut%2FgfIiKoKr4XUFuhGCg4tl3l4%2BS2vJKmq8iuz4AcvVGSKOjVJ06wUiuZCKIco6MESDhuhPtLLXszYfT6riYDgXt2%2BgaGqni9AAxnBan88o0xerjSe0BnaNL7tdQbNqqr349dbfbRr32BIG3REnyArpU1h4P59Nh6RkzwTFD34BLOtiv9l%2FDeEyaCf1OkdwTJ2ysuMRGSOHymXXzubE1V92s1vHmKxnjRr711j9Qzr5jKn8%2BEU9H%2FY2MQk8MfgiJdFYlBzW%2F7QK2LZa%2BGMIW33eiuLcOy4SuK3Zecw0dknUGAVmkCuuIiuQfU7QZgwe0%3D; expires=Wed, 08 Sep 2021 02:49:43 GMT; path=/; samesite=lax; httponly
strict-transport-security
max-age=63072000; includeSubdomains
vary
Accept-Encoding
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
68aca01ba8732bc2-FRA
content-encoding
br

Redirect headers

date
Tue, 07 Sep 2021 02:49:42 GMT
x-robots-tag
none
link
<https://www.marcopromos.com/info/promo-pack-ship-service?code=E0921-04&utm_campaign=Content%202021&utm_medium=email&_hsmi=155544580&_hsenc=p2ANqtz-8Pn73pXJdNppgJhRvCX8zHvRV9HesClkJ6npzL46_OHNczDTJZKx-uE350DVx_3sS3SwpiNCsNCJjKg2mgLiMjal4LHYuPhYAGsph0dSvDYptpWq0&utm_content=155544580&utm_source=hs_email>; rel="canonical"
location
https://www.marcopromos.com/info/promo-pack-ship-service?code=E0921-04&utm_campaign=Content%202021&utm_medium=email&_hsmi=155544580&_hsenc=p2ANqtz-8Pn73pXJdNppgJhRvCX8zHvRV9HesClkJ6npzL46_OHNczDTJZKx-uE350DVx_3sS3SwpiNCsNCJjKg2mgLiMjal4LHYuPhYAGsph0dSvDYptpWq0&utm_content=155544580&utm_source=hs_email
referrer-policy
no-referrer
x-hubspot-correlation-id
c59583c9-910c-4e75-8f0b-973e3f4161c9
access-control-allow-credentials
false
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
68aca016a9525363-FRA
style.min.css
cdn.marcopromos.com/css/ 		344 KB
57 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.marcopromos.com/css/style.min.css?V=01092021094925
Requested by
Host: www.marcopromos.com
URL: https://www.marcopromos.com/info/promo-pack-ship-service?code=E0921-04&utm_campaign=Content%202021&utm_medium=email&_hsmi=155544580&_hsenc=p2ANqtz-8Pn73pXJdNppgJhRvCX8zHvRV9HesClkJ6npzL46_OHNczDTJZKx-uE350DVx_3sS3SwpiNCsNCJjKg2mgLiMjal4LHYuPhYAGsph0dSvDYptpWq0&utm_content=155544580&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:cc00:8:4e36:8300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8c684a8852d71857b17051d684ab9d4236a3a28f8dd2ff2f4dbdf54ca16fdd72

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
W/"187702cedd5009b63d7b9e9c54c8de46"
age
4679
x-amz-meta-sha256
8c684a8852d71857b17051d684ab9d4236a3a28f8dd2ff2f4dbdf54ca16fdd72
x-cache
Hit from cloudfront
last-modified
Tue, 13 Apr 2021 16:35:30 GMT
server
AmazonS3
date
Tue, 07 Sep 2021 02:26:06 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
expires
Fri, 31 Dec 2021 14:27:35 GMT
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
cjw8oPSc9trH3dNTp3tc2XPllOaM-r9qn_pJIfVnt8Aq9vzev4Jnfw==
x-amz-meta-s3b-last-modified
20190606T080203Z
site.css
cdn.marcopromos.com/09383499-F9CD-4BEF-BDD5-E906CA13DE31/css/ 		765 KB
107 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.marcopromos.com/09383499-F9CD-4BEF-BDD5-E906CA13DE31/css/site.css?V=01092021094925
Requested by
Host: www.marcopromos.com
URL: https://www.marcopromos.com/info/promo-pack-ship-service?code=E0921-04&utm_campaign=Content%202021&utm_medium=email&_hsmi=155544580&_hsenc=p2ANqtz-8Pn73pXJdNppgJhRvCX8zHvRV9HesClkJ6npzL46_OHNczDTJZKx-uE350DVx_3sS3SwpiNCsNCJjKg2mgLiMjal4LHYuPhYAGsph0dSvDYptpWq0&utm_content=155544580&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:cc00:8:4e36:8300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4bb4257efa5fc4152a10d501cb459ef515835d8dd07e3616b726516fd4c3ae20

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 02:12:41 GMT
content-encoding
gzip
last-modified
Tue, 07 Sep 2021 02:12:39 GMT
server
AmazonS3
age
2223
etag
W/"7ddd41576466cdb7f80dcc39ee39d514"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
JnOqKkq_rG_yVctHd2DO7dKHhgSj7rnB
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
content-type
text/css
x-amz-cf-id
gXF6XksB8U3Y-VfxmeZW7fKS8FVREiXBaK-lXV0vyanGISHtQ769xA==
expires
Fri, 17 Sep 2021 02:12:38 GMT
jquery.mCustomScrollbar.css
cdn.marcopromos.com/css/ 		52 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.marcopromos.com/css/jquery.mCustomScrollbar.css
Requested by
Host: www.marcopromos.com
URL: https://www.marcopromos.com/info/promo-pack-ship-service?code=E0921-04&utm_campaign=Content%202021&utm_medium=email&_hsmi=155544580&_hsenc=p2ANqtz-8Pn73pXJdNppgJhRvCX8zHvRV9HesClkJ6npzL46_OHNczDTJZKx-uE350DVx_3sS3SwpiNCsNCJjKg2mgLiMjal4LHYuPhYAGsph0dSvDYptpWq0&utm_content=155544580&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:cc00:8:4e36:8300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cfc0a2fed6070df07041c36ae476a0f592b7ab5b5af8cc8e063eb9376029cd8a

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
W/"07d9ca62e03cdf14e05c0a601b9a6e69"
last-modified
Tue, 13 Apr 2021 16:35:32 GMT
server
AmazonS3
age
3923
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
date
Tue, 07 Sep 2021 02:26:06 GMT
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
zLr4M3iuBknfo9_v2-j1mNOZL8aT8YhQj6o0aGXehXbfBSEqvrHCyQ==
expires
Fri, 31 Dec 2021 14:27:35 GMT
rocket-loader.min.js
www.marcopromos.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.marcopromos.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.marcopromos.com
URL: https://www.marcopromos.com/info/promo-pack-ship-service?code=E0921-04&utm_campaign=Content%202021&utm_medium=email&_hsmi=155544580&_hsenc=p2ANqtz-8Pn73pXJdNppgJhRvCX8zHvRV9HesClkJ6npzL46_OHNczDTJZKx-uE350DVx_3sS3SwpiNCsNCJjKg2mgLiMjal4LHYuPhYAGsph0dSvDYptpWq0&utm_content=155544580&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:106d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
pragma
no-cache
cookie
LoginDetails=hnCEe5Ow0rv%2FSXwuAUxgop6egDQYnd5i2910kni4Z1Cg1y9VSg7f9iqZ68jn1R%2Fbqb2udgg%2BD3xWrzCSRpnmuG4alO%2BYjwSZn%2BD%2BiluuitDtT6eQAC5t%2BMqn7nHzVSZT1ooD5fhkO3N4pjCRrIMuuXsqss5%2Bv55faTl9t7SgURR8N4cxohhT%2FWVXzCygTJBx3FVw0nGZuPxNTURv62NCcKKcWMVikMkPJUvIqTN6nAAeK9em11q6RaOy0bdsb0JJHgoYvUZOFUaX%2BysFU%2Blmthgy9HGIyqWbThlIevfknvWiGk3nPWLKp89IX%2FFUUmXkAU3NrtPC4UxVuBB3gwDS2%2FgrrPtxQfdNa68AIk%2FteIAj0e%2Fj%2BXSsYGdPeEkMBxZs3BHevJ3K%2B53HkZ0mWvCkOHSaUK1tdJ2UQceEfur4Vby%2B2Mu4Ku1%2BbccT%2Bb6hQ4RY3DSKwAXNvxxqF4dWZB8GMrx7X0O2rvzX0By8vvJfkLhw%2BwbieZ54U9HXfunfV5Aik%2B21IhEQbTTiNU3WDpytpSX59ArUjgHJEw%2BmHAW39OLCPlrntOl%2B%2FJOB9zpXy6%2FrWVWe43lJj3ctQU3PIKkciReLqpl73qSD%2BigQPxXSw4LzeTVNKzyX%2FsXIrEaO0QXHRelI4uhrhuAf67nWZsZIxx0RbF6BZK1JDxnN3EWk1cKW%2BOuKzcIWz2zW37Rs2TpZTAY%2FIrokF94mYeGF1FshBacNwKfVuspEm%2BDsu9rgg%2Bhut%2FgfIiKoKr4XUFuhGCg4tl3l4%2BS2vJKmq8iuz4AcvVGSKOjVJ06wUiuZCKIco6MESDhuhPtLLXszYfT6riYDgXt2%2BgaGqni9AAxnBan88o0xerjSe0BnaNL7tdQbNqqr349dbfbRr32BIG3REnyArpU1h4P59Nh6RkzwTFD34BLOtiv9l%2FDeEyaCf1OkdwTJ2ysuMRGSOHymXXzubE1V92s1vHmKxnjRr711j9Qzr5jKn8%2BEU9H%2FY2MQk8MfgiJdFYlBzW%2F7QK2LZa%2BGMIW33eiuLcOy4SuK3Zecw0dknUGAVmkCuuIiuQfU7QZgwe0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.marcopromos.com
referer
https://www.marcopromos.com/info/promo-pack-ship-service?code=E0921-04&utm_campaign=Content%202021&utm_medium=email&_hsmi=155544580&_hsenc=p2ANqtz-8Pn73pXJdNppgJhRvCX8zHvRV9HesClkJ6npzL46_OHNczDTJZKx-uE350DVx_3sS3SwpiNCsNCJjKg2mgLiMjal4LHYuPhYAGsph0dSvDYptpWq0&utm_content=155544580&utm_source=hs_email
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.marcopromos.com/info/promo-pack-ship-service?code=E0921-04&utm_campaign=Content%202021&utm_medium=email&_hsmi=155544580&_hsenc=p2ANqtz-8Pn73pXJdNppgJhRvCX8zHvRV9HesClkJ6npzL46_OHNczDTJZKx-uE350DVx_3sS3SwpiNCsNCJjKg2mgLiMjal4LHYuPhYAGsph0dSvDYptpWq0&utm_content=155544580&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 02:49:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 01 Sep 2021 15:49:24 GMT
server
cloudflare
etag
W/"612fa104-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800 public
cf-ray
68aca01d89fe2bc2-FRA
vary
Accept-Encoding
expires
Thu, 09 Sep 2021 02:49:43 GMT
owl.carousel.bundle.min.css
cdn.marcopromos.com/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.marcopromos.com/css/owl.carousel.bundle.min.css
Requested by
Host: www.marcopromos.com
URL: https://www.marcopromos.com/info/promo-pack-ship-service?code=E0921-04&utm_campaign=Content%202021&utm_medium=email&_hsmi=155544580&_hsenc=p2ANqtz-8Pn73pXJdNppgJhRvCX8zHvRV9HesClkJ6npzL46_OHNczDTJZKx-uE350DVx_3sS3SwpiNCsNCJjKg2mgLiMjal4LHYuPhYAGsph0dSvDYptpWq0&utm_content=155544580&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:cc00:8:4e36:8300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
acd82ecf1cd6b4172ca2e21a6f5518771bd2607eaf6d41c0f755d05c40b79dd0

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
W/"85e20a4702637a48439cd7729b739fc8"
age
4679
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 13 Apr 2021 16:35:28 GMT
server
AmazonS3
date
Tue, 07 Sep 2021 02:26:06 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
expires
Fri, 31 Dec 2021 14:27:35 GMT
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
JhKHYBtArtZRU4vOsH6YyAGPlh8gYSwv3N_qBIQD0QG3_J9WzkysFA==
x-amz-meta-s3b-last-modified
20180705T093217Z
e5c17b17-7f43-4f69-ad3a-6b54578b1219.jpg
dki9zok8ilpi.cloudfront.net/09383499-F9CD-4BEF-BDD5-E906CA13DE31/StaticImages/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dki9zok8ilpi.cloudfront.net/09383499-F9CD-4BEF-BDD5-E906CA13DE31/StaticImages/e5c17b17-7f43-4f69-ad3a-6b54578b1219.jpg
Requested by
Host: www.marcopromos.com
URL: https://www.marcopromos.com/info/promo-pack-ship-service?code=E0921-04&utm_campaign=Content%202021&utm_medium=email&_hsmi=155544580&_hsenc=p2ANqtz-8Pn73pXJdNppgJhRvCX8zHvRV9HesClkJ6npzL46_OHNczDTJZKx-uE350DVx_3sS3SwpiNCsNCJjKg2mgLiMjal4LHYuPhYAGsph0dSvDYptpWq0&utm_content=155544580&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:8400:1b:9315:9980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
114aaebef117e4e94e93370053994867d46568ced72f584ec21b4e328e2c3a8e

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 09:14:21 GMT
via
1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
last-modified
Mon, 04 Jan 2021 11:41:46 GMT
server
AmazonS3
age
322523
etag
"fe75b46b64d70825238c9d732a49f985"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=604800
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
3737
x-amz-cf-id
_8lJ7Wm7DR7rnOD-1jAQlo_mVFdDZj9AI8UWde8IavH2Y4MVaue5Iw==
expires
Thu, 11 Feb 2021 11:08:07 GMT
email-decode.min.js
www.marcopromos.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
727 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.marcopromos.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.marcopromos.com
URL: https://www.marcopromos.com/info/promo-pack-ship-service?code=E0921-04&utm_campaign=Content%202021&utm_medium=email&_hsmi=155544580&_hsenc=p2ANqtz-8Pn73pXJdNppgJhRvCX8zHvRV9HesClkJ6npzL46_OHNczDTJZKx-uE350DVx_3sS3SwpiNCsNCJjKg2mgLiMjal4LHYuPhYAGsph0dSvDYptpWq0&utm_content=155544580&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:106d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
LoginDetails=hnCEe5Ow0rv%2FSXwuAUxgop6egDQYnd5i2910kni4Z1Cg1y9VSg7f9iqZ68jn1R%2Fbqb2udgg%2BD3xWrzCSRpnmuG4alO%2BYjwSZn%2BD%2BiluuitDtT6eQAC5t%2BMqn7nHzVSZT1ooD5fhkO3N4pjCRrIMuuXsqss5%2Bv55faTl9t7SgURR8N4cxohhT%2FWVXzCygTJBx3FVw0nGZuPxNTURv62NCcKKcWMVikMkPJUvIqTN6nAAeK9em11q6RaOy0bdsb0JJHgoYvUZOFUaX%2BysFU%2Blmthgy9HGIyqWbThlIevfknvWiGk3nPWLKp89IX%2FFUUmXkAU3NrtPC4UxVuBB3gwDS2%2FgrrPtxQfdNa68AIk%2FteIAj0e%2Fj%2BXSsYGdPeEkMBxZs3BHevJ3K%2B53HkZ0mWvCkOHSaUK1tdJ2UQceEfur4Vby%2B2Mu4Ku1%2BbccT%2Bb6hQ4RY3DSKwAXNvxxqF4dWZB8GMrx7X0O2rvzX0By8vvJfkLhw%2BwbieZ54U9HXfunfV5Aik%2B21IhEQbTTiNU3WDpytpSX59ArUjgHJEw%2BmHAW39OLCPlrntOl%2B%2FJOB9zpXy6%2FrWVWe43lJj3ctQU3PIKkciReLqpl73qSD%2BigQPxXSw4LzeTVNKzyX%2FsXIrEaO0QXHRelI4uhrhuAf67nWZsZIxx0RbF6BZK1JDxnN3EWk1cKW%2BOuKzcIWz2zW37Rs2TpZTAY%2FIrokF94mYeGF1FshBacNwKfVuspEm%2BDsu9rgg%2Bhut%2FgfIiKoKr4XUFuhGCg4tl3l4%2BS2vJKmq8iuz4AcvVGSKOjVJ06wUiuZCKIco6MESDhuhPtLLXszYfT6riYDgXt2%2BgaGqni9AAxnBan88o0xerjSe0BnaNL7tdQbNqqr349dbfbRr32BIG3REnyArpU1h4P59Nh6RkzwTFD34BLOtiv9l%2FDeEyaCf1OkdwTJ2ysuMRGSOHymXXzubE1V92s1vHmKxnjRr711j9Qzr5jKn8%2BEU9H%2FY2MQk8MfgiJdFYlBzW%2F7QK2LZa%2BGMIW33eiuLcOy4SuK3Zecw0dknUGAVmkCuuIiuQfU7QZgwe0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.marcopromos.com
referer
https://www.marcopromos.com/info/promo-pack-ship-service?code=E0921-04&utm_campaign=Content%202021&utm_medium=email&_hsmi=155544580&_hsenc=p2ANqtz-8Pn73pXJdNppgJhRvCX8zHvRV9HesClkJ6npzL46_OHNczDTJZKx-uE350DVx_3sS3SwpiNCsNCJjKg2mgLiMjal4LHYuPhYAGsph0dSvDYptpWq0&utm_content=155544580&utm_source=hs_email
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.marcopromos.com/info/promo-pack-ship-service?code=E0921-04&utm_campaign=Content%202021&utm_medium=email&_hsmi=155544580&_hsenc=p2ANqtz-8Pn73pXJdNppgJhRvCX8zHvRV9HesClkJ6npzL46_OHNczDTJZKx-uE350DVx_3sS3SwpiNCsNCJjKg2mgLiMjal4LHYuPhYAGsph0dSvDYptpWq0&utm_content=155544580&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 02:49:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 01 Sep 2021 15:49:24 GMT
server
cloudflare
etag
W/"612fa104-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800 public
cf-ray
68aca01dca242bc2-FRA
vary
Accept-Encoding
expires
Thu, 09 Sep 2021 02:49:43 GMT
iMAWebCookie.js
www.sc.pages03.net/lp/static/js/ 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sc.pages03.net/lp/static/js/iMAWebCookie.js?61f294ad-14c911e56a2-943e27de0c8b91cc3fcf1475c3e5d726&h=www.pages03.net
Requested by
Host: www.marcopromos.com
URL: https://www.marcopromos.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-68.dus51.r.cloudfront.net
Software
Apache /
Resource Hash
27a1e80167055f562f0ddda38620ec1f5a354c5ab795c75da16874f4095520f3

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 07 Sep 2021 02:49:43 GMT
via
1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront)
last-modified
Wed, 01 Sep 2021 03:28:56 GMT
server
Apache
x-amz-cf-pop
DUS51-C1
etag
"3772-5cae6aa97a50d"
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
14194
x-amz-cf-id
ZKb1LoSOrCZPOsJM3JUWgpf9tGXu0zcNkywTMcURRACBW1uf5-8_8Q==
gtm.js
www.googletagmanager.com/ 		244 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T38VC48
Requested by
Host: d15n7r04.na1.hubspotlinks.com
URL: https://d15n7r04.na1.hubspotlinks.com/Btc/DN+113/d15N7r04/VVPYzY6QNdqSW3zPSR55JrmhHW178YCN4x2RQ_N1h3yrL3q90JV1-WJV7CgVWVW7YB0FD34MjSLW4chHr_700-BWW4Gdcpz5VkZkjW75JCJb8HH-PbN8LK4Y7bQSCNVl1BWp6KCqPrW4q6nry2mx4xkN2CWBbPsm-M9W5rcxlN2Zk1qlW3pVS7S56JJ7_W2KXRzF5kC1gkW8WqBTL7PKMdqW1sqnZZ4qhG1cW7PSqPT5jMNb6W31jvhm4t_WbzW6dhdRw2FPl59N7r9VfZm_LJhW4NgCrc4DWWk7W5c7YrC7CymYcW8T4_4D7_zsN8W6z1fZ91MKYZlVSTWn069CWwJW5RQX352ty07xVvMbx831rhvbW5g7NVZ3rMGCXN6QsMSVrn9sZN7khnL431qj-V9pdzf5zpspJ3fWy1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e04dc0e3780b33c759f90a59ebba6665cfe79bf732d90cef831fc83309934f57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 02:49:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
82377
x-xss-protection
0
last-modified
Tue, 07 Sep 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 07 Sep 2021 02:49:43 GMT
code.js
td.yieldify.com/yieldify/ 		374 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://td.yieldify.com/yieldify/code.js?w_uuid=f40c477a-f173-41c2-bc8c-d2b87be178fa&k=1&loca=https://www.marcopromos.com/info/promo-pack-ship-service?code=E0921-04&utm_campaign=Content%202021&utm_medium=email&_hsmi=155544580&_hsenc=p2ANqtz-8Pn73pXJdNppgJhRvCX8zHvRV9HesClkJ6npzL46_OHNczDTJZKx-uE350DVx_3sS3SwpiNCsNCJjKg2mgLiMjal4LHYuPhYAGsph0dSvDYptpWq0&utm_content=155544580&utm_source=hs_email
Requested by
Host: d15n7r04.na1.hubspotlinks.com
URL: https://d15n7r04.na1.hubspotlinks.com/Btc/DN+113/d15N7r04/VVPYzY6QNdqSW3zPSR55JrmhHW178YCN4x2RQ_N1h3yrL3q90JV1-WJV7CgVWVW7YB0FD34MjSLW4chHr_700-BWW4Gdcpz5VkZkjW75JCJb8HH-PbN8LK4Y7bQSCNVl1BWp6KCqPrW4q6nry2mx4xkN2CWBbPsm-M9W5rcxlN2Zk1qlW3pVS7S56JJ7_W2KXRzF5kC1gkW8WqBTL7PKMdqW1sqnZZ4qhG1cW7PSqPT5jMNb6W31jvhm4t_WbzW6dhdRw2FPl59N7r9VfZm_LJhW4NgCrc4DWWk7W5c7YrC7CymYcW8T4_4D7_zsN8W6z1fZ91MKYZlVSTWn069CWwJW5RQX352ty07xVvMbx831rhvbW5g7NVZ3rMGCXN6QsMSVrn9sZN7khnL431qj-V9pdzf5zpspJ3fWy1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.233 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8ed5a84313e36a1c56bafc99a40dd75908e60ea9872fcaae901ce762da3597fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
age
34845
x-cache
HIT
x-device
desktop
content-length
61261
x-xss-protection
1; mode=block
x-served-by
cache-fra19165-FRA
last-modified
Mon, 06 Sep 2021 10:27:38 GMT
x-timer
S1630982984.081671,VS0,VE2
date
Tue, 07 Sep 2021 02:49:44 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
via
1.1 varnish
cache-control
no-cache, no-store, must-revalidate
etag
"b3ba565f28dfcbbcc84d7087f5446262"
accept-ranges
bytes
x-cache-hits
1
KFOmCnqEu92Fr1Mu4mxK.woff2
cdn.marcopromos.com/09383499-F9CD-4BEF-BDD5-E906CA13DE31/css/fonts/roboto/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.marcopromos.com/09383499-F9CD-4BEF-BDD5-E906CA13DE31/css/fonts/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: cdn.marcopromos.com
URL: https://cdn.marcopromos.com/09383499-F9CD-4BEF-BDD5-E906CA13DE31/css/site.css?V=01092021094925
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:cc00:8:4e36:8300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Request headers

Origin
https://www.marcopromos.com
Referer
https://cdn.marcopromos.com/09383499-F9CD-4BEF-BDD5-E906CA13DE31/css/site.css?V=01092021094925
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
etag
"5d4aeb4e5f5ef754e307d7ffaef688bd"
age
9040
x-cache
Hit from cloudfront
content-length
15344
last-modified
Tue, 13 Apr 2021 14:41:08 GMT
server
AmazonS3
date
Tue, 07 Sep 2021 01:51:43 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
expires
Fri, 31 Dec 2021 14:35:22 GMT
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
7pbmsD6sy8iGx19GXyY3JwP1muZHp_Zfr9m45jmFNMDdX98C4QQZQA==
x-amz-meta-s3b-last-modified
20181026T110716Z
fontawesome-webfont.woff2
cdn.marcopromos.com/fonts/fontawesome/ 		127 KB
128 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.marcopromos.com/fonts/fontawesome/fontawesome-webfont.woff2
Requested by
Host: cdn.marcopromos.com
URL: https://cdn.marcopromos.com/09383499-F9CD-4BEF-BDD5-E906CA13DE31/css/site.css?V=01092021094925
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:cc00:8:4e36:8300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
917401af2cad86d776c7b3c8bfea34d2f6bcc4ea3de1b62407acb952b6d26dcd

Request headers

Origin
https://www.marcopromos.com
Referer
https://cdn.marcopromos.com/09383499-F9CD-4BEF-BDD5-E906CA13DE31/css/site.css?V=01092021094925
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
etag
"2bf8828a92f27dc56944325114c8bd24"
age
3480
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
130288
last-modified
Tue, 13 Apr 2021 17:30:01 GMT
server
AmazonS3
date
Tue, 07 Sep 2021 01:51:45 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
expires
Fri, 31 Dec 2021 14:32:21 GMT
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
bBdnK72a-qU3npdg_vnB3lKUv2NCU-l3qqCgZSNazFiAOubKM5gT7Q==
x-amz-meta-s3b-last-modified
20180724T092046Z
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
cdn.marcopromos.com/09383499-F9CD-4BEF-BDD5-E906CA13DE31/css/fonts/roboto/v18/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.marcopromos.com/09383499-F9CD-4BEF-BDD5-E906CA13DE31/css/fonts/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: cdn.marcopromos.com
URL: https://cdn.marcopromos.com/09383499-F9CD-4BEF-BDD5-E906CA13DE31/css/site.css?V=01092021094925
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:cc00:8:4e36:8300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97

Request headers

Origin
https://www.marcopromos.com
Referer
https://cdn.marcopromos.com/09383499-F9CD-4BEF-BDD5-E906CA13DE31/css/site.css?V=01092021094925
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
etag
"037d830416495def72b7881024c14b7b"
age
3480
x-cache
Hit from cloudfront
content-length
15436
last-modified
Tue, 13 Apr 2021 14:41:08 GMT
server
AmazonS3
date
Tue, 07 Sep 2021 01:51:45 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
expires
Fri, 31 Dec 2021 14:35:22 GMT
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
VN0CpTzt5s7kj4dp6Nr9lpa5wTU8J0DhP45YID2tnR7mtLPnpfdMXg==
x-amz-meta-s3b-last-modified
20181026T110716Z
Marco-Fontawesome-webfont.ttf
cdn.marcopromos.com/09383499-F9CD-4BEF-BDD5-E906CA13DE31/css/fonts/ 		39 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.marcopromos.com/09383499-F9CD-4BEF-BDD5-E906CA13DE31/css/fonts/Marco-Fontawesome-webfont.ttf?3ic7b9
Requested by
Host: cdn.marcopromos.com
URL: https://cdn.marcopromos.com/09383499-F9CD-4BEF-BDD5-E906CA13DE31/css/site.css?V=01092021094925
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:cc00:8:4e36:8300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf642dd3b128e98a08293ff9b92ce4db903f7e67b8190b9c42e3386cb35fba0f

Request headers

Origin
https://www.marcopromos.com
Referer
https://cdn.marcopromos.com/09383499-F9CD-4BEF-BDD5-E906CA13DE31/css/site.css?V=01092021094925
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
W/"eb5c3b058d21c86b803edec7158d3f0b"
age
9866
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 13 Apr 2021 17:11:05 GMT
server
AmazonS3
date
Tue, 07 Sep 2021 01:11:17 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-sfnt
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
expires
Fri, 31 Dec 2021 14:35:22 GMT
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
0EznghLzRDsRFQm1njJKWeeHm63_XH1Ru_OKzVJtF5EZ1EQ2zqtP0A==
x-amz-meta-s3b-last-modified
20190114T134014Z
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
cdn.marcopromos.com/09383499-F9CD-4BEF-BDD5-E906CA13DE31/css/fonts/roboto/v18/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.marcopromos.com/09383499-F9CD-4BEF-BDD5-E906CA13DE31/css/fonts/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: cdn.marcopromos.com
URL: https://cdn.marcopromos.com/09383499-F9CD-4BEF-BDD5-E906CA13DE31/css/site.css?V=01092021094925
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:cc00:8:4e36:8300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Request headers

Origin
https://www.marcopromos.com
Referer
https://cdn.marcopromos.com/09383499-F9CD-4BEF-BDD5-E906CA13DE31/css/site.css?V=01092021094925
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
etag
"285467176f7fe6bb6a9c6873b3dad2cc"
age
3480
x-cache
Hit from cloudfront
content-length
15552
last-modified
Tue, 13 Apr 2021 14:41:08 GMT
server
AmazonS3
date
Tue, 07 Sep 2021 01:51:45 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
expires
Fri, 31 Dec 2021 14:35:22 GMT
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
MFsnGlsPuo_44M6T7Z5IwKzdTqLmYWALQlZS9He6B4fXFPreRHchOg==
x-amz-meta-s3b-last-modified
20181026T110716Z
KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
cdn.marcopromos.com/09383499-F9CD-4BEF-BDD5-E906CA13DE31/css/fonts/roboto/v18/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.marcopromos.com/09383499-F9CD-4BEF-BDD5-E906CA13DE31/css/fonts/roboto/v18/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
Requested by
Host: cdn.marcopromos.com
URL: https://cdn.marcopromos.com/09383499-F9CD-4BEF-BDD5-E906CA13DE31/css/site.css?V=01092021094925
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:cc00:8:4e36:8300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a44484ecc8b7aa5da1603d6a7256d3eea3c5c8e5c6f50bcdb220b303e4b2010a

Request headers

Origin
https://www.marcopromos.com
Referer
https://cdn.marcopromos.com/09383499-F9CD-4BEF-BDD5-E906CA13DE31/css/site.css?V=01092021094925
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
etag
"510dec37fa69fba39593e01a469ee018"
age
3480
x-cache
Hit from cloudfront
content-length
16940
last-modified
Tue, 13 Apr 2021 14:41:07 GMT
server
AmazonS3
date
Tue, 07 Sep 2021 01:51:45 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
expires
Fri, 31 Dec 2021 14:35:22 GMT
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
L1deNeNbakx9A5fXguwIwUq9kZ0TxlaKJKopQk6VEWz3NGcFzBUD5Q==
x-amz-meta-s3b-last-modified
20181026T110716Z
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
cdn.marcopromos.com/09383499-F9CD-4BEF-BDD5-E906CA13DE31/css/fonts/robotocondensed/v16/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.marcopromos.com/09383499-F9CD-4BEF-BDD5-E906CA13DE31/css/fonts/robotocondensed/v16/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: cdn.marcopromos.com
URL: https://cdn.marcopromos.com/09383499-F9CD-4BEF-BDD5-E906CA13DE31/css/site.css?V=01092021094925
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:cc00:8:4e36:8300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0f961c62a5d3faf422bafd5ce3c490a54b95c68a1bb5aaca37b66a8257fe02ea

Request headers

Origin
https://www.marcopromos.com
Referer
https://cdn.marcopromos.com/09383499-F9CD-4BEF-BDD5-E906CA13DE31/css/site.css?V=01092021094925
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
etag
"587de8ec039052f50e69c9654439b991"
age
3923
x-cache
Hit from cloudfront
content-length
15332
last-modified
Tue, 13 Apr 2021 14:41:08 GMT
server
AmazonS3
date
Tue, 07 Sep 2021 01:51:43 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
expires
Fri, 31 Dec 2021 14:35:22 GMT
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
uaNLJX9XDAAORxw3uE1egYx7CXhvtWjOgpgdKYmdQqYwhplu9wk6Jw==
x-amz-meta-s3b-last-modified
20181026T112314Z
ProdPresentation.js
cdn.marcopromos.com/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.marcopromos.com/js/ProdPresentation.js
Requested by
Host: www.marcopromos.com
URL: https://www.marcopromos.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:cc00:8:4e36:8300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd5f812e0825d32f5132f5242617a57b1a3d275b1e82d0ed253a4479c219361b

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Tue, 22 Sep 2020 06:22:50 GMT
server
AmazonS3
age
4992
etag
W/"faa88fa33abcfdf345aa7124b9b8ccd9"
vary
Accept-Encoding
x-amz-meta-sha256
bd5f812e0825d32f5132f5242617a57b1a3d275b1e82d0ed253a4479c219361b
content-type
application/javascript
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
date
Tue, 07 Sep 2021 01:30:39 GMT
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
_0OzWnXGekLcKVdoYggIjKvQwJBr69GSSuc8fyha2nHaqxVlSgZDYw==
x-amz-meta-s3b-last-modified
20200922T053927Z
lazysizes.min.js
cdn.marcopromos.com/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.marcopromos.com/js/lazysizes.min.js
Requested by
Host: www.marcopromos.com
URL: https://www.marcopromos.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:cc00:8:4e36:8300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
678d8939722a3a477adf146780b32650e7ef13b2be47f278918349dfa1239b40

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Fri, 26 Feb 2021 06:49:33 GMT
server
AmazonS3
age
3480
etag
W/"65a41cfa345c51ed2ea495084d250094"
vary
Accept-Encoding
x-amz-meta-sha256
678d8939722a3a477adf146780b32650e7ef13b2be47f278918349dfa1239b40
content-type
application/javascript
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
date
Tue, 07 Sep 2021 01:51:45 GMT
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
piNMQ7_-0-RKEe8Tdt-JKX_lya17OLolg66kheXMRkJrE6tIPZo6-A==
x-amz-meta-s3b-last-modified
20210226T064822Z
web-bundle2.js
cdn.marcopromos.com/js/ 		115 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.marcopromos.com/js/web-bundle2.js?V=01092021094925
Requested by
Host: www.marcopromos.com
URL: https://www.marcopromos.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:cc00:8:4e36:8300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df2211f0b9aaa190b99b2f7ec86cc20132c3f3d4ee1e8f10baa59e1a9e5a9f5e

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Thu, 09 Apr 2020 06:04:00 GMT
server
AmazonS3
age
6630
etag
W/"ae14b260c65b48d47fae2705e5daf5de"
vary
Accept-Encoding
x-amz-meta-sha256
df2211f0b9aaa190b99b2f7ec86cc20132c3f3d4ee1e8f10baa59e1a9e5a9f5e
content-type
application/javascript
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
date
Tue, 07 Sep 2021 00:59:14 GMT
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
YzxurF0yxV7tcXeRxx8S8_UgLn7xcR-dXC_37eYOEuqjQvPmaPNfIw==
x-amz-meta-s3b-last-modified
20200409T060512Z
web_bundle.js
cdn.marcopromos.com/js/ 		486 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.marcopromos.com/js/web_bundle.js?V=01092021094925
Requested by
Host: www.marcopromos.com
URL: https://www.marcopromos.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:cc00:8:4e36:8300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f10de3a31ecefe366e3be44123b3cad721ab3b9238f7dd4c654792347dbfa93e

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Wed, 18 Mar 2020 06:26:23 GMT
server
AmazonS3
age
1753
etag
W/"b177bfc67484352dad2dab5f07370a14"
vary
Accept-Encoding
x-amz-meta-sha256
f10de3a31ecefe366e3be44123b3cad721ab3b9238f7dd4c654792347dbfa93e
content-type
application/javascript
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
date
Tue, 07 Sep 2021 02:26:06 GMT
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
ewQhFdTx-VqPuUwCECB_tzl8lYcy7t9UyTwWEDkLE4raZ2SfMOB1BQ==
x-amz-meta-s3b-last-modified
20200318T062548Z
9410333.js
js.hs-scripts.com/ 		1 KB
915 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/9410333.js
Requested by
Host: www.marcopromos.com
URL: https://www.marcopromos.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
513a8d65184bb833d3efa308750fd249a76ab649d81ccb9b5b1a7a6de5cbbdc6

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 02:49:44 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
36
cf-polished
origSize=1528
x-hubspot-correlation-id
feb498a0-5cf5-4a39-857b-59bb608559fc
cf-bgj
minify
server
cloudflare
x-trace
2B7F2BF254C3EA8671CF9885EB0FAFAB54CE3E2121000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.marcopromos.com
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
68aca022ca7f5c44-FRA
expires
Tue, 07 Sep 2021 02:50:44 GMT
bat.js
bat.bing.com/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38VC48
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 02:49:43 GMT
content-encoding
gzip
last-modified
Wed, 28 Jul 2021 18:27:37 GMT
x-msedge-ref
Ref A: 431A9DA475EF4EB4878C8AE5AC84C963 Ref B: FRAEDGE1520 Ref C: 2021-09-07T02:49:44Z
etag
"80f2963dde83d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
9024
conversion_async.js
www.googleadservices.com/pagead/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38VC48
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
a53b289843b15d58a9574645ea05db23c5dd6663fc5e39f5c61528ae13de22f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 02:49:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14079
x-xss-protection
0
server
cafe
etag
18326714422570925345
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 02:49:44 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: d15n7r04.na1.hubspotlinks.com
URL: https://d15n7r04.na1.hubspotlinks.com/Btc/DN+113/d15N7r04/VVPYzY6QNdqSW3zPSR55JrmhHW178YCN4x2RQ_N1h3yrL3q90JV1-WJV7CgVWVW7YB0FD34MjSLW4chHr_700-BWW4Gdcpz5VkZkjW75JCJb8HH-PbN8LK4Y7bQSCNVl1BWp6KCqPrW4q6nry2mx4xkN2CWBbPsm-M9W5rcxlN2Zk1qlW3pVS7S56JJ7_W2KXRzF5kC1gkW8WqBTL7PKMdqW1sqnZZ4qhG1cW7PSqPT5jMNb6W31jvhm4t_WbzW6dhdRw2FPl59N7r9VfZm_LJhW4NgCrc4DWWk7W5c7YrC7CymYcW8T4_4D7_zsN8W6z1fZ91MKYZlVSTWn069CWwJW5RQX352ty07xVvMbx831rhvbW5g7NVZ3rMGCXN6QsMSVrn9sZN7khnL431qj-V9pdzf5zpspJ3fWy1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25999
x-xss-protection
0
pragma
public
x-fb-debug
X4oYqA/8x5TvON3KdAK+ySEzAzz2jG/8eCFYlisgvrjENOezqCMFQXOGwGJUvK4nx8ErCBCmirq1nEC1ycjB6w==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Tue, 07 Sep 2021 02:49:44 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
bundle.js
custom.yieldify.com/v1/100356/100565/5d3be0fd6d/ 		157 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://custom.yieldify.com/v1/100356/100565/5d3be0fd6d/bundle.js
Requested by
Host: td.yieldify.com
URL: https://td.yieldify.com/yieldify/code.js?w_uuid=f40c477a-f173-41c2-bc8c-d2b87be178fa&k=1&loca=https://www.marcopromos.com/info/promo-pack-ship-service?code=E0921-04&utm_campaign=Content%202021&utm_medium=email&_hsmi=155544580&_hsenc=p2ANqtz-8Pn73pXJdNppgJhRvCX8zHvRV9HesClkJ6npzL46_OHNczDTJZKx-uE350DVx_3sS3SwpiNCsNCJjKg2mgLiMjal4LHYuPhYAGsph0dSvDYptpWq0&utm_content=155544580&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.233 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
027c41a0adf0e1d091b589e063e86824381faa6cee6deb5275069fff3333b41a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
age
38656
x-cache
HIT
content-length
41402
x-amz-id-2
PCgqXSCfGccMwyhfA0ou6jyKX4bJuxm3+wXUxttMQ+NaJwAXOwzIZCDCFFCtpjAP8cdCF8QnyW0=
x-served-by
cache-fra19122-FRA
last-modified
Mon, 06 Sep 2021 10:11:55 GMT
server
AmazonS3
x-timer
S1630982984.411154,VS0,VE1
date
Tue, 07 Sep 2021 02:49:44 GMT
vary
Accept-Encoding
x-amz-request-id
9R61NKBNWZ5SAVK9
via
1.1 varnish
x-xss-protection
1; mode=block
cache-control
max-age=86400, public
etag
"7038fb59ee92bdaffeebc113a7a11b9d"
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
2920116024928472
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2920116024928472?v=2.9.45&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c814ca500e172d8691630ef040cf582e926b21b68189abfb6d398f8570f0e65a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
89532
x-xss-protection
0
pragma
public
x-fb-debug
ZHKlwFg6lsk3HD7idUzpdHGdICQnsUAcqxTnCre4GUAiIp2xNvWWhLEmjnDl76PwGN3jzlv+5QPW0Rz7vGrqNQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 07 Sep 2021 02:49:44 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
4020823.js
bat.bing.com/p/action/ 		0
115 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/4020823.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 07 Sep 2021 02:49:44 GMT
cache-control
private,max-age=86400
x-msedge-ref
Ref A: 788F46761ED24853B380A6C7886AA59E Ref B: FRAEDGE1520 Ref C: 2021-09-07T02:49:44Z
x-cache
CONFIG_NOCACHE
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1068114047/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1068114047/?random=1630982984328&cv=9&fst=1630982984328&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg910&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.marcopromos.com%2Finfo%2Fpromo-pack-ship-service%3Fcode%3DE0921-04%26utm_campaign%3DContent%25202021%26utm_medium%3Demail%26_hsmi%3D155544580%26_hsenc%3Dp2ANqtz-8Pn73pXJdNppgJhRvCX8zHvRV9HesClkJ6npzL46_OHNczDTJZKx-uE350DVx_3sS3SwpiNCsNCJjKg2mgLiMjal4LHYuPhYAGsph0dSvDYptpWq0%26utm_content%3D155544580%26utm_source%3Dhs_email&tiba=Drop%20Ship%20Promotional%20Items%20%7C%20MARCO%20Promos%E2%84%A2&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd640b863e9828651a6bc0b7dc065ace9f27b65824e1d923965f294a028e3c06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Sep 2021 02:49:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2920116024928472&ev=PageView&dl=https%3A%2F%2Fwww.marcopromos.com%2Finfo%2Fpromo-pack-ship-service%3Fcode%3DE0921-04%26utm_campaign%3DContent%25202021%26utm_medium%3Demail%26_hsmi%3D155544580%26_hsenc%3Dp2ANqtz-8Pn73pXJdNppgJhRvCX8zHvRV9HesClkJ6npzL46_OHNczDTJZKx-uE350DVx_3sS3SwpiNCsNCJjKg2mgLiMjal4LHYuPhYAGsph0dSvDYptpWq0%26utm_content%3D155544580%26utm_source%3Dhs_email&rl=&if=false&ts=1630982984456&sw=1600&sh=1200&v=2.9.45&r=stable&a=tmgoogletagmanager&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22360855018586366%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22273551817317844%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%22679555659612112%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22818691912264197%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%22378651853186425%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[5]=%7B%22extractorID%22%3A%221535566499962400%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1630982984454.1605855864&it=1630982984318&coo=false&rqm=GET
Requested by
Host: www.marcopromos.com
URL: https://www.marcopromos.com/info/promo-pack-ship-service?code=E0921-04&utm_campaign=Content%202021&utm_medium=email&_hsmi=155544580&_hsenc=p2ANqtz-8Pn73pXJdNppgJhRvCX8zHvRV9HesClkJ6npzL46_OHNczDTJZKx-uE350DVx_3sS3SwpiNCsNCJjKg2mgLiMjal4LHYuPhYAGsph0dSvDYptpWq0&utm_content=155544580&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 02:49:44 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 07 Sep 2021 02:49:44 GMT
/
www.google.com/pagead/1p-user-list/1068114047/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1068114047/?random=1630982984328&cv=9&fst=1630980000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg910&sendb=1&frm=0&url=https%3A%2F%2Fwww.marcopromos.com%2Finfo%2Fpromo-pack-ship-service%3Fcode%3DE0921-04%26utm_campaign%3DContent%25202021%26utm_medium%3Demail%26_hsmi%3D155544580%26_hsenc%3Dp2ANqtz-8Pn73pXJdNppgJhRvCX8zHvRV9HesClkJ6npzL46_OHNczDTJZKx-uE350DVx_3sS3SwpiNCsNCJjKg2mgLiMjal4LHYuPhYAGsph0dSvDYptpWq0%26utm_content%3D155544580%26utm_source%3Dhs_email&tiba=Drop%20Ship%20Promotional%20Items%20%7C%20MARCO%20Promos%E2%84%A2&async=1&fmt=3&is_vtc=1&random=1376740344&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.marcopromos.com
URL: https://www.marcopromos.com/info/promo-pack-ship-service?code=E0921-04&utm_campaign=Content%202021&utm_medium=email&_hsmi=155544580&_hsenc=p2ANqtz-8Pn73pXJdNppgJhRvCX8zHvRV9HesClkJ6npzL46_OHNczDTJZKx-uE350DVx_3sS3SwpiNCsNCJjKg2mgLiMjal4LHYuPhYAGsph0dSvDYptpWq0&utm_content=155544580&utm_source=hs_email
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Sep 2021 02:49:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1068114047/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1068114047/?random=1630982984328&cv=9&fst=1630980000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg910&sendb=1&frm=0&url=https%3A%2F%2Fwww.marcopromos.com%2Finfo%2Fpromo-pack-ship-service%3Fcode%3DE0921-04%26utm_campaign%3DContent%25202021%26utm_medium%3Demail%26_hsmi%3D155544580%26_hsenc%3Dp2ANqtz-8Pn73pXJdNppgJhRvCX8zHvRV9HesClkJ6npzL46_OHNczDTJZKx-uE350DVx_3sS3SwpiNCsNCJjKg2mgLiMjal4LHYuPhYAGsph0dSvDYptpWq0%26utm_content%3D155544580%26utm_source%3Dhs_email&tiba=Drop%20Ship%20Promotional%20Items%20%7C%20MARCO%20Promos%E2%84%A2&async=1&fmt=3&is_vtc=1&random=1376740344&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.marcopromos.com
URL: https://www.marcopromos.com/info/promo-pack-ship-service?code=E0921-04&utm_campaign=Content%202021&utm_medium=email&_hsmi=155544580&_hsenc=p2ANqtz-8Pn73pXJdNppgJhRvCX8zHvRV9HesClkJ6npzL46_OHNczDTJZKx-uE350DVx_3sS3SwpiNCsNCJjKg2mgLiMjal4LHYuPhYAGsph0dSvDYptpWq0&utm_content=155544580&utm_source=hs_email
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Sep 2021 02:49:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hotjar-1152087.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1152087.js?sv=6
Requested by
Host: d15n7r04.na1.hubspotlinks.com
URL: https://d15n7r04.na1.hubspotlinks.com/Btc/DN+113/d15N7r04/VVPYzY6QNdqSW3zPSR55JrmhHW178YCN4x2RQ_N1h3yrL3q90JV1-WJV7CgVWVW7YB0FD34MjSLW4chHr_700-BWW4Gdcpz5VkZkjW75JCJb8HH-PbN8LK4Y7bQSCNVl1BWp6KCqPrW4q6nry2mx4xkN2CWBbPsm-M9W5rcxlN2Zk1qlW3pVS7S56JJ7_W2KXRzF5kC1gkW8WqBTL7PKMdqW1sqnZZ4qhG1cW7PSqPT5jMNb6W31jvhm4t_WbzW6dhdRw2FPl59N7r9VfZm_LJhW4NgCrc4DWWk7W5c7YrC7CymYcW8T4_4D7_zsN8W6z1fZ91MKYZlVSTWn069CWwJW5RQX352ty07xVvMbx831rhvbW5g7NVZ3rMGCXN6QsMSVrn9sZN7khnL431qj-V9pdzf5zpspJ3fWy1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7a97ca3fe2d3c44d4073f777aa36952f6ad5366d28e22e64b0281ad01c1fdbe9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 02:49:08 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
36
etag
W/f45eb6d6308a6db440a818d1c3cfb505
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
ZNt3kOkh0lvpr1DicaJQHhPMHsulRZJXt5-zuTwJwQ4USgu6FGrx-Q==
via
1.1 985c0b2ec44bdebc7f24f26d1e427d31.cloudfront.net (CloudFront)
jquery.mousewheel.min.js
cdn.marcopromos.com/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.marcopromos.com/js/jquery.mousewheel.min.js
Requested by
Host: cdn.marcopromos.com
URL: https://cdn.marcopromos.com/js/web_bundle.js?V=01092021094925
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:cc00:8:4e36:8300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
W/"d5843dbdc71ff8014a5eafd346a262da"
last-modified
Sat, 25 May 2019 05:43:07 GMT
server
AmazonS3
age
4775
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
date
Tue, 07 Sep 2021 01:30:39 GMT
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
FOjPAXC9kPkibc7v7gMt8QZTRU72mY1oDBWaDm8_mxHhz8gutTtveA==
expires
Sat, 18 Apr 2020 13:54:36 GMT
event.jpeg
www.pages03.net/WTS/ 		0
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pages03.net/WTS/event.jpeg?accesskey=61f294ad-14c911e56a2-943e27de0c8b91cc3fcf1475c3e5d726&v=1.31&isNewSession=1&type=pageview&isNewVisitor=1&sessionGUID=70b00453-d59b-7199-e3b3-a91dcd18030c&webSyncID=a5b6ca6a-1699-588c-3a92-55a27526e695&url=https%3A%2F%2Fwww.marcopromos.com%2Finfo%2Fpromo-pack-ship-service%3Fcode%3DE0921-04%26utm_campaign%3DContent%25202021%26utm_medium%3Demail%26_hsmi%3D155544580%26_hsenc%3Dp2ANqtz-8Pn73pXJdNppgJhRvCX8zHvRV9HesClkJ6npzL46_OHNczDTJZKx-uE350DVx_3sS3SwpiNCsNCJjKg2mgLiMjal4LHYuPhYAGsph0dSvDYptpWq0%26utm_content%3D155544580%26utm_source%3Dhs_email&newSiteVisit=1&hostname=www.marcopromos.com&pathname=%2Finfo%2Fpromo-pack-ship-service&newPageVisit=1&eventKey=55a8ec96-4626-ea20-e23c-9db6550428e4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.50.17 , United States, ASN19795 (ACOUSTIC-ATL-01, US),
Reverse DNS
pages03.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Sep 2021 02:49:45 GMT
Server
Apache
p3p
CP="CAO PSA OUR"
Cache-Control
no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
Connection
close
Content-Type
image/jpeg
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
collectedforms.js
js.hscollectedforms.net/ 		81 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/9410333.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:80ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7b861c1a9a573b57465a6c661e88035def5f5891941ae94900a02e4c2ba2b14

Request headers

Origin
https://www.marcopromos.com
Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 02:49:44 GMT
via
1.1 156336391961f724345f6534c674b6eb.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
1918
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.243/bundles/project.js&cfRay=68ac7150cf204a9e-IAD
x-cache
Hit from cloudfront
access-control-max-age
3000
x-amz-replication-status
COMPLETED
content-encoding
br
cf-ray
68aca0268fc3647f-FRA
last-modified
Mon, 26 Jul 2021 08:57:16 UTC
server
cloudflare
etag
W/"71e1b9bc533ea0484715e256cd176305"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
B7tJDnPGhJYQnx9vLunWV_JVNjkGgLI4
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-hs-cache-status
MISS
x-amz-cf-pop
IAD89-C3
content-type
application/javascript; charset=utf-8
x-amz-cf-id
UdF5JVjhH2rVuk1v0du6KE8hFtkbzT6cyTOuKQW1jfXsd6PuKnS1uA==
x-hs-target-asset
collected-forms-embed-js/static-1.243/bundles/project.js
9410333.js
js.hs-banner.com/ 		61 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/9410333.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/9410333.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cb255fd5df24e2788ac5475bb7da3a32d55b5c759dbb031c5d251dec6da5c7c

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 02:49:44 GMT
content-encoding
br
cf-cache-status
HIT
age
183
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-request-id
ZNT8E2671ZJAABBT
x-amz-id-2
ZcQlrjVPGyUBHSkiFeZs3QQntzxC1ci9xozeNFUwyeW8CwWwJkLkSyo2Kp3SkoVj3MEgc2yFRro=
timing-allow-origin
*
last-modified
Fri, 03 Sep 2021 22:20:09 GMT
server
cloudflare
etag
W/"62256311618f801d4e64022efb2e5cd5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
d8SKCeUIhxFunRSXwn3SsF3Wicyred_0
access-control-allow-origin
https://www.marcopromos.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-ray
68aca02688824e32-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Tue, 07 Sep 2021 02:51:41 GMT
9410333.js
js.hs-analytics.net/analytics/1630982700000/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1630982700000/9410333.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/9410333.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c384b4a3885cedee12ffe9c15daf9e72cbc46c9ec2c7f46f40e25c96b8e3e035

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 02:49:44 GMT
content-encoding
br
cf-cache-status
HIT
age
183
x-amz-server-side-encryption
AES256
x-amz-request-id
JJTXHW959M67XRSP
x-amz-id-2
B8SETCTAzG7MIB2YBZdSMjl+soiwQ6ifaMJrxMJE6cji/2rd5/e+ogCYQW+V66YQhab2uYORBPc=
last-modified
Mon, 19 Jul 2021 18:09:34 GMT
server
cloudflare
etag
W/"828300d7648157655daefaaf401fe0f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300, public
access-control-allow-credentials
false
x-amz-version-id
null
cf-ray
68aca02688182c42-FRA
expires
Tue, 07 Sep 2021 02:51:40 GMT
e5c17b17-7f43-4f69-ad3a-6b54578b1219.jpg
dki9zok8ilpi.cloudfront.net/09383499-F9CD-4BEF-BDD5-E906CA13DE31/StaticImages/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dki9zok8ilpi.cloudfront.net/09383499-F9CD-4BEF-BDD5-E906CA13DE31/StaticImages/e5c17b17-7f43-4f69-ad3a-6b54578b1219.jpg
Requested by
Host: cdn.marcopromos.com
URL: https://cdn.marcopromos.com/js/lazysizes.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:8400:1b:9315:9980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
114aaebef117e4e94e93370053994867d46568ced72f584ec21b4e328e2c3a8e

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 09:14:21 GMT
via
1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
last-modified
Mon, 04 Jan 2021 11:41:46 GMT
server
AmazonS3
age
322524
etag
"fe75b46b64d70825238c9d732a49f985"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=604800
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
3737
x-amz-cf-id
idSOerWpTJgyCik1J91Y6yPcPXX5HsLj2fkoj7nTfHcmVrtOlMaiHA==
expires
Thu, 11 Feb 2021 11:08:07 GMT
marco-promos-logo-tagline200129.jpg
cdn.marcopromos.com/09383499-F9CD-4BEF-BDD5-E906CA13DE31/StaticImages/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.marcopromos.com/09383499-F9CD-4BEF-BDD5-E906CA13DE31/StaticImages/marco-promos-logo-tagline200129.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:cc00:8:4e36:8300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
494606aaf94197af743bb9412580e1bddd03796827a1dc5e242f6caba4f17ccd

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
last-modified
Tue, 13 Apr 2021 16:33:41 GMT
server
AmazonS3
age
2853
etag
"e99e8e1c6c1a770973a3e886afcc4bd1"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=604800
date
Tue, 07 Sep 2021 02:26:06 GMT
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
12473
x-amz-cf-id
hodeH_OvVlOBmWri7odBtokSgvgp-YcfJg2QOctOYFEFAmI652bCag==
expires
Fri, 31 Dec 2021 14:46:27 GMT
2409a43c-cdfb-42ab-821c-b16acdd5c3ac.jpg
dki9zok8ilpi.cloudfront.net/09383499-F9CD-4BEF-BDD5-E906CA13DE31/StaticImages/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dki9zok8ilpi.cloudfront.net/09383499-F9CD-4BEF-BDD5-E906CA13DE31/StaticImages/2409a43c-cdfb-42ab-821c-b16acdd5c3ac.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:8400:1b:9315:9980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dce9047268ed02350f6f4c82cef6dacd302b963345ec94f013eebf963fcc90d3

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 04:59:44 GMT
via
1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
age
165001
x-amz-meta-sha256
dce9047268ed02350f6f4c82cef6dacd302b963345ec94f013eebf963fcc90d3
x-cache
Hit from cloudfront
content-length
1216
last-modified
Mon, 04 Jan 2021 12:03:17 GMT
server
AmazonS3
etag
"11d6701027d847479e7d6caabb69d7f6"
content-type
image/jpeg
expires
Thu, 11 Feb 2021 11:08:07 GMT
cache-control
max-age=604800
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
2_UohdAdNW-7o_o4KaGWIG0qrKnBsNgdISIm-eJ_kiuG69GaEbKRRA==
x-amz-meta-s3b-last-modified
20190927T141104Z
343d626a-9979-48ce-aa42-03a02c438204.jpg
dki9zok8ilpi.cloudfront.net/09383499-F9CD-4BEF-BDD5-E906CA13DE31/StaticImages/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dki9zok8ilpi.cloudfront.net/09383499-F9CD-4BEF-BDD5-E906CA13DE31/StaticImages/343d626a-9979-48ce-aa42-03a02c438204.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:8400:1b:9315:9980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86eaa70c7f2a3e930221aea9db06dd13b2d994dcb0941556648bc93ad2ea30d3

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 20:12:56 GMT
via
1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
age
542209
x-amz-meta-sha256
86eaa70c7f2a3e930221aea9db06dd13b2d994dcb0941556648bc93ad2ea30d3
x-cache
Hit from cloudfront
content-length
1048
last-modified
Mon, 04 Jan 2021 11:28:17 GMT
server
AmazonS3
etag
"512441dbbd31e9da47985dc0b1b18b98"
content-type
image/jpeg
expires
Thu, 11 Feb 2021 11:08:07 GMT
cache-control
max-age=604800
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
dwaREp6Tyurrvm4SAQjoCTj0HrhBM53lrkx8W0yzSUb2-mPUclXGew==
x-amz-meta-s3b-last-modified
20190927T141110Z
a06e51d4-71f8-4c2f-9d70-2899a11155bb.jpg
dki9zok8ilpi.cloudfront.net/09383499-F9CD-4BEF-BDD5-E906CA13DE31/StaticImages/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dki9zok8ilpi.cloudfront.net/09383499-F9CD-4BEF-BDD5-E906CA13DE31/StaticImages/a06e51d4-71f8-4c2f-9d70-2899a11155bb.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:8400:1b:9315:9980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f98a9b41ef3174d6c09d3467f91a8e0795e6ef8d0f9eeeee234fe332317ac57

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 20:12:56 GMT
via
1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
age
542209
x-amz-meta-sha256
4f98a9b41ef3174d6c09d3467f91a8e0795e6ef8d0f9eeeee234fe332317ac57
x-cache
Hit from cloudfront
content-length
1383
last-modified
Mon, 04 Jan 2021 12:06:39 GMT
server
AmazonS3
etag
"5e8aada6ff472cd7ae0b9d3352766453"
content-type
image/jpeg
expires
Thu, 11 Feb 2021 11:08:07 GMT
cache-control
max-age=604800
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
VsXdJegXr7zvuG1eVfqAmtQRN0VDkPOj0B0y5GxpFO9Qvp-EGWMMDw==
x-amz-meta-s3b-last-modified
20190927T141016Z
0
bat.bing.com/action/ 		0
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=4020823&tm=gtm002&Ver=2&mid=e0d86e42-b8e8-4554-b79e-47f77695131b&sid=41e9b9200f8611ec8388f98642c97370&vid=41ea0ab00f8611ec83e8cf8175fe6dd6&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Drop%20Ship%20Promotional%20Items%20%7C%20MARCO%20Promos%E2%84%A2&p=https%3A%2F%2Fwww.marcopromos.com%2Finfo%2Fpromo-pack-ship-service%3Fcode%3DE0921-04%26utm_campaign%3DContent%25202021%26utm_medium%3Demail%26_hsmi%3D155544580%26_hsenc%3Dp2ANqtz-8Pn73pXJdNppgJhRvCX8zHvRV9HesClkJ6npzL46_OHNczDTJZKx-uE350DVx_3sS3SwpiNCsNCJjKg2mgLiMjal4LHYuPhYAGsph0dSvDYptpWq0%26utm_content%3D155544580%26utm_source%3Dhs_email&r=&lt=2343&evt=pageLoad&msclkid=N&sv=1&rn=597398
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 07 Sep 2021 02:49:44 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 6357281B68E444B18412D59A1C43EC41 Ref B: FRAEDGE1520 Ref C: 2021-09-07T02:49:44Z
x-cache
CONFIG_NOCACHE
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.32d4d6c361d45587f461.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.32d4d6c361d45587f461.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1152087.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
06009f7eeb9f8524ea331e672cab99b44167badae53c6ac33aadc4d29b42b1e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 10:17:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
405159
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59572
access-control-allow-origin
*
last-modified
Thu, 02 Sep 2021 10:16:34 GMT
etag
"3160769f38fdb6aa7f9b79e9033d46a8"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
GnirL1h1snnYyBLFzVicSTTAz9vjq8E5PmxN4CxN7JPKVL4l9N02iA==
__ptq.gif
track.hubspot.com/ 		45 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=651832833&v=1.1&a=9410333&rcu=https%3A%2F%2Fwww.marcopromos.com%2Finfo%2Fpromo-pack-ship-service&pu=https%3A%2F%2Fwww.marcopromos.com%2Finfo%2Fpromo-pack-ship-service%3Fcode%3DE0921-04%26utm_campaign%3DContent%25202021%26utm_medium%3Demail%26_hsmi%3D155544580%26_hsenc%3Dp2ANqtz-8Pn73pXJdNppgJhRvCX8zHvRV9HesClkJ6npzL46_OHNczDTJZKx-uE350DVx_3sS3SwpiNCsNCJjKg2mgLiMjal4LHYuPhYAGsph0dSvDYptpWq0%26utm_content%3D155544580%26utm_source%3Dhs_email&t=Drop+Ship+Promotional+Items+%7C+MARCO+Promos%E2%84%A2&cts=1630982984785&vi=d9dcefcdd514a48d11ee85d111c9e8af&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 02:49:44 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
43c13509-191a-4478-ab73-df09320ead86
cf-ray
68aca026cd514e1f-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ZZnaj5vSLV9BE11ghVSebk9iUYkxTGPeiVNGWE%2FqXAFyHECVLfHFHiWCimanFMdz3fs46UwFvWELZ1TYLql%2FBaTehDEPx4YmRVm3BP%2B2qXqKJ3uotPVwRARyddRAO1mJxMKqjiM1WQ1X75PHVuS"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
view
js.hs-banner.com/cookie-banner/activity/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/cookie-banner/activity/view
Protocol
H2
Server
2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.marcopromos.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 07 Sep 2021 02:49:45 GMT
content-type
application/octet-stream
content-length
0
access-control-allow-origin
https://www.marcopromos.com
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials
true
access-control-max-age
604800
timing-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
68aca026eb9842fd-FRA
view
js.hs-banner.com/cookie-banner/activity/ 		0
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/cookie-banner/activity/view
Requested by
Host: js.hs-banner.com
URL: https://js.hs-banner.com/9410333.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

timing-allow-origin
*
date
Tue, 07 Sep 2021 02:49:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-hubspot-correlation-id
300f5a01-45cb-443e-a627-9b5482a2a2c8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://www.marcopromos.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials
true
cf-ray
68aca0293f2142fd-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 8132 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1152087.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.marcopromos.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.marcopromos.com/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
7aUC_p_MMR-ddt9NKmo8_NepAjZbX85IowFmPkHN9F7L3eiG0UMWcg==
age
4415594
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-error-caught&count=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 02:49:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-hubspot-correlation-id
5be8150b-2257-4c6f-8b70-cb930b28e243
x-trace
2BF9E6919EAFACBC947AB7953A09791EC469126EC5000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
68aca0271cfc2b95-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
35
x-robots-tag
none
/
www.facebook.com/tr/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary14bgS7dhyT0sooe2

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Tue, 07 Sep 2021 02:49:44 GMT
content-type
text/plain
access-control-allow-origin
https://www.marcopromos.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38VC48
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
168
date
Tue, 07 Sep 2021 02:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 07 Sep 2021 04:46:57 GMT
ytc.js
s.yimg.com/wi/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: d15n7r04.na1.hubspotlinks.com
URL: https://d15n7r04.na1.hubspotlinks.com/Btc/DN+113/d15N7r04/VVPYzY6QNdqSW3zPSR55JrmhHW178YCN4x2RQ_N1h3yrL3q90JV1-WJV7CgVWVW7YB0FD34MjSLW4chHr_700-BWW4Gdcpz5VkZkjW75JCJb8HH-PbN8LK4Y7bQSCNVl1BWp6KCqPrW4q6nry2mx4xkN2CWBbPsm-M9W5rcxlN2Zk1qlW3pVS7S56JJ7_W2KXRzF5kC1gkW8WqBTL7PKMdqW1sqnZZ4qhG1cW7PSqPT5jMNb6W31jvhm4t_WbzW6dhdRw2FPl59N7r9VfZm_LJhW4NgCrc4DWWk7W5c7YrC7CymYcW8T4_4D7_zsN8W6z1fZ91MKYZlVSTWn069CWwJW5RQX352ty07xVvMbx831rhvbW5g7NVZ3rMGCXN6QsMSVrn9sZN7khnL431qj-V9pdzf5zpspJ3fWy1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

ats-carp-promotion
1
date
Tue, 07 Sep 2021 02:27:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1317
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
5639
x-amz-id-2
xlRJFCMFJO/NGRLu0yauoqZKB5OZ1RxCe3Dxs9LOAkPwW3qpOOFbrvcl3JLVpXo440vlt9bezNc=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Sat, 02 Jul 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Thu, 27 May 2021 13:00:20 GMT
server
ATS
etag
"6de43f1c725d89777edaa2bc5d679ecb-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
QCMH4EA5JXPJE1ZW
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
x-amz-version-id
Bv0RNzsjZsSn6kGrZjdvdggYqc20u__d
accept-ranges
bytes
content-type
application/javascript
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
882 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 02:24:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
1503
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Tue, 07 Sep 2021 03:24:42 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 02:24:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
1507
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
expires
Tue, 07 Sep 2021 03:24:38 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-554630-9&cid=282788873.1630982985&jid=126652430&gjid=47793103&_gid=1652619297.1630982985&_u=aGBAgEArAAAAAE~&z=750925651
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 07 Sep 2021 02:49:45 GMT
content-type
text/plain
access-control-allow-origin
https://www.marcopromos.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=1659110689&t=pageview&_s=1&dl=https%3A%2F%2Fwww.marcopromos.com%2Finfo%2Fpromo-pack-ship-service%3Fcode%3DE0921-04%26utm_campaign%3DContent%25202021%26utm_medium%3Demail%26_hsmi%3D155544580%26_hsenc%3Dp2ANqtz-8Pn73pXJdNppgJhRvCX8zHvRV9HesClkJ6npzL46_OHNczDTJZKx-uE350DVx_3sS3SwpiNCsNCJjKg2mgLiMjal4LHYuPhYAGsph0dSvDYptpWq0%26utm_content%3D155544580%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Drop%20Ship%20Promotional%20Items%20%7C%20MARCO%20Promos%E2%84%A2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAr~&jid=126652430&gjid=47793103&cid=282788873.1630982985&tid=UA-554630-9&_gid=1652619297.1630982985&gtm=2wg910T38VC48&cd9=no_freebie_variable&z=489543566
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Sep 2021 22:02:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
17223
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
10029722.json
s.yimg.com/wi/config/ 		2 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10029722.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 02:17:46 GMT
x-content-type-options
nosniff
age
1920
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
TJEWMD6QPC80Q0VF
x-amz-id-2
1ueyIo7e+Trt/d24WaRSRlU/KNAVYOeDg2tnFfS1/z4U02sFwsQZoYDjUPie/dNVfsZs3FduF9s=
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
content-length
2
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-554630-9&cid=282788873.1630982985&jid=126652430&_u=aGBAgEArAAAAAE~&z=2033746349
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Sep 2021 02:49:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-554630-9&cid=282788873.1630982985&jid=126652430&_u=aGBAgEArAAAAAE~&z=2033746349
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marcopromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Sep 2021 02:49:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

202 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| ewt boolean| prerenderReady object| dataLayer object| __cfQR object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| fbq function| _fbq object| meta object| _yieldify function| UET function| UET_init function| UET_push object| uetq function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| hj object| _hjSettings function| getFreebieCookie function| setFreebieCookie function| checkFreebieCookie function| deleteEverything boolean| UseS3BucketForCustomElement number| priorityElemsThreshold function| gtag string| layoutname function| genSetCookie function| readGenCookie function| gaTrack function| gaTrackPOS function| showRecycleSymb function| closeRecycleSymb function| closePopLayer string| FirstName object| UserEmail undefined| isFromCheckout string| _PromoCookieDetails function| GetParameterValues function| SavePromotionCookieDetails function| SaveThankyouCookieDetails object| tokens function| callApi function| SetCookie function| ReadCookie function| getRefererCode function| IsRefererCodeExists function| gclidGetParam object| gclid object| msclkid string| markCode undefined| gclsrc string| wyhh boolean| isSafari function| showIncompatible string| _referrer string| marketingCode string| cookiedetails function| getcd undefined| cd string| UserGuid string| SessionGuid string| currencysymbol string| defaultlanguageguid string| defaultcurrencyguid string| currencyguid string| languageuid string| websiteguid string| SaaS_Product_Microservice_Url string| SaaS_ProductListing_Microservice_URL string| SaaS_Analytics_Microservice_URL string| SaaS_Basket_Microservice_URL string| WebsiteURL string| cdnURL string| SaaS_ProductAdmin_Microservice_Url string| SiteCssVersion object| staticAPIs object| lowPriorityElems object| backgroundAPIs object| fetchStartTime object| duplicateAPIs boolean| forceRemoteFetch string| randomQSParam object| apiTable object| perArr number| psuedoPercent number| perIntervalID boolean| priorityElemsReady boolean| localStorageEnabled boolean| errorLogging boolean| visualErrorLogging string| a undefined| _errLogging undefined| _visualErrLogging undefined| old undefined| logger undefined| debugMode undefined| debugGUI undefined| _debugMode undefined| toggleBtn undefined| ico1 undefined| ico2 undefined| _debugGUI undefined| guiDIVstyle undefined| guiDIV undefined| devApiList undefined| _forceRemote function| createElem function| updateDevGUI function| apiResponse function| createHeaderFooter undefined| Layout function| ShowModalPopUp function| ShowMyModalPopUp function| HideModalPopUp function| htmlEncode function| htmlDecode undefined| _openPopupCount function| popupV2 function| closePopupV2 function| HitCount undefined| WEBSITEGUID undefined| LANGUAGEGUID function| getUrlVars function| SaveCampaignAnalytics function| $ function| jQuery function| GetBasketViewPopup function| GetbasketView function| AddToWishList function| RemoveProductFromWishList function| CallAddToWishList function| RemoveFromWishList boolean| IsLoginWishListStatus string| bucketUrl string| pageName function| sha512 function| sha384 function| sha512_256 function| sha512_224 boolean| mCustomScrollbar object| lazySizes function| PresentionButtonCount function| FilterPresentionButtonCount function| catalogPresentationNotification function| IsUserLogIn function| GenerateCatalogGuid function| setCookiePresentation function| getCookie function| checkCookie function| ClearPresentation function| EncodeProductcode function| DecodeProductcode function| replaceAllProdPresentation function| escapeRegExpProdPresentation undefined| ProductGUIds undefined| products boolean| __cfRLUnblockHandlers string| ewt_host string| ewt_page_key object| _hsp object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| _hsq object| _paq function| sanitizeKey boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| _hstc_loaded boolean| _hspb_ran boolean| _hspb_loaded object| __hsCollectedFormsDebug string| GoogleAnalyticsObject function| ga object| dotq object| links object| gaplugins object| gaGlobal object| gaData object| YAHOO string| t string| r string| k

3 Cookies

Domain/Path Name / Value
.marcopromos.com/ Name: _fbp
Value: fb.1.1630982984454.1605855864
.marcopromos.com/ Name: _gcl_au
Value: 1.1.1600927179.1630982984
www.marcopromos.com/ Name: LoginDetails
Value: hnCEe5Ow0rv%2FSXwuAUxgop6egDQYnd5i2910kni4Z1Cg1y9VSg7f9iqZ68jn1R%2Fbqb2udgg%2BD3xWrzCSRpnmuG4alO%2BYjwSZn%2BD%2BiluuitDtT6eQAC5t%2BMqn7nHzVSZT1ooD5fhkO3N4pjCRrIMuuXsqss5%2Bv55faTl9t7SgURR8N4cxohhT%2FWVXzCygTJBx3FVw0nGZuPxNTURv62NCcKKcWMVikMkPJUvIqTN6nAAeK9em11q6RaOy0bdsb0JJHgoYvUZOFUaX%2BysFU%2Blmthgy9HGIyqWbThlIevfknvWiGk3nPWLKp89IX%2FFUUmXkAU3NrtPC4UxVuBB3gwDS2%2FgrrPtxQfdNa68AIk%2FteIAj0e%2Fj%2BXSsYGdPeEkMBxZs3BHevJ3K%2B53HkZ0mWvCkOHSaUK1tdJ2UQceEfur4Vby%2B2Mu4Ku1%2BbccT%2Bb6hQ4RY3DSKwAXNvxxqF4dWZB8GMrx7X0O2rvzX0By8vvJfkLhw%2BwbieZ54U9HXfunfV5Aik%2B21IhEQbTTiNU3WDpytpSX59ArUjgHJEw%2BmHAW39OLCPlrntOl%2B%2FJOB9zpXy6%2FrWVWe43lJj3ctQU3PIKkciReLqpl73qSD%2BigQPxXSw4LzeTVNKzyX%2FsXIrEaO0QXHRelI4uhrhuAf67nWZsZIxx0RbF6BZK1JDxnN3EWk1cKW%2BOuKzcIWz2zW37Rs2TpZTAY%2FIrokF94mYeGF1FshBacNwKfVuspEm%2BDsu9rgg%2Bhut%2FgfIiKoKr4XUFuhGCg4tl3l4%2BS2vJKmq8iuz4AcvVGSKOjVJ06wUiuZCKIco6MESDhuhPtLLXszYfT6riYDgXt2%2BgaGqni9AAxnBan88o0xerjSe0BnaNL7tdQbNqqr349dbfbRr32BIG3REnyArpU1h4P59Nh6RkzwTFD34BLOtiv9l%2FDeEyaCf1OkdwTJ2ysuMRGSOHymXXzubE1V92s1vHmKxnjRr711j9Qzr5jKn8%2BEU9H%2FY2MQk8MfgiJdFYlBzW%2F7QK2LZa%2BGMIW33eiuLcOy4SuK3Zecw0dknUGAVmkCuuIiuQfU7QZgwe0%3D

8 Console Messages

Source Level URL
Text
console-api debug URL: https://d15n7r04.na1.hubspotlinks.com/Btc/DN+113/d15N7r04/VVPYzY6QNdqSW3zPSR55JrmhHW178YCN4x2RQ_N1h3yrL3q90JV1-WJV7CgVWVW7YB0FD34MjSLW4chHr_700-BWW4Gdcpz5VkZkjW75JCJb8HH-PbN8LK4Y7bQSCNVl1BWp6KCqPrW4q6nry2mx4xkN2CWBbPsm-M9W5rcxlN2Zk1qlW3pVS7S56JJ7_W2KXRzF5kC1gkW8WqBTL7PKMdqW1sqnZZ4qhG1cW7PSqPT5jMNb6W31jvhm4t_WbzW6dhdRw2FPl59N7r9VfZm_LJhW4NgCrc4DWWk7W5c7YrC7CymYcW8T4_4D7_zsN8W6z1fZ91MKYZlVSTWn069CWwJW5RQX352ty07xVvMbx831rhvbW5g7NVZ3rMGCXN6QsMSVrn9sZN7khnL431qj-V9pdzf5zpspJ3fWy1(Line 13)
Message:
toS
console-api log (Line 37)
Message:
safari: false
console-api log (Line 53)
Message:
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
console-api log (Line 114)
Message:
marketingCode:
console-api log (Line 1)
Message:
window.location.host: www.marcopromos.com
console-api log URL: web_service/layout.cshtml.js(Line 34)
Message:
FirstName: null
console-api log URL: web_service/layout.cshtml.js(Line 35)
Message:
UserEmail: null
console-api log URL: https://cdn.marcopromos.com/js/web-bundle2.js?V=01092021094925(Line 43)
Message:
staticpage

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
cdn.marcopromos.com
connect.facebook.net
custom.yieldify.com
d15n7r04.na1.hubspotlinks.com
dki9zok8ilpi.cloudfront.net
forms.hsforms.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
s.yimg.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
td.yieldify.com
track.hubspot.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.marcopromos.com
www.pages03.net
www.sc.pages03.net
13.226.155.68
142.250.185.194
151.101.12.233
151.101.192.233
18.66.112.30
18.66.112.6
18.66.97.49
2600:9000:2182:8400:1b:9315:9980:21
2600:9000:223f:cc00:8:4e36:8300:93a1
2606:4700:10::ac43:106d
2606:4700::6810:5605
2606:4700::6811:46b0
2606:4700::6811:80ab
2606:4700::6811:d6cc
2606:4700::6812:15bf
2606:4700::6812:1e69
2606:4700::6813:9b53
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2008
2a00:1450:4001:830::2003
2a00:1450:400c:c08::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
74.121.50.17
027c41a0adf0e1d091b589e063e86824381faa6cee6deb5275069fff3333b41a
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06009f7eeb9f8524ea331e672cab99b44167badae53c6ac33aadc4d29b42b1e9
0f961c62a5d3faf422bafd5ce3c490a54b95c68a1bb5aaca37b66a8257fe02ea
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
114aaebef117e4e94e93370053994867d46568ced72f584ec21b4e328e2c3a8e
1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27a1e80167055f562f0ddda38620ec1f5a354c5ab795c75da16874f4095520f3
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
494606aaf94197af743bb9412580e1bddd03796827a1dc5e242f6caba4f17ccd
4bb4257efa5fc4152a10d501cb459ef515835d8dd07e3616b726516fd4c3ae20
4f98a9b41ef3174d6c09d3467f91a8e0795e6ef8d0f9eeeee234fe332317ac57
513a8d65184bb833d3efa308750fd249a76ab649d81ccb9b5b1a7a6de5cbbdc6
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257
678d8939722a3a477adf146780b32650e7ef13b2be47f278918349dfa1239b40
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b4a05aeb962f91e74f0e48cb78dcb24322fb1deacc348e87db098f98fc6c966
6cb255fd5df24e2788ac5475bb7da3a32d55b5c759dbb031c5d251dec6da5c7c
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7a97ca3fe2d3c44d4073f777aa36952f6ad5366d28e22e64b0281ad01c1fdbe9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86eaa70c7f2a3e930221aea9db06dd13b2d994dcb0941556648bc93ad2ea30d3
8c684a8852d71857b17051d684ab9d4236a3a28f8dd2ff2f4dbdf54ca16fdd72
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
8ed5a84313e36a1c56bafc99a40dd75908e60ea9872fcaae901ce762da3597fd
917401af2cad86d776c7b3c8bfea34d2f6bcc4ea3de1b62407acb952b6d26dcd
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
a44484ecc8b7aa5da1603d6a7256d3eea3c5c8e5c6f50bcdb220b303e4b2010a
a53b289843b15d58a9574645ea05db23c5dd6663fc5e39f5c61528ae13de22f5
acd82ecf1cd6b4172ca2e21a6f5518771bd2607eaf6d41c0f755d05c40b79dd0
b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6
bd5f812e0825d32f5132f5242617a57b1a3d275b1e82d0ed253a4479c219361b
bf642dd3b128e98a08293ff9b92ce4db903f7e67b8190b9c42e3386cb35fba0f
c384b4a3885cedee12ffe9c15daf9e72cbc46c9ec2c7f46f40e25c96b8e3e035
c814ca500e172d8691630ef040cf582e926b21b68189abfb6d398f8570f0e65a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cfc0a2fed6070df07041c36ae476a0f592b7ab5b5af8cc8e063eb9376029cd8a
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dce9047268ed02350f6f4c82cef6dacd302b963345ec94f013eebf963fcc90d3
dd640b863e9828651a6bc0b7dc065ace9f27b65824e1d923965f294a028e3c06
df2211f0b9aaa190b99b2f7ec86cc20132c3f3d4ee1e8f10baa59e1a9e5a9f5e
e04dc0e3780b33c759f90a59ebba6665cfe79bf732d90cef831fc83309934f57
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10de3a31ecefe366e3be44123b3cad721ab3b9238f7dd4c654792347dbfa93e
f7b861c1a9a573b57465a6c661e88035def5f5891941ae94900a02e4c2ba2b14
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62