urlscan.io logo urlscan.io
SecurityTrails logo

promotion.igetpromotional.com Open in urlscan Pro
157.230.124.215  Public Scan

Go To Rescan Add Verdict Report
URL: https://promotion.igetpromotional.com/o/HIRb5/?ha_vid=33d0e57a50e04b41925ea950c919b8c9
Submission: On September 15 via manual from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 19 HTTP transactions. The main IP is 157.230.124.215, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is promotion.igetpromotional.com.
TLS certificate: Issued by R3 on September 11th 2023. Valid for: 3 months.
This is the only time promotion.igetpromotional.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 157.230.124.215 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
1 49.13.70.154 24940 (HETZNER-AS)
5 2a00:1450:400... 15169 (GOOGLE)
19 4
Apex Domain
Subdomains		 Transfer
12 igetpromotional.com
promotion.igetpromotional.com
622 KB
5 gstatic.com
fonts.gstatic.com
71 KB
1 jqueryviews.info
cdn.jqueryviews.info
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 56
1 KB
19 4
Domain Requested by
12 promotion.igetpromotional.com promotion.igetpromotional.com
5 fonts.gstatic.com fonts.googleapis.com
1 cdn.jqueryviews.info promotion.igetpromotional.com
1 fonts.googleapis.com promotion.igetpromotional.com
19 4

This site contains no links.

Subject Issuer Validity Valid
promotion.igetpromotional.com
R3		 2023-09-11 -
2023-12-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
cdn.jqueryviews.info
R3		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://promotion.igetpromotional.com/o/HIRb5/?ha_vid=33d0e57a50e04b41925ea950c919b8c9
Frame ID: 4EA45E54634B475B07CD6F5C8662FF75
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Temu Gizemli kutu

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

695 kB
Transfer

709 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
promotion.igetpromotional.com/o/HIRb5/ 		19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://promotion.igetpromotional.com/o/HIRb5/?ha_vid=33d0e57a50e04b41925ea950c919b8c9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.230.124.215 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash
48158b51b71a86feb825462dde71464209ad087bfdf668822cd0c1f9db0e25fe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 15 Sep 2023 13:15:40 GMT
Server
openresty
Transfer-Encoding
chunked
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Requested by
Host: promotion.igetpromotional.com
URL: https://promotion.igetpromotional.com/o/HIRb5/?ha_vid=33d0e57a50e04b41925ea950c919b8c9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotion.igetpromotional.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 15 Sep 2023 13:15:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 12:37:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 15 Sep 2023 13:15:41 GMT
index.css
promotion.igetpromotional.com/media/HIRb5/ 		18 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://promotion.igetpromotional.com/media/HIRb5/index.css?v=1
Requested by
Host: promotion.igetpromotional.com
URL: https://promotion.igetpromotional.com/o/HIRb5/?ha_vid=33d0e57a50e04b41925ea950c919b8c9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.230.124.215 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash
c1ef0dc1ed825598db9bb1e09dd2f80eec32b416f92906b2d104f27e1db5ae2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotion.igetpromotional.com/o/HIRb5/?ha_vid=33d0e57a50e04b41925ea950c919b8c9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 13:15:41 GMT
Last-Modified
Tue, 12 Sep 2023 13:12:56 GMT
Server
openresty
Etag
"650063d8-485e"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18526
Expires
Sun, 15 Oct 2023 13:15:41 GMT
jquery-3.6.0.min.js
promotion.igetpromotional.com/media/HIRb5/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promotion.igetpromotional.com/media/HIRb5/jquery-3.6.0.min.js
Requested by
Host: promotion.igetpromotional.com
URL: https://promotion.igetpromotional.com/o/HIRb5/?ha_vid=33d0e57a50e04b41925ea950c919b8c9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.230.124.215 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash
7449786e66946f4f3f335c7045263667c08973562029bbdfc40774af89ff0f70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotion.igetpromotional.com/o/HIRb5/?ha_vid=33d0e57a50e04b41925ea950c919b8c9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 13:15:41 GMT
Last-Modified
Tue, 12 Sep 2023 13:12:56 GMT
Server
openresty
Etag
"650063d8-15d54"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
89428
Expires
Sun, 15 Oct 2023 13:15:41 GMT
stars.png
promotion.igetpromotional.com/media/HIRb5/ 		499 B
829 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promotion.igetpromotional.com/media/HIRb5/stars.png
Requested by
Host: promotion.igetpromotional.com
URL: https://promotion.igetpromotional.com/o/HIRb5/?ha_vid=33d0e57a50e04b41925ea950c919b8c9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.230.124.215 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash
5575d813bea3f854b3d892ac67e2fbfc75147569bff1f2c308ea20cfe7f7cc04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotion.igetpromotional.com/o/HIRb5/?ha_vid=33d0e57a50e04b41925ea950c919b8c9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 13:15:41 GMT
Last-Modified
Tue, 12 Sep 2023 13:12:56 GMT
Server
openresty
Etag
"650063d8-1f3"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
499
Expires
Sun, 15 Oct 2023 13:15:41 GMT
s1.png
promotion.igetpromotional.com/media/HIRb5/ 		135 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promotion.igetpromotional.com/media/HIRb5/s1.png
Requested by
Host: promotion.igetpromotional.com
URL: https://promotion.igetpromotional.com/o/HIRb5/?ha_vid=33d0e57a50e04b41925ea950c919b8c9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.230.124.215 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash
0b247224ebb32433f3fdddca319cf86ac645b083451c3edca1b56c4b842ef910

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotion.igetpromotional.com/o/HIRb5/?ha_vid=33d0e57a50e04b41925ea950c919b8c9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 13:15:41 GMT
Last-Modified
Tue, 12 Sep 2023 13:12:56 GMT
Server
openresty
Etag
"650063d8-21bc3"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
138179
Expires
Sun, 15 Oct 2023 13:15:41 GMT
s2.png
promotion.igetpromotional.com/media/HIRb5/ 		89 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promotion.igetpromotional.com/media/HIRb5/s2.png
Requested by
Host: promotion.igetpromotional.com
URL: https://promotion.igetpromotional.com/o/HIRb5/?ha_vid=33d0e57a50e04b41925ea950c919b8c9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.230.124.215 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash
967e2110bc6c1c24a709535e294e46b92af829ea969ba1249eabaa709be4309d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotion.igetpromotional.com/o/HIRb5/?ha_vid=33d0e57a50e04b41925ea950c919b8c9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 13:15:41 GMT
Last-Modified
Tue, 12 Sep 2023 13:12:56 GMT
Server
openresty
Etag
"650063d8-165a1"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91553
Expires
Sun, 15 Oct 2023 13:15:41 GMT
s3.png
promotion.igetpromotional.com/media/HIRb5/ 		94 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promotion.igetpromotional.com/media/HIRb5/s3.png
Requested by
Host: promotion.igetpromotional.com
URL: https://promotion.igetpromotional.com/o/HIRb5/?ha_vid=33d0e57a50e04b41925ea950c919b8c9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.230.124.215 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash
11231fe99daa4af5aa374d90a2e25d94dc2c9b7face1d8043c8d504e72afcad0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotion.igetpromotional.com/o/HIRb5/?ha_vid=33d0e57a50e04b41925ea950c919b8c9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 13:15:41 GMT
Last-Modified
Tue, 12 Sep 2023 13:12:56 GMT
Server
openresty
Etag
"650063d8-179bd"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
96701
Expires
Sun, 15 Oct 2023 13:15:41 GMT
s4.png
promotion.igetpromotional.com/media/HIRb5/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promotion.igetpromotional.com/media/HIRb5/s4.png
Requested by
Host: promotion.igetpromotional.com
URL: https://promotion.igetpromotional.com/o/HIRb5/?ha_vid=33d0e57a50e04b41925ea950c919b8c9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.230.124.215 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash
13eccad74f890bf1e8ea8f80eb4cf8aa1680e09fa1fb1e29aedb9f4e6a5d3be1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotion.igetpromotional.com/o/HIRb5/?ha_vid=33d0e57a50e04b41925ea950c919b8c9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 13:15:41 GMT
Last-Modified
Tue, 12 Sep 2023 13:12:56 GMT
Server
openresty
Etag
"650063d8-1ab5c"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
109404
Expires
Sun, 15 Oct 2023 13:15:41 GMT
s5.png
promotion.igetpromotional.com/media/HIRb5/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promotion.igetpromotional.com/media/HIRb5/s5.png
Requested by
Host: promotion.igetpromotional.com
URL: https://promotion.igetpromotional.com/o/HIRb5/?ha_vid=33d0e57a50e04b41925ea950c919b8c9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.230.124.215 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash
1fd24791133a613496b3c7163c6b3e0706aecc08ba49ba1f021cd4993cd684ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotion.igetpromotional.com/o/HIRb5/?ha_vid=33d0e57a50e04b41925ea950c919b8c9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 13:15:41 GMT
Last-Modified
Tue, 12 Sep 2023 13:12:56 GMT
Server
openresty
Etag
"650063d8-1041c"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66588
Expires
Sun, 15 Oct 2023 13:15:41 GMT
paycards.png
promotion.igetpromotional.com/media/HIRb5/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promotion.igetpromotional.com/media/HIRb5/paycards.png
Requested by
Host: promotion.igetpromotional.com
URL: https://promotion.igetpromotional.com/o/HIRb5/?ha_vid=33d0e57a50e04b41925ea950c919b8c9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.230.124.215 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash
149b11a8033028603d3490819fd1a6601ad0d75d75498f1aa6c9dc5c4ac88b9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotion.igetpromotional.com/o/HIRb5/?ha_vid=33d0e57a50e04b41925ea950c919b8c9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 13:15:41 GMT
Last-Modified
Tue, 12 Sep 2023 13:12:56 GMT
Server
openresty
Etag
"650063d8-225c"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8796
Expires
Sun, 15 Oct 2023 13:15:41 GMT
index.js
promotion.igetpromotional.com/media/HIRb5/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promotion.igetpromotional.com/media/HIRb5/index.js?v=1
Requested by
Host: promotion.igetpromotional.com
URL: https://promotion.igetpromotional.com/o/HIRb5/?ha_vid=33d0e57a50e04b41925ea950c919b8c9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.230.124.215 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash
74fd5aadc741b8d67e500317d31f74e63909881c8f7070dcdeb306e920cf5187

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotion.igetpromotional.com/o/HIRb5/?ha_vid=33d0e57a50e04b41925ea950c919b8c9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 13:15:41 GMT
Last-Modified
Tue, 12 Sep 2023 13:12:56 GMT
Server
openresty
Etag
"650063d8-1e7a"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7802
Expires
Sun, 15 Oct 2023 13:15:41 GMT
bootstrap-core.js
cdn.jqueryviews.info/o/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jqueryviews.info/o/bootstrap-core.js?hash=${btoa(e.location.href)}
Requested by
Host: promotion.igetpromotional.com
URL: https://promotion.igetpromotional.com/media/HIRb5/jquery-3.6.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.13.70.154 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.154.70.13.49.clients.your-server.de
Software
openresty /
Resource Hash
8f97a2b67a03b39b2e8158d2451c4d477640ab95332835c417d6efe21531cb09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotion.igetpromotional.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 13:15:41 GMT
Server
openresty
Connection
keep-alive
Content-Length
1421
Content-Type
application/javascript
tr.svg
promotion.igetpromotional.com/media/HIRb5/ 		287 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promotion.igetpromotional.com/media/HIRb5/tr.svg
Requested by
Host: promotion.igetpromotional.com
URL: https://promotion.igetpromotional.com/o/HIRb5/?ha_vid=33d0e57a50e04b41925ea950c919b8c9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.230.124.215 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash
f15da84b4e5b23f54b8177126f5711e6fd0db8d26a1b0d3cf7901d0aa8e6b7b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotion.igetpromotional.com/o/HIRb5/?ha_vid=33d0e57a50e04b41925ea950c919b8c9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 13:15:41 GMT
Last-Modified
Tue, 12 Sep 2023 13:12:56 GMT
Server
openresty
Etag
"650063d8-11f"
Content-Type
image/svg+xml
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
287
Expires
Sun, 15 Oct 2023 13:15:41 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://promotion.igetpromotional.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 04:06:52 GMT
x-content-type-options
nosniff
age
32929
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Sep 2024 04:06:52 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://promotion.igetpromotional.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 13:37:19 GMT
x-content-type-options
nosniff
age
517102
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Sep 2024 13:37:19 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://promotion.igetpromotional.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 02:35:09 GMT
x-content-type-options
nosniff
age
556832
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Sep 2024 02:35:09 GMT
KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://promotion.igetpromotional.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 05:36:54 GMT
x-content-type-options
nosniff
age
545927
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Sep 2024 05:36:54 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://promotion.igetpromotional.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 11:44:36 GMT
x-content-type-options
nosniff
age
264665
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Sep 2024 11:44:36 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery function| scrollToTop function| handleScroll function| dateJoin

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jqueryviews.info
fonts.googleapis.com
fonts.gstatic.com
promotion.igetpromotional.com
157.230.124.215
2a00:1450:4001:801::2003
2a00:1450:4001:802::200a
49.13.70.154
0b247224ebb32433f3fdddca319cf86ac645b083451c3edca1b56c4b842ef910
11231fe99daa4af5aa374d90a2e25d94dc2c9b7face1d8043c8d504e72afcad0
13eccad74f890bf1e8ea8f80eb4cf8aa1680e09fa1fb1e29aedb9f4e6a5d3be1
149b11a8033028603d3490819fd1a6601ad0d75d75498f1aa6c9dc5c4ac88b9e
1fd24791133a613496b3c7163c6b3e0706aecc08ba49ba1f021cd4993cd684ca
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
48158b51b71a86feb825462dde71464209ad087bfdf668822cd0c1f9db0e25fe
5575d813bea3f854b3d892ac67e2fbfc75147569bff1f2c308ea20cfe7f7cc04
7449786e66946f4f3f335c7045263667c08973562029bbdfc40774af89ff0f70
74fd5aadc741b8d67e500317d31f74e63909881c8f7070dcdeb306e920cf5187
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
8f97a2b67a03b39b2e8158d2451c4d477640ab95332835c417d6efe21531cb09
967e2110bc6c1c24a709535e294e46b92af829ea969ba1249eabaa709be4309d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
c1ef0dc1ed825598db9bb1e09dd2f80eec32b416f92906b2d104f27e1db5ae2a
d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668
f15da84b4e5b23f54b8177126f5711e6fd0db8d26a1b0d3cf7901d0aa8e6b7b1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615