promo.com Open in urlscan Pro
172.64.149.202 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://promo.com/
Effective URL:
https://promo.com/
Submission: On November 15 via manual (November 15th 2024, 6:31:49 am UTC) from IN — Scanned from US

Summary HTTP 149 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 39 IPs in 1 countries across 26 domains to perform 149 HTTP transactions. The main IP is 172.64.149.202, located in San Francisco, United States and belongs to . The main domain is promo.com.
TLS certificate: Issued by E5 on November 2nd 2024. Valid for: 3 months.

This is the only time promo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 29	172.64.149.202 172.64.149.202	() ()
21	172.64.148.114 172.64.148.114	() ()
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2a02:6ea0:c40... 2a02:6ea0:c400::54	60068 (CDN77 _) (CDN77 _)
1	52.85.132.26 52.85.132.26	16509 (AMAZON-02) (AMAZON-02)
2	108.138.64.19 108.138.64.19	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4004:c0b::61	15169 (GOOGLE) (GOOGLE)
1	18.160.41.112 18.160.41.112	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:600... 2a04:4e42:600::84	54113 (FASTLY) (FASTLY)
2	18.160.10.63 18.160.10.63	() ()
1	2600:1901:0:4... 2600:1901:0:498c::	15169 (GOOGLE) (GOOGLE)
4	31.13.66.19 31.13.66.19	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4004:c1d::71	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::9d	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c09::9b	15169 (GOOGLE) (GOOGLE)
1	2600:1408:c40... 2600:1408:c400:5::17c7:3716	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:33::10 2620:1ec:33::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	199.232.72.157 199.232.72.157	54113 (FASTLY) (FASTLY)
1	108.138.64.83 108.138.64.83	16509 (AMAZON-02) (AMAZON-02)
6	23.220.128.196 23.220.128.196	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.73.207.15 23.73.207.15	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	3.167.56.55 3.167.56.55	16509 (AMAZON-02) (AMAZON-02)
5	172.253.115.103 172.253.115.103	15169 (GOOGLE) (GOOGLE)
4	172.253.63.154 172.253.63.154	15169 (GOOGLE) (GOOGLE)
1	172.253.115.100 172.253.115.100	15169 (GOOGLE) (GOOGLE)
2	142.251.163.155 142.251.163.155	15169 (GOOGLE) (GOOGLE)
6	3.219.104.53 3.219.104.53	() ()
5	31.13.66.35 31.13.66.35	32934 (FACEBOOK) (FACEBOOK)
4 6	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	18.154.227.129 18.154.227.129	16509 (AMAZON-02) (AMAZON-02)
1	172.66.0.227 172.66.0.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
4	2600:1f14:5db... 2600:1f14:5db:eb00:c1d:4dc4:9e05:ecb4	() ()
1	2600:1408:c40... 2600:1408:c400:1d::17d4:fa58	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2607:f8b0:400... 2607:f8b0:4004:c17::54	15169 (GOOGLE) (GOOGLE)
2	99.83.231.3 99.83.231.3	() ()
5	44.209.155.11 44.209.155.11	14618 (AMAZON-AES) (AMAZON-AES)
1	107.178.240.159 107.178.240.159	() ()
149	39

29 172.64.149.202 (San Francisco, United States) 2 redirects

ASN- ()

promo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 172.64.148.114 (San Francisco, United States)

ASN- ()

ak03-promo-cdn.slidely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ak01-promo-cdn.slidely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ak04-promo-cdn.slidely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ak03-cdn.slidely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ak02-promo-cdn.slidely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a02:6ea0:c400::54 (New York, United States)

ASN60068 (CDN77 _, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn77.api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.132.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-132-26.iad50.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.64.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-64-19.iad12.r.cloudfront.net

js.iterable.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c0b::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.41.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-112.iad55.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.160.10.63 (United States)

ASN- ()
PTR: server-18-160-10-63.iad12.r.cloudfront.net

lift-ai-js.marketlinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:498c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1d::71 (Washington, United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c09::9b (Washington, United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:c400:5::17c7:3716 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.72.157 (Kansas City, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.64.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-64-83.iad12.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.220.128.196 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-128-196.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.73.207.15 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-73-207-15.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.167.56.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-56-55.iad61.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.253.115.103 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f103.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.253.63.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.115.100 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f100.1e100.net

google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.163.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f155.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.219.104.53 (Ashburn, United States)

ASN- ()
PTR: ec2-3-219-104-53.compute-1.amazonaws.com

visitor-scoring-new.marketlinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.154.227.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-227-129.iad55.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.0.227 (United States)

ASN13335 (CLOUDFLARENET, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f14:5db:eb00:c1d:4dc4:9e05:ecb4 (Boardman, United States)

ASN- ()

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:c400:1d::17d4:fa58 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c17::54 (Washington, United States)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.83.231.3 (United States)

ASN- ()
PTR: afe865822f884bb48.awsglobalaccelerator.com

eps.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 44.209.155.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-155-11.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.240.159 (Kansas City, United States)

ASN- ()
PTR: 159.240.178.107.bc.googleusercontent.com

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	promo.com 2 redirects promo.com	547 KB
21	userway.org cdn.userway.org — Cisco Umbrella Rank: 4098 api.userway.org — Cisco Umbrella Rank: 4021 cdn77.api.userway.org — Cisco Umbrella Rank: 8296	375 KB
21	slidely.com ak03-promo-cdn.slidely.com ak01-promo-cdn.slidely.com ak04-promo-cdn.slidely.com ak03-cdn.slidely.com ak02-promo-cdn.slidely.com	807 KB
10	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 171 td.doubleclick.net — Cisco Umbrella Rank: 231 googleads.g.doubleclick.net — Cisco Umbrella Rank: 52	10 KB
10	google.com analytics.google.com — Cisco Umbrella Rank: 170 www.google.com — Cisco Umbrella Rank: 4 google.com — Cisco Umbrella Rank: 1 accounts.google.com — Cisco Umbrella Rank: 26	87 KB
8	marketlinc.com lift-ai-js.marketlinc.com — Cisco Umbrella Rank: 67728 visitor-scoring-new.marketlinc.com — Cisco Umbrella Rank: 73818	13 KB
7	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 404 www.linkedin.com — Cisco Umbrella Rank: 705 px4.ads.linkedin.com — Cisco Umbrella Rank: 6892	4 KB
6	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 1012	4 KB
6	intercom.io widget.intercom.io — Cisco Umbrella Rank: 2903 api-iam.intercom.io — Cisco Umbrella Rank: 3185	13 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	424 B
5	6sc.co j.6sc.co — Cisco Umbrella Rank: 6855 c.6sc.co — Cisco Umbrella Rank: 8270 ipv6.6sc.co — Cisco Umbrella Rank: 6936 eps.6sc.co — Cisco Umbrella Rank: 10972	20 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 208	150 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	321 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 397	15 KB
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 3757	287 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1269	25 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1083 script.hotjar.com — Cisco Umbrella Rank: 1463	62 KB
2	iterable.com js.iterable.com — Cisco Umbrella Rank: 107133	4 KB
1	mixpanel.com api-js.mixpanel.com — Cisco Umbrella Rank: 2743	368 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1085	394 B
1	t.co t.co — Cisco Umbrella Rank: 872	626 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1236	16 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1142	14 KB
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 5306	19 KB
1	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 5918	8 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 743	7 KB
149	26

	Domain	Requested by
29	promo.com	2 redirects promo.com ak01-promo-cdn.slidely.com ak04-promo-cdn.slidely.com static.cloudflareinsights.com
15	cdn.userway.org	promo.com cdn.userway.org
8	ak01-promo-cdn.slidely.com	promo.com
6	visitor-scoring-new.marketlinc.com	lift-ai-js.marketlinc.com
6	ct.pinterest.com	s.pinimg.com
5	api-iam.intercom.io	js.intercomcdn.com
5	px.ads.linkedin.com	3 redirects snap.licdn.com
5	www.facebook.com	connect.facebook.net
5	www.google.com	www.googletagmanager.com
5	td.doubleclick.net	www.googletagmanager.com
5	ak04-promo-cdn.slidely.com	promo.com ak01-promo-cdn.slidely.com
4	api.userway.org	cdn.userway.org
4	googleads.g.doubleclick.net	www.googletagmanager.com
4	connect.facebook.net	ak04-promo-cdn.slidely.com connect.facebook.net
4	www.googletagmanager.com	promo.com www.googletagmanager.com
3	ak02-promo-cdn.slidely.com
3	bat.bing.com	promo.com bat.bing.com
3	ak03-cdn.slidely.com	promo.com
2	cdn77.api.userway.org	cdn.userway.org
2	eps.6sc.co	j.6sc.co
2	accounts.google.com	ak04-promo-cdn.slidely.com accounts.google.com
2	js.intercomcdn.com	widget.intercom.io
2	analytics.google.com	www.googletagmanager.com
2	lift-ai-js.marketlinc.com	promo.com lift-ai-js.marketlinc.com
2	s.pinimg.com	promo.com s.pinimg.com
2	js.iterable.com	promo.com
2	ak03-promo-cdn.slidely.com	promo.com
1	api-js.mixpanel.com	cdn.mxpnl.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	analytics.twitter.com
1	t.co
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	google.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	j.6sc.co	lift-ai-js.marketlinc.com
1	widget.intercom.io	promo.com
1	static.ads-twitter.com	promo.com
1	snap.licdn.com	promo.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	cdn.mxpnl.com	ak04-promo-cdn.slidely.com
1	static.hotjar.com	promo.com
1	widget.trustpilot.com	promo.com
1	static.cloudflareinsights.com	promo.com
149	45

This site contains links to these domains. Also see Links.

Domain
support.promo.com
www.facebook.com
www.instagram.com
www.linkedin.com
twitter.com
www.youtube.com
vimeo.com
fixthephoto.com
www.producthunt.com
triplescoopmusic.com
apps.shopify.com
www.pinterest.com

Subject Issuer	Validity	Valid
promo.com E5	`2024-11-02` - `2025-01-31`	3 months	crt.sh
ak03-promo-cdn.slidely.com WE1	`2024-10-19` - `2025-01-17`	3 months	crt.sh
ak01-promo-cdn.slidely.com WE1	`2024-10-19` - `2025-01-17`	3 months	crt.sh
ak04-promo-cdn.slidely.com WE1	`2024-10-19` - `2025-01-17`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
ak03-cdn.slidely.com WE1	`2024-10-17` - `2025-01-15`	3 months	crt.sh
1667503734.rsc.cdn77.org E6	`2024-09-25` - `2024-12-24`	3 months	crt.sh
*.trustpilot.com Amazon RSA 2048 M03	`2024-01-03` - `2025-01-31`	a year	crt.sh
iterable.com Amazon RSA 2048 M03	`2024-03-23` - `2025-04-20`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-05` - `2025-08-07`	a year	crt.sh
*.marketlinc.com Amazon RSA 2048 M03	`2024-01-05` - `2025-02-02`	a year	crt.sh
*.mxpnl.com GeoTrust TLS RSA CA G1	`2024-07-15` - `2025-07-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-24` - `2024-11-22`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
*.intercom.com Amazon RSA 2048 M03	`2024-01-15` - `2025-02-11`	a year	crt.sh
ak02-promo-cdn.slidely.com WE1	`2024-10-19` - `2025-01-17`	3 months	crt.sh
6sc.co R10	`2024-09-23` - `2024-12-22`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-10-14` - `2025-04-14`	6 months	crt.sh
*.intercomcdn.com Amazon RSA 2048 M02	`2024-10-31` - `2025-11-28`	a year	crt.sh
t.co E5	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-07` - `2025-10-06`	a year	crt.sh
api.userway.org Amazon RSA 2048 M02	`2024-08-02` - `2025-08-31`	a year	crt.sh
accounts.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
eps.6sc.co Amazon RSA 2048 M03	`2024-08-27` - `2025-09-25`	a year	crt.sh
1784939676.rsc.cdn77.org E5	`2024-10-18` - `2025-01-16`	3 months	crt.sh
*.mixpanel.com GeoTrust TLS RSA CA G1	`2024-02-08` - `2025-03-10`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://promo.com/
Frame ID: 1B6F6825A820E01A7546506866788391
Requests: 122 HTTP requests in this frame

Frame: https://promo.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5cdd008291ae/main.js
Frame ID: 3BAB8DF49173B1DEBA5CCED94A50B993
Requests: 5 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-115YEV4FHZ&gacid=1334172061.1731652294&gtm=45je4bc0v9178168010za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067554~102067808~102077855&z=713171408
Frame ID: 3074122CB8824B9A29384BEF47A017FA
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/854658101?random=1731652294785&cv=11&fst=1731652294785&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bc0v9174843462za200zb9178168010&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromo.com%2F&hn=www.googleadservices.com&frm=0&tiba=Promo%20AI%20Video%20Maker%20by%20Promo.com%20-%20Fast%2C%20Simple%2C%20Free&npa=0&pscdl=noapi&auid=2057158053.1731652295&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 97F0EB05940EC41A98E1918CA6A621EB
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/854658101?random=1731652294838&cv=11&fst=1731652294838&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bc0v9174843462za200zb9178168010&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromo.com%2F&hn=www.googleadservices.com&frm=0&tiba=Promo%20AI%20Video%20Maker%20by%20Promo.com%20-%20Fast%2C%20Simple%2C%20Free&npa=0&pscdl=noapi&auid=2057158053.1731652295&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dhomepage%20viewed%3Bnon_interaction%3Dtrue%3Bevent_category%3Ddefault%3Bevent_lable%3Dhomepage%20viewed
Frame ID: E423727AF7B4D76FB5276AEEB205279B
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/854643498?random=1731652294867&cv=11&fst=1731652294867&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bc0v9174747982za200zb9178168010&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromo.com%2F&hn=www.googleadservices.com&frm=0&tiba=Promo%20AI%20Video%20Maker%20by%20Promo.com%20-%20Fast%2C%20Simple%2C%20Free&npa=0&pscdl=noapi&auid=2057158053.1731652295&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 6E3E6D4A8B3F893CFE8916E816F17B1D
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/854643498?random=1731652294915&cv=11&fst=1731652294915&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bc0v9174747982za200zb9178168010&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromo.com%2F&hn=www.googleadservices.com&frm=0&tiba=Promo%20AI%20Video%20Maker%20by%20Promo.com%20-%20Fast%2C%20Simple%2C%20Free&npa=0&pscdl=noapi&auid=2057158053.1731652295&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dhomepage%20viewed%3Bnon_interaction%3Dtrue%3Bevent_category%3Ddefault%3Bevent_lable%3Dhomepage%20viewed
Frame ID: 3F37A196DE8B0393AC9AFC9D5F4B6922
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fpromo.com
Frame ID: 550C40E32E47C1CDD0BDF5CD6A8C8A73
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 8BA594AFF508BF04BC4B138BDDD0F861
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.83414ee1.js
Frame ID: B86E90EEF1AD66F344858C7E03026EAC
Requests: 8 HTTP requests in this frame

Frame: https://cdn.userway.org/styles/2024-11-14-17-36-24/widget_base.css?v=1731605784396
Frame ID: 812BE595B1B20FBDB6FF820403BE97CF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.userway.org/styles/2024-11-14-17-36-24/widget_base.css?v=1731605784396
Frame ID: 2BC965653EC9BDF7ABAAA4E402F9929D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Promo AI Video Maker by Promo.com - Fast, Simple, Free

Page URL History Show full URLs

http://promo.com/ HTTP 307
https://promo.com/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+recaptcha

Page Statistics

149
Requests

98 %
HTTPS

36 %
IPv6

26
Domains

45
Subdomains

39
IPs

1
Countries

2806 kB
Transfer

10627 kB
Size

40
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://support.promo.com/en
Title: Knowledge base

Search URL Search Domain Scan URL

URL: https://www.facebook.com/promodotcom
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/promodotcom
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/promodotcom/mycompany
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/Promodotcom
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC0d_7BlGBgDcf62o766FkPQ/featured
Title: YouTube

Search URL Search Domain Scan URL

URL: https://vimeo.com/promobyslidely
Title: Vimeo

Search URL Search Domain Scan URL

URL: https://fixthephoto.com/promo-video-maker-review.html
Title: Read more

Search URL Search Domain Scan URL

URL: https://fixthephoto.com/
Title: fixthephoto.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/business/partner-directory/details?id=506062503095739

Search URL Search Domain Scan URL

URL: https://www.producthunt.com/posts/promo

Search URL Search Domain Scan URL

URL: https://triplescoopmusic.com/

Search URL Search Domain Scan URL

URL: https://support.promo.com/en/
Title: Knowledge Base

Search URL Search Domain Scan URL

URL: https://www.facebook.com/business/partner-directory/details?id=506062503095739&
Title: 3AF09622-8C22-4B09-AB8C-18C70844F431 Created with sketchtool.

Search URL Search Domain Scan URL

URL: https://apps.shopify.com/promo-com-promo-video-maker
Title: 1E1D15AB-8FAE-4E46-B523-4D2DC10BC8F8 Created with sketchtool.

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/promodotcom
Title: 726B79B1-8C2A-4F70-A268-1986C25FB5D3 Created with sketchtool.

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/meetpromo
Title: 10969483-CE1F-4CC8-A6B7-01DE9DED223F Created with sketchtool.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://promo.com/ HTTP 307
https://promo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://promo.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://promo.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5cdd008291ae/main.js

Request Chain 54

https://promo.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://promo.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5cdd008291ae/main.js

Request Chain 98

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=650500&time=1731652295010&li_adsId=600bbd35-4474-497f-9518-48fe172dd9a9&url=https%3A%2F%2Fpromo.com%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=650500&time=1731652295010&li_adsId=600bbd35-4474-497f-9518-48fe172dd9a9&url=https%3A%2F%2Fpromo.com%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D650500%26time%3D1731652295010%26li_adsId%3D600bbd35-4474-497f-9518-48fe172dd9a9%26url%3Dhttps%253A%252F%252Fpromo.com%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=650500&time=1731652295010&li_adsId=600bbd35-4474-497f-9518-48fe172dd9a9&url=https%3A%2F%2Fpromo.com%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=650500&time=1731652295010&li_adsId=600bbd35-4474-497f-9518-48fe172dd9a9&url=https%3A%2F%2Fpromo.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQKlfAIvpxi8VQAAAZMuhRr4CWiPhOs5NhXQf8wgR_VTRjewRaCkhp1V8G4jd7Ex7E1vHA

149 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
promo.com/
Redirect Chain

http://promo.com/
https://promo.com/

854 KB
146 KB

257ms
169ms

Document
text/html

172.64.149.202

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.149.202 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

56e8d7a778678aeb0d4650bdc4d894afd8531dac4fac354aa7d40e0238af8a74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8e2d32efeb2fe9f1-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 15 Nov 2024 06:31:33 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
p3p: CP="CAO PSA OUR"
pragma: no-cache
priority: u=0,i
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfExtPri
x-content-type-options: nosniff
x-frame-options: sameorigin
x-trace-id: a79c51b7e1d089fd45b4defd72af7a75
x-xss-protection: 1; mode=block

Redirect headers

Location: https://promo.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 recaptcha-popup.scss
ak03-promo-cdn.slidely.com/1731579940/scss/applications/promoVideos/ 200 B
653 B 309ms
152ms Stylesheet
text/css 172.64.148.114

General

Check archive.org

Show headers Download Go to

Full URL

https://ak03-promo-cdn.slidely.com/1731579940/scss/applications/promoVideos/recaptcha-popup.scss

Requested by

Host: promo.com
URL: https://promo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.148.114 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e7cb981ef275981b663756d5edc3daa8fb670593df052ca520a9ddb3e0b9ed2c

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
expires: Thu, 13 Nov 2025 13:47:50 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: CP="CAO PSA OUR"
date: Fri, 15 Nov 2024 06:31:33 GMT
content-type: text/css;charset=UTF-8
last-modified: Fri, 15 Nov 2024 06:31:33 GMT
priority: u=0,i=?0
x-frame-options: sameorigin
cache-control: max-age=31389377, public
pragma: public
x-scss-cache: true
x-trace-id: 2b417c74599ede82cfd5c87cbb2f0011
cf-ray: 8e2d32f2291dda9f-MIA
server: cloudflare

GET
H3 200 1731579940
ak01-promo-cdn.slidely.com/images/promoVideos/Santa.svg/ 24 KB
10 KB 260ms
97ms Image
image/svg+xml 172.64.148.114

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ak01-promo-cdn.slidely.com/images/promoVideos/Santa.svg/1731579940

Requested by

Host: promo.com
URL: https://promo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.148.114 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

2a21198cacf3683a520209450dd9c5ae845d25f3c0a8522cca419ee8ffd57878

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

cache-control: max-age=31557600, public
content-encoding: br
cf-cache-status: DYNAMIC
cf-ray: 8e2d32f2bc5267d2-MIA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:33 GMT
content-type: image/svg+xml
last-modified: Thu, 07 Dec 2023 12:06:20 GMT
server: cloudflare
priority: u=2,i
x-frame-options: sameorigin

GET
H3 200 1731579940
ak04-promo-cdn.slidely.com/images/promoVideos/homepage/ai/amazon.svg/ 6 KB
2 KB 261ms
93ms Image
image/svg+xml 172.64.148.114

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ak04-promo-cdn.slidely.com/images/promoVideos/homepage/ai/amazon.svg/1731579940

Requested by

Host: promo.com
URL: https://promo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.148.114 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

aae4a19e0549a731e1e3c96af1174ac22c0e98eb09b958bb2f6466c85c1f64af

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

cache-control: max-age=31557600, public
content-encoding: br
cf-cache-status: DYNAMIC
cf-ray: 8e2d32f2bed67482-MIA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:33 GMT
content-type: image/svg+xml
last-modified: Fri, 06 Sep 2024 09:07:21 GMT
server: cloudflare
priority: u=2,i
x-frame-options: sameorigin

GET
H3 200 1731579940
ak04-promo-cdn.slidely.com/images/promoVideos/homepage/ai/placeholder.png/ 73 B
263 B 272ms
104ms Image
image/png 172.64.148.114

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ak04-promo-cdn.slidely.com/images/promoVideos/homepage/ai/placeholder.png/1731579940

Requested by

Host: promo.com
URL: https://promo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.148.114 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

eacb1a012fc0820bb358ea06380857fd97d62a420932142014ac89bcc4afbbc3

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

cache-control: max-age=31557600, public
cf-cache-status: DYNAMIC
cf-ray: 8e2d32f2bed77482-MIA
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 73
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:33 GMT
content-type: image/png
last-modified: Thu, 28 Mar 2024 07:03:52 GMT
server: cloudflare
priority: u=2,i
x-frame-options: sameorigin

GET
H3 200 1731579940
ak01-promo-cdn.slidely.com/images/promoVideos/homepage/partners/x1/meta.png/ 8 KB
8 KB 264ms
103ms Image
image/png 172.64.148.114

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ak01-promo-cdn.slidely.com/images/promoVideos/homepage/partners/x1/meta.png/1731579940

Requested by

Host: promo.com
URL: https://promo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.148.114 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

f52bba05a436efae8dee3a601d2bf29c1cf2000f3b74549e793e40a82f919cd0

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

cache-control: max-age=31557600, public
cf-cache-status: DYNAMIC
cf-ray: 8e2d32f2bc5467d2-MIA
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 8425
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:33 GMT
content-type: image/png
last-modified: Thu, 07 Dec 2023 12:06:20 GMT
server: cloudflare
priority: u=3,i
x-frame-options: sameorigin

GET
H3 200 email-decode.min.js Show response
promo.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
836 B 38ms
38ms Script
application/javascript 172.64.149.202

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: promo.com
URL: https://promo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.149.202 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"672e2372-4d7"
x-content-type-options: nosniff
cf-ray: 8e2d32f1bda3e9f1-MIA
expires: Sun, 17 Nov 2024 06:31:33 GMT
date: Fri, 15 Nov 2024 06:31:33 GMT
content-type: application/javascript
last-modified: Fri, 08 Nov 2024 14:42:58 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H3 200 rocket-loader.min.js Show response
promo.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 34ms
33ms Script
application/javascript 172.64.149.202

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: promo.com
URL: https://promo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.149.202 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"672e2372-302c"
x-content-type-options: nosniff
cf-ray: 8e2d32f1cdb4e9f1-MIA
expires: Sun, 17 Nov 2024 06:31:33 GMT
date: Fri, 15 Nov 2024 06:31:33 GMT
content-type: application/javascript
last-modified: Fri, 08 Nov 2024 14:42:58 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 106ms
40ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: promo.com
URL: https://promo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://promo.com
Referer: https://promo.com/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8e2d32f2380ca528-MIA
access-control-allow-origin: *
date: Fri, 15 Nov 2024 06:31:33 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 logo.svg
promo.com/images/promoVideos/ 7 KB
3 KB 63ms
63ms Image
image/svg+xml 172.64.149.202

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promo.com/images/promoVideos/logo.svg

Requested by

Host: promo.com
URL: https://promo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.149.202 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

fccde85781ba49073687a647a8b2b79c6f62739859579a3687fa5813a70ba9e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

content-encoding: br
cf-cache-status: HIT
age: 18295655
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 12:31:33 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:33 GMT
content-type: image/svg+xml
last-modified: Thu, 07 Dec 2023 12:06:20 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: sameorigin
cache-control: public, max-age=31557600
cf-ray: 8e2d32f34fd4e9f1-MIA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 ic20-globe.svg
ak03-cdn.slidely.com/static/promo-design-system/assets/img/Icons/20/ 1 KB
791 B 357ms
108ms Image
image/svg+xml 172.64.148.114

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ak03-cdn.slidely.com/static/promo-design-system/assets/img/Icons/20/ic20-globe.svg?ver=1.3
Requested by: Host: promo.com
URL: https://promo.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.148.114 San Francisco, United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: da93ef3cf88314b3688c847052e0ba7050dfdfa7112e6a77378835cd76a7d4c1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://promo.com
Referer: https://promo.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"36fe75c75e773b4cf03efe9c968c9fae"
age: 1697
expires: Sat, 15 Nov 2025 06:31:33 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:33 GMT
content-type: image/svg+xml
last-modified: Wed, 10 Apr 2024 19:26:52 GMT
vary: Accept-Encoding
priority: u=1,i
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 8e2d32f4db2eb3dd-MIA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 ic20-3-stars.svg
ak03-cdn.slidely.com/static/promo-design-system/assets/img/Icons/20/ 4 KB
2 KB 355ms
106ms Image
image/svg+xml 172.64.148.114

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ak03-cdn.slidely.com/static/promo-design-system/assets/img/Icons/20/ic20-3-stars.svg?ver=1.3
Requested by: Host: promo.com
URL: https://promo.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.148.114 San Francisco, United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: fd550b86a6b6905d7aa04486df2d7d7cbb87a33d7309a57544c78794b8b50a55

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://promo.com
Referer: https://promo.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"1ac49385e2db545b169bf96795792475"
age: 1697
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=hCQljEamOpSmVXzH6XBsxbqFHKZB_jS904qPElZoWD4-1731652293-1.0.1.1-Yh1Y.gU831rNMHXHS8WYr589MYkJ0HnIe6hPQ3Cd.dy5ZT4_i_4u3SBmxvO21q3ZKEtRslR.27SZBGa8KeYZDg5PT9dujsHGl_nOBrSW0rJepmRWDn3rDANTnqLRKNQvWzDH95mY3yvS5rBORMOlC8TMFZ666Vv2N9yknq6AxAk"}],"group":"cf-csp-endpoint","max_age":86400}
expires: Sat, 15 Nov 2025 06:31:33 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:33 GMT
content-type: image/svg+xml
last-modified: Wed, 10 Apr 2024 19:26:51 GMT
vary: Accept-Encoding
priority: u=1,i
cache-control: public, max-age=31536000
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=hCQljEamOpSmVXzH6XBsxbqFHKZB_jS904qPElZoWD4-1731652293-1.0.1.1-Yh1Y.gU831rNMHXHS8WYr589MYkJ0HnIe6hPQ3Cd.dy5ZT4_i_4u3SBmxvO21q3ZKEtRslR.27SZBGa8KeYZDg5PT9dujsHGl_nOBrSW0rJepmRWDn3rDANTnqLRKNQvWzDH95mY3yvS5rBORMOlC8TMFZ666Vv2N9yknq6AxAk; report-to cf-csp-endpoint
cf-ray: 8e2d32f4db2fb3dd-MIA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 ic16-play-circle.svg
ak03-cdn.slidely.com/static/promo-design-system/assets/img/Icons/16/ 904 B
724 B 340ms
91ms Image
image/svg+xml 172.64.148.114

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ak03-cdn.slidely.com/static/promo-design-system/assets/img/Icons/16/ic16-play-circle.svg?ver=1.3
Requested by: Host: promo.com
URL: https://promo.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.148.114 San Francisco, United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b0758f00b20dbd7bf48163e24fbefaa7b15f6343f21bd053a84d99e51c15171d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://promo.com
Referer: https://promo.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6bdabf3f1dbbd9fb4da7399f8fa44fd1"
age: 1697
expires: Sat, 15 Nov 2025 06:31:33 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:33 GMT
content-type: image/svg+xml
last-modified: Wed, 10 Apr 2024 19:26:51 GMT
vary: Accept-Encoding
priority: u=1,i
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 8e2d32f4db2cb3dd-MIA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 shape1.svg
promo.com/images/promoVideos/homepage/testimonials/mobile/ 1022 B
755 B 73ms
72ms Image
image/svg+xml 172.64.149.202

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promo.com/images/promoVideos/homepage/testimonials/mobile/shape1.svg

Requested by

Host: promo.com
URL: https://promo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.149.202 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

ff93fc02952e4fbc3d3f99e7ee419846f118d79b238ff57ba0a61502d149f2ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

content-encoding: br
cf-cache-status: HIT
age: 848361
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 12:31:33 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:33 GMT
content-type: image/svg+xml
last-modified: Thu, 07 Dec 2023 12:06:20 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: sameorigin
cache-control: public, max-age=31557600
cf-ray: 8e2d32f35801e9f1-MIA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 shape2.svg
promo.com/images/promoVideos/homepage/testimonials/mobile/ 799 B
673 B 61ms
60ms Image
image/svg+xml 172.64.149.202

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promo.com/images/promoVideos/homepage/testimonials/mobile/shape2.svg

Requested by

Host: promo.com
URL: https://promo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.149.202 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

d46f0a5d6fb44363e2be8299c500bd0a4a484608154ababe14cd4b53d3ca5eb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

content-encoding: br
cf-cache-status: HIT
age: 22595087
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 12:31:33 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:33 GMT
content-type: image/svg+xml
last-modified: Thu, 07 Dec 2023 12:06:20 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: sameorigin
cache-control: public, max-age=31557600
cf-ray: 8e2d32f35802e9f1-MIA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 testimonials-icon.svg
promo.com/images/promoVideos/homepage/testimonials/mobile/ 1 KB
924 B 61ms
60ms Image
image/svg+xml 172.64.149.202

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promo.com/images/promoVideos/homepage/testimonials/mobile/testimonials-icon.svg

Requested by

Host: promo.com
URL: https://promo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.149.202 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e617567d7f0008eb6f77c522e18424ba510c5085c1b5a8a2a8e859ed3c4c4ca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

content-encoding: br
cf-cache-status: HIT
age: 41153
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 12:31:33 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:33 GMT
content-type: image/svg+xml
last-modified: Thu, 07 Dec 2023 12:06:20 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: sameorigin
cache-control: public, max-age=31557600
cf-ray: 8e2d32f35803e9f1-MIA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 Black-Foundry-Wes-FY-Medium.ttf
promo.com/promo-js/fonts/wes-fy/ 87 KB
87 KB 97ms
95ms Font
application/octet-stream 172.64.149.202

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.com/promo-js/fonts/wes-fy/Black-Foundry-Wes-FY-Medium.ttf

Requested by

Host: promo.com
URL: https://promo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.149.202 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

5f7cef2df37f752a57f1d883c342d300ccbb3d5dfe758c5ae7f13d9dd7d19457

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://promo.com
Referer: https://promo.com/

Response headers

cf-cache-status: HIT
age: 12702158
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 12:31:33 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:33 GMT
content-type: application/octet-stream
last-modified: Thu, 07 Dec 2023 12:06:20 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: sameorigin
cache-control: public, max-age=31557600
cf-ray: 8e2d32f3d8aae9f1-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 89028
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 Black-Foundry-Wes-FY-Bold.ttf
promo.com/promo-js/fonts/wes-fy/ 81 KB
82 KB 60ms
58ms Font
application/octet-stream 172.64.149.202

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.com/promo-js/fonts/wes-fy/Black-Foundry-Wes-FY-Bold.ttf

Requested by

Host: promo.com
URL: https://promo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.149.202 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

443e0a429443e5f77a0bd31cfd8339a08bdcd932d9c376c7dd423c32cb697887

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://promo.com
Referer: https://promo.com/

Response headers

cf-cache-status: HIT
age: 18293921
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 12:31:33 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:33 GMT
content-type: application/octet-stream
last-modified: Thu, 07 Dec 2023 12:06:20 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: sameorigin
cache-control: public, max-age=31557600
cf-ray: 8e2d32f3d8ace9f1-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 83432
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 icomoon.ttf
promo.com/1731578791190/dist/fonts/public/fonts/all-icons/ 33 KB
33 KB 98ms
96ms Font
application/octet-stream 172.64.149.202

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.com/1731578791190/dist/fonts/public/fonts/all-icons/icomoon.ttf?c484f76b54ded5dafc80f90c3ee365f0

Requested by

Host: promo.com
URL: https://promo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.149.202 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

495a890e80ef117a67c6870361f457abee5301a4c21c45553476b6936992595b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://promo.com
Referer: https://promo.com/

Response headers

cf-cache-status: HIT
age: 71306
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 12:31:33 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:33 GMT
content-type: application/octet-stream
last-modified: Thu, 14 Nov 2024 10:08:09 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: sameorigin
cache-control: public, max-age=31557600
cf-ray: 8e2d32f3d8aee9f1-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33560
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 Black-Foundry-Wes-FY-Black.ttf
promo.com/promo-js/fonts/wes-fy/ 81 KB
81 KB 101ms
99ms Font
application/octet-stream 172.64.149.202

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.com/promo-js/fonts/wes-fy/Black-Foundry-Wes-FY-Black.ttf

Requested by

Host: promo.com
URL: https://promo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.149.202 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

3fdbe845c9b32342539f1e26581d8fe16581455951c9f67b09a474585f8b6e30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://promo.com
Referer: https://promo.com/

Response headers

cf-cache-status: HIT
age: 46192
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 12:31:33 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:33 GMT
content-type: application/octet-stream
last-modified: Thu, 07 Dec 2023 12:06:20 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: sameorigin
cache-control: public, max-age=31557600
cf-ray: 8e2d32f3d8afe9f1-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 83088
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 Black-Foundry-Wes-FY-Regular.ttf
promo.com/promo-js/fonts/wes-fy/ 96 KB
96 KB 100ms
98ms Font
application/octet-stream 172.64.149.202

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.com/promo-js/fonts/wes-fy/Black-Foundry-Wes-FY-Regular.ttf

Requested by

Host: promo.com
URL: https://promo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.149.202 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

896faeed883c92f039329aacdec4abf6dd60752b10ee18af10262985bba2862b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://promo.com
Referer: https://promo.com/

Response headers

cf-cache-status: HIT
age: 4812910
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 12:31:33 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:33 GMT
content-type: application/octet-stream
last-modified: Thu, 07 Dec 2023 12:06:20 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: sameorigin
cache-control: public, max-age=31557600
cf-ray: 8e2d32f3d8b1e9f1-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 97864
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 widget.js Show response
cdn.userway.org/ 2 KB
2 KB 278ms
69ms Script
application/javascript 2a02:6ea0:c400::54
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: promo.com
URL: https://promo.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e1be07eea8a3f7d905ec1e911c8217b8e102806b8988c9fb10fa768b1bc9fcd0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"346419af8919bb9d1c945c745fca77ef"
age: 305
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: faXtZW-mBR9aLmk5E0UcnSy_45aifFvnkqp8fM4qiUibifPMPim7Qw==
date: Fri, 15 Nov 2024 06:31:33 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 17:39:21 GMT
x-77-nzt-ray: f03d06134ffbd17bc5ea3667fcf3913a
vary: Accept-Encoding
x-77-nzt: EgwBT3/O6QH3lAoAAAwBnJI76AG3DQAAAA
cache-control: max-age=3600, public
via: 1.1 cd1a98ac42a21b663c8fc8cd6f37232e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 2708
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H3 200 promoIndex.bundle.js Show response
ak04-promo-cdn.slidely.com/1731579940/dist/seo/ 53 KB
14 KB 69ms
69ms Script
application/javascript 172.64.148.114

General

Check archive.org

Show headers Download Go to

Full URL

https://ak04-promo-cdn.slidely.com/1731579940/dist/seo/promoIndex.bundle.js

Requested by

Host: promo.com
URL: https://promo.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.148.114 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

10e304dc3352c0d520a619412c1079c278a3cf1e534ef6944822b9606e065a00

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

content-encoding: br
cf-cache-status: HIT
age: 71493
expires: Sat, 15 Nov 2025 12:31:33 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:33 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 10:07:32 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: sameorigin
cache-control: public, max-age=31557600
cf-ray: 8e2d32f3ef9b7482-MIA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 layout.seo.bundle.js Show response
ak01-promo-cdn.slidely.com/1731579940/dist/seo/ 760 KB
164 KB 75ms
74ms Script
application/javascript 172.64.148.114

General

Check archive.org

Show headers Download Go to

Full URL

https://ak01-promo-cdn.slidely.com/1731579940/dist/seo/layout.seo.bundle.js

Requested by

Host: promo.com
URL: https://promo.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.148.114 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

1e19c7cf6ff5bcab60aaff50e051635f20cfe65387c83200557af10722fc9c9f

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

content-encoding: br
cf-cache-status: HIT
age: 71493
expires: Sat, 15 Nov 2025 12:31:33 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:33 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 10:07:32 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: sameorigin
cache-control: public, max-age=31557600
cf-ray: 8e2d32f3fd0c67d2-MIA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 promo-common-seo-chunk.js Show response
ak04-promo-cdn.slidely.com/1731579940/dist/seo/ 987 KB
285 KB 94ms
93ms Script
application/javascript 172.64.148.114

General

Check archive.org

Show headers Download Go to

Full URL

https://ak04-promo-cdn.slidely.com/1731579940/dist/seo/promo-common-seo-chunk.js

Requested by

Host: promo.com
URL: https://promo.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.148.114 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

7d112435eff9b4edeefd2ebf6affa662637d977ec8d441f67f3bfb951f5d335f

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

content-encoding: br
cf-cache-status: HIT
age: 71493
expires: Sat, 15 Nov 2025 12:31:33 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:33 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 10:07:32 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: sameorigin
cache-control: public, max-age=31557600
cf-ray: 8e2d32f3ff9c7482-MIA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 23 KB
8 KB 255ms
64ms Script
application/x-javascript 52.85.132.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: promo.com
URL: https://promo.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.132.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-132-26.iad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c69de41dda83f00cc1b13dba90a57f25df046286ecd227bdd0c4d51d94947b61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

content-encoding: gzip
etag: "7d4644d89e45fe92623bdd628e60e8dd"
age: 68954
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: VXuHyarHzXJK9x_fxv6MD1dBRO-uGoWPo6ZB0O8qepJ-mENd5ALvKg==
date: Thu, 14 Nov 2024 11:22:20 GMT
content-type: application/x-javascript
last-modified: Wed, 09 Oct 2024 12:04:38 GMT
strict-transport-security: max-age=31536000
cache-control: max-age=86400
via: 1.1 65515d7b1028cd133489fb761d35fa06.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 7350
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD50-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 sdk.bundle.js Show response
ak01-promo-cdn.slidely.com/1731579940/dist/ 7 KB
3 KB 66ms
65ms Script
application/javascript 172.64.148.114

General

Check archive.org

Show headers Download Go to

Full URL

https://ak01-promo-cdn.slidely.com/1731579940/dist/sdk.bundle.js

Requested by

Host: promo.com
URL: https://promo.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.148.114 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

776f40baf8f985aabf7b409cad45d04ecee1134e4eeddf075575c8a2d22bdf2c

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

content-encoding: br
cf-cache-status: HIT
age: 71537
expires: Sat, 15 Nov 2025 12:31:33 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:33 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 10:06:34 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: sameorigin
cache-control: public, max-age=31557600
cf-ray: 8e2d32f3fd0e67d2-MIA
access-control-allow-origin: *
server: cloudflare

GET
H/1.1 200
OK iterableUtils.js Show response
js.iterable.com/ 920 B
1 KB 300ms
58ms Script
application/x-javascript 108.138.64.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.iterable.com/iterableUtils.js
Requested by: Host: promo.com
URL: https://promo.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.64.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-64-19.iad12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 067bb9957424e5ba224acc6f41404edd86302de3b419dc5e09daeb458a63de99

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

ETag: "e169902b96157eeab7ae9ffbce0a8490"
Age: 35969
Connection: keep-alive
Via: 1.1 c1bfc7dbcf7f9782aa3be590b7ce3d6a.cloudfront.net (CloudFront)
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Content-Length: 920
X-Amz-Cf-Id: lhs9kPTnr4MDEsyiCWkbXt_f7XifUpjj0-MqhuubpvKSjyQdS0j79Q==
Date: Thu, 14 Nov 2024 20:32:06 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 18 Dec 2015 02:22:56 GMT
Server: AmazonS3
X-Amz-Cf-Pop: IAD12-P1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 387 KB
124 KB 256ms
83ms Script
application/javascript 2607:f8b0:4004:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-115YEV4FHZ

Requested by

Host: promo.com
URL: https://promo.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

690d7475f07d251418f8cafb86519103bfa82159742d55b73afee1fdbe9b596b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 15 Nov 2024 06:31:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 06:31:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 126136
x-xss-protection: 0
server: Google Tag Manager

GET
H3

200

main.js Show response
promo.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5cdd008291ae/ Frame 3BAB
Redirect Chain

https://promo.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://promo.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5cdd008291ae/main.js?

8 KB
4 KB

49ms
48ms

Script
application/javascript

172.64.149.202

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5cdd008291ae/main.js?

Requested by

Host: promo.com
URL: https://promo.com/

Protocol

Server

172.64.149.202 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

957736737a1a7a3546b8d8eb35144807c9056a06a867a0090d17a6902d8cd7a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding: br
x-content-type-options: nosniff
cf-ray: 8e2d32f4ea3de9f1-MIA
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/5cdd008291ae/main.js?
cf-ray: 8e2d32f3f8e2e9f1-MIA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:33 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H2 200 hotjar-1367711.js Show response
static.hotjar.com/c/ 15 KB
6 KB 330ms
138ms Script
application/javascript 18.160.41.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1367711.js?sv=6

Requested by

Host: promo.com
URL: https://promo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.41.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-41-112.iad55.r.cloudfront.net

Software

Resource Hash

3aa52c507a4996678bf39c48e86b91e6f03e66940f33c20f770709c77250c233

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
content-encoding: br
etag: W/6adab0a83a4144bbc109c7909aa149dc
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-cache-hit: 1
via: 1.1 58d3a6a8551ccf9c7d205fa93b6b9630.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: snsoLm5wtH8xf0mf2AQn0n3ZqgSiWT0GNuLIsXttMI8cjAym4-Dkdw==
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-amz-cf-pop: IAD55-P1

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 127ms
32ms Script
application/javascript 2a04:4e42:600::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: promo.com
URL: https://promo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c28a3b893740df4c1372e6321ce52981e0f77543c6fc8384af2deab941773c2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

access-control-max-age: 86400
access-control-expose-headers: X-CDN
cache-control: max-age=7200
content-encoding: br
etag: "e5ea31abd058f03a816c43871945979e"
x-cdn: fastly
access-control-allow-methods: GET
alt-svc: h3=":443";ma=600
access-control-allow-origin: *
content-length: 1879
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK analytics.js Show response
js.iterable.com/ 2 KB
3 KB 87ms
58ms Script
application/x-javascript 108.138.64.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.iterable.com/analytics.js
Requested by: Host: promo.com
URL: https://promo.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.64.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-64-19.iad12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b07ff9cb3ee66f1f0e4c708320ea5d9d6487d1b15e022416d914e214df163aa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

ETag: "92ec746618875057f06112a34d2770a9"
Age: 50317
Connection: keep-alive
Via: 1.1 c1bfc7dbcf7f9782aa3be590b7ce3d6a.cloudfront.net (CloudFront)
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Content-Length: 2281
X-Amz-Cf-Id: njCaphOd964hzgz_DQp1CGgHbSoBNmVUCfE30ksNmCjr1XANSLs6SA==
Date: Thu, 14 Nov 2024 16:32:58 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 18 Dec 2015 02:22:54 GMT
Server: AmazonS3
X-Amz-Cf-Pop: IAD12-P1

GET
H2 200 deployment.js Show response
lift-ai-js.marketlinc.com/promo.com/ 5 KB
2 KB 257ms
88ms Script
application/javascript 18.160.10.63

General

Check archive.org

Show headers Download Go to

Full URL: https://lift-ai-js.marketlinc.com/promo.com/deployment.js?361516724
Requested by: Host: promo.com
URL: https://promo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.10.63 , United States, ASN (),
Reverse DNS: server-18-160-10-63.iad12.r.cloudfront.net
Software: Apache/2.4.62 () OpenSSL/1.0.2k-fips /
Resource Hash: 88d6ad55118ebcb9135389c19e07694ad6d82a572acbfab24d4768e532372595

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

cache-control: no-cache="set-cookie"
content-encoding: gzip
via: 1.1 c13d71f8919c23db6bbd1c08a4dfb350.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 1958
x-amz-cf-id: NPtg07Lju_P9w4yuWoBit4Fysvv_cyyn7jvhSvWQ8pMmodpP4cY0xg==
date: Fri, 15 Nov 2024 06:31:33 GMT
content-type: application/javascript
x-amz-cf-pop: IAD12-P3
server: Apache/2.4.62 () OpenSSL/1.0.2k-fips

POST
H3 200 8e2d32efeb2fe9f1 Show response
promo.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 3BAB 0
693 B 64ms
58ms XHR
text/plain 172.64.149.202

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.com/cdn-cgi/challenge-platform/h/g/jsd/r/8e2d32efeb2fe9f1
Requested by: Host: promo.com
URL: https://promo.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.149.202 San Francisco, United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

cf-ray: 8e2d32f65c0ce9f1-MIA
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
priority: u=1,i

GET
H3 200 session Show response
promo.com/data/user/ 136 B
438 B 144ms
143ms XHR
application/json 172.64.149.202

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.com/data/user/session

Requested by

Host: ak01-promo-cdn.slidely.com
URL: https://ak01-promo-cdn.slidely.com/1731579940/dist/sdk.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.149.202 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

41faf98559d019b50a1c74d296df889554d9f3638a981c7be93aae44e9d90074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
expires: Thu, 19 Nov 1981 08:52:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: CP="CAO PSA OUR"
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: application/json
priority: u=1,i
x-frame-options: sameorigin
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-trace-id: ebb4ff663593c87f18ed051aa46b8a75
cf-ray: 8e2d32f69c51e9f1-MIA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 favicon48x48.png
promo.com/favicons/ 624 B
952 B 63ms
62ms Other
image/webp 172.64.149.202

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.com/favicons/favicon48x48.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.149.202 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

455560bddccbf75cbe80bf0c62467262bc799b9471358501bd462b5f2c093580

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "6571b53b-1bd4"
age: 1695
cf-cache-status: HIT
x-content-type-options: nosniff
expires: Fri, 15 Nov 2024 10:31:34 GMT
cf-polished: origFmt=png, origSize=7124
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: image/webp
content-disposition: inline; filename="favicon48x48.webp"
vary: Accept
last-modified: Thu, 07 Dec 2023 12:06:19 GMT
priority: u=1,i
cache-control: public, max-age=14400
cf-ray: 8e2d32f6dc95e9f1-MIA
accept-ranges: bytes
content-length: 624
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 main.5aecc8b1.js Show response
s.pinimg.com/ct/lib/ 82 KB
23 KB 32ms
30ms Script
application/javascript 2a04:4e42:600::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.5aecc8b1.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 19576a00ececd1add5cecaa486d9f1f224597e55442a826c77d6ad17f8c11e07

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

access-control-max-age: 86400
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
content-encoding: br
etag: "f1f002e8782a3d0f44fde21e97f61203"
x-cdn: fastly
access-control-allow-methods: GET
alt-svc: h3=":443";ma=600
access-control-allow-origin: *
content-length: 23676
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-server-side-encryption: AES256

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 55 KB
19 KB 231ms
63ms Script
text/javascript 2600:1901:0:498c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: ak04-promo-cdn.slidely.com
URL: https://ak04-promo-cdn.slidely.com/1731579940/dist/seo/promo-common-seo-chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:498c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: bc94ac4cf8c40825ad44690336b1de510a0b5dd6428a5759b0cc5284dcdc7e08

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

x-goog-metageneration: 2
content-encoding: gzip
x-goog-hash: crc32c=Awfd4g==, md5=94g9eoI2/luNwM5SGIfwSw==
etag: "f7883d7a8236fe5b8dc0ce521887f04b"
age: 278
x-goog-stored-content-encoding: gzip
expires: Fri, 15 Nov 2024 06:36:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 19120
date: Fri, 15 Nov 2024 06:26:56 GMT
last-modified: Tue, 05 Nov 2024 17:21:22 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AFiumC6hX4bvj0DxGViKsYin8Jcp_UaZBMTbFKMS12uLrslN67XWeSVh4wot2y9YiX9ygiIWOdejpVTH-g
cache-control: public,max-age=600
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730827282841656
content-length: 19120
server: UploadServer

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 175ms
111ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: ak04-promo-cdn.slidely.com
URL: https://ak04-promo-cdn.slidely.com/1731579940/dist/seo/promo-common-seo-chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

89b91379c34ce472b4ed6561e27c5a520387e28f8e75143120b1fa83e7512924

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

content-md5: RFLiHw9iLw+m+bDZ+FdrVg==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "86f02d306e28f6114e479bf41f8ea606"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Fri, 15 Nov 2024 06:47:35 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 7632aa5132d351077bf2379e6ad97e4f
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=54, rtx=0, c=23, mss=1232, tbw=32740, tp=33, tpl=0, uplat=3, ullat=-1
x-fb-debug: zWgYF5L7aMupVUbPlcUdJJgkypPt9bayeWhMmr2k2BoIwV8WomP6BN+6rLFY5SsZ/xUk2hxAZqDBL9KNYyqwXA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 1685
origin-agent-cluster: ?1

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 121ms
58ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ak04-promo-cdn.slidely.com
URL: https://ak04-promo-cdn.slidely.com/1731579940/dist/seo/promo-common-seo-chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-LPghx3Sm' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-LPghx3Sm' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: GOOD; q=0.7, rtt=54, rtx=0, c=23, mss=1232, tbw=4500, tp=10, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: c0+k/thwu4WVvvRGy2ar6IhID1eFsdNRvlj9m3mwcf7eAhesKKHZDd3nSx69hS+Nz6+r10zzlfCWDwZj2WfNTA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62152
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 x.svg
promo.com/1731578791190/dist/svg/public/images/promoVideos/photos/ 928 B
674 B 59ms
59ms Image
image/svg+xml 172.64.149.202

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promo.com/1731578791190/dist/svg/public/images/promoVideos/photos/x.svg?ef5555457187cb1a87898add6e625da4

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.149.202 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

f9fe3269835ba1d5f608624333f325c24858f6b14384791c1326fba76901adad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

content-encoding: br
cf-cache-status: HIT
age: 71493
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 12:31:34 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: image/svg+xml
last-modified: Thu, 14 Nov 2024 10:08:09 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: sameorigin
cache-control: public, max-age=31557600
cf-ray: 8e2d32f7de35e9f1-MIA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 should-show-cookies-policy-popup Show response
promo.com/promoVideos/data/ 68 B
396 B 132ms
131ms XHR
application/json 172.64.149.202

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.com/promoVideos/data/should-show-cookies-policy-popup

Requested by

Host: ak04-promo-cdn.slidely.com
URL: https://ak04-promo-cdn.slidely.com/1731579940/dist/seo/promo-common-seo-chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.149.202 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e73f0ca14a65362bbc794ea2f950e3055bd9e555d540b8124612bed78df093e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://promo.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
expires: Thu, 19 Nov 1981 08:52:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: CP="CAO PSA OUR"
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: application/json
priority: u=1,i
x-frame-options: sameorigin
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-trace-id: a73e273950c325c32912b1d3cd51352c
cf-ray: 8e2d32f7fe50e9f1-MIA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 session Show response
promo.com/data/user/ 136 B
438 B 131ms
130ms XHR
application/json 172.64.149.202

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.com/data/user/session

Requested by

Host: ak01-promo-cdn.slidely.com
URL: https://ak01-promo-cdn.slidely.com/1731579940/dist/sdk.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.149.202 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

41faf98559d019b50a1c74d296df889554d9f3638a981c7be93aae44e9d90074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
expires: Thu, 19 Nov 1981 08:52:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: CP="CAO PSA OUR"
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: application/json
priority: u=1,i
x-frame-options: sameorigin
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-trace-id: ce09f41ef631ed873d25da4da1217b80
cf-ray: 8e2d32f80e68e9f1-MIA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 get-user-limits Show response
promo.com/promoVideos/data/ 42 B
373 B 127ms
126ms XHR
application/json 172.64.149.202

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.com/promoVideos/data/get-user-limits

Requested by

Host: ak04-promo-cdn.slidely.com
URL: https://ak04-promo-cdn.slidely.com/1731579940/dist/seo/promo-common-seo-chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.149.202 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

b5d7b287cee71597b5df9c723d516d12805d54104463b10040042a68c59b157d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://promo.com/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
expires: Thu, 19 Nov 1981 08:52:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: CP="CAO PSA OUR"
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: application/json
priority: u=1,i
x-frame-options: sameorigin
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-trace-id: 08853917d412ace4121db5a70914e2c8
cf-ray: 8e2d32f80e72e9f1-MIA
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 204 collect
analytics.google.com/g/ 0
0 201ms
65ms Fetch
text/plain 2607:f8b0:4004:c1d::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-115YEV4FHZ&gtm=45je4bc0v9178168010za200&_p=1731652294007&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067554~102067808~102077855&cid=1334172061.1731652294&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1731652294&sct=1&seg=0&dl=https%3A%2F%2Fpromo.com%2F&dt=Promo%20AI%20Video%20Maker%20by%20Promo.com%20-%20Fast%2C%20Simple%2C%20Free&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1454
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-115YEV4FHZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://promo.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
549 B 199ms
64ms Ping
text/plain 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-115YEV4FHZ&cid=1334172061.1731652294&gtm=45je4bc0v9178168010za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067554~102067808~102077855
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-115YEV4FHZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://promo.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 3074 0
0 198ms
70ms Document
text/html 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-115YEV4FHZ&gacid=1334172061.1731652294&gtm=45je4bc0v9178168010za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067554~102067808~102077855&z=713171408

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-115YEV4FHZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Nov 2024 06:31:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 289 KB
99 KB 90ms
88ms Script
application/javascript 2607:f8b0:4004:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-854643498&l=dataLayer&cx=c&gtm=45je4bc0v9178168010za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-115YEV4FHZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ca4308e22228da627b295acf6ace2399ff8a66e55aed4413a2c89f13d023f31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 15 Nov 2024 06:31:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 15 Nov 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 101249
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 285 KB
98 KB 75ms
74ms Script
application/javascript 2607:f8b0:4004:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-854658101&l=dataLayer&cx=c&gtm=45je4bc0v9178168010za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-115YEV4FHZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

68c7b5ae38e7bd2af842f16ee8d23353e5cdc91dc74da95973b525fe2a161497

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 15 Nov 2024 06:31:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 15 Nov 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 99938
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 session Show response
promo.com/data/user/ 136 B
438 B 157ms
124ms Fetch
application/json 172.64.149.202

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.com/data/user/session

Requested by

Host: ak04-promo-cdn.slidely.com
URL: https://ak04-promo-cdn.slidely.com/1731579940/dist/seo/promo-common-seo-chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.149.202 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

41faf98559d019b50a1c74d296df889554d9f3638a981c7be93aae44e9d90074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
expires: Thu, 19 Nov 1981 08:52:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: CP="CAO PSA OUR"
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: application/json
priority: u=1,i
x-frame-options: sameorigin
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-trace-id: 4f79687abe8484d6253e7e1007729d17
cf-ray: 8e2d32f8dfc2e9f1-MIA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 thirdparty
promo.com/general/ 42 B
369 B 387ms
386ms Image
image/gif 172.64.149.202

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promo.com/general/thirdparty?type=1&e_n=ViewContent&e_id=ViewContent.1731652294505.hJ77ZnJfFOmI&u_a=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F130.0.0.0%20Safari%2F537.36&s_url=https%3A%2F%2Fpromo.com%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.149.202 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

cf-cache-status: DYNAMIC
x-content-type-options: nosniff
expires: Thu, 19 Nov 1981 08:52:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: CP="CAO PSA OUR"
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: image/gif
priority: u=3,i
x-frame-options: sameorigin
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-trace-id: b238b063a8e4f25c09c34231a4476685
cf-ray: 8e2d32f8cfb6e9f1-MIA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 238ms
58ms Script
application/javascript 2600:1408:c400:5::17c7:3716
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: promo.com
URL: https://promo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:5::17c7:3716 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

cache-control: max-age=34723
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Fri, 15 Nov 2024 06:31:34 GMT
last-modified: Thu, 22 Aug 2024 11:06:54 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 221ms
61ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: promo.com
URL: https://promo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AE3B0563597A41F6B37586202FB689E1 Ref B: MIA301000102031 Ref C: 2024-11-15T06:31:34Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 57 KB
16 KB 285ms
68ms Script
application/javascript 199.232.72.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: promo.com
URL: https://promo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.72.157 Kansas City, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

vary: Accept-Encoding,Host
cache-control: no-cache
content-encoding: gzip
etag: "4328e910de583ad53b3a7a76455af005+gzip+gzip"
accept-ranges: bytes
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 15926
date: Fri, 15 Nov 2024 06:31:34 GMT
x-tw-cdn: FT
last-modified: Tue, 29 Oct 2024 01:22:31 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-iad-kiad7000145-IAD, cache-mci680067-MCI
x-amz-server-side-encryption: AES256

GET
H3

200

main.js Show response
promo.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5cdd008291ae/ Frame 3BAB
Redirect Chain

https://promo.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://promo.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5cdd008291ae/main.js?

8 KB
0

1ms
0ms

Script
application/javascript

172.64.149.202

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5cdd008291ae/main.js?

Protocol

Server

172.64.149.202 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

957736737a1a7a3546b8d8eb35144807c9056a06a867a0090d17a6902d8cd7a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding: br
x-content-type-options: nosniff
cf-ray: 8e2d32f4ea3de9f1-MIA
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/5cdd008291ae/main.js?
cf-ray: 8e2d32f3f8e2e9f1-MIA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:33 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

POST
H3 200 check-payment-error Show response
promo.com/data/billing/ 2 B
940 B 104ms
103ms XHR
application/json 172.64.149.202

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.com/data/billing/check-payment-error

Requested by

Host: promo.com
URL: https://promo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.149.202 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=_vA5h_jxAu3sNdPTEvg8F8Rrqz1tXxpKWbR3N1sZpBM-1731652294-1.0.1.1-HkACK7VXWWF4Pc4Ju9b208ChoOelqn8mgo4U_YnUxujBY2s.8lusgLHUVEzMX8PwSAl3SAunrnV2wrsNVuDShagXRZ8Vr.12_y.OJ.qnxwRNkKmQJ401gwqPnMU00HpZuTXXjg_44RKsvfeeb7VglQ"}],"group":"cf-csp-endpoint","max_age":86400}
x-content-type-options: nosniff
expires: Thu, 19 Nov 1981 08:52:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: CP="CAO PSA OUR"
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: application/json
priority: u=1,i
x-frame-options: sameorigin
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-trace-id: 00de00445562403e65afe2224f404aa0
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_vA5h_jxAu3sNdPTEvg8F8Rrqz1tXxpKWbR3N1sZpBM-1731652294-1.0.1.1-HkACK7VXWWF4Pc4Ju9b208ChoOelqn8mgo4U_YnUxujBY2s.8lusgLHUVEzMX8PwSAl3SAunrnV2wrsNVuDShagXRZ8Vr.12_y.OJ.qnxwRNkKmQJ401gwqPnMU00HpZuTXXjg_44RKsvfeeb7VglQ; report-to cf-csp-endpoint
cf-ray: 8e2d32f8dfbae9f1-MIA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 van22wlo Show response
widget.intercom.io/widget/ 7 KB
3 KB 241ms
68ms Script
application/javascript 108.138.64.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/van22wlo
Requested by: Host: promo.com
URL: https://promo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.64.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-64-83.iad12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6df8f5958e5d993f597ce6e745b03147f613c04163391ab9e3c66b8edb73fcc7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

content-encoding: gzip
x-amz-version-id: IAcYat5n6R8OouReR2YPPkaYD0AiNgKc
etag: "b3c8e9f305b8cd51c22f6552b3cd2d49"
age: 379
alt-svc: h3=":443"; ma=86400
x-cache: Error from cloudfront
x-amz-cf-id: 7Q28aQNHKdmnJLb7yTnA-26b__Zx4cEkI-VfktK7qLU3_Qj9519G8A==
date: Fri, 15 Nov 2024 06:25:15 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding, Origin
last-modified: Thu, 14 Nov 2024 10:20:11 GMT
cache-control: max-age=300, s-maxage=300, public
cross-origin-resource-policy: cross-origin
via: 1.1 145bb9cba9e12350510f02ee9ab6ca22.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 2667
x-amz-cf-pop: IAD12-P1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 1731579940
ak04-promo-cdn.slidely.com/images/promoVideos/homepage/ai/thumbs/1.png/ 2 KB
2 KB 89ms
88ms Image
image/png 172.64.148.114

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ak04-promo-cdn.slidely.com/images/promoVideos/homepage/ai/thumbs/1.png/1731579940

Requested by

Host: ak01-promo-cdn.slidely.com
URL: https://ak01-promo-cdn.slidely.com/1731579940/dist/seo/layout.seo.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.148.114 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

625661b8554c143ea30a9626aa6a3eab934670c7c260b4cefa6521602c0ee67a

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

cache-control: max-age=31557600, public
cf-cache-status: DYNAMIC
cf-ray: 8e2d32f8eb287482-MIA
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 2301
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: image/png
last-modified: Fri, 06 Sep 2024 09:07:21 GMT
server: cloudflare
priority: u=3,i
x-frame-options: sameorigin

GET
H3 200 1731579940
ak01-promo-cdn.slidely.com/images/promoVideos/homepage/trusted-by/x1/intuit.png/ 451 B
642 B 89ms
87ms Image
image/png 172.64.148.114

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ak01-promo-cdn.slidely.com/images/promoVideos/homepage/trusted-by/x1/intuit.png/1731579940

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.148.114 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

18c2dce0edae42c8f2d1275603fe291ea90105218ad58294a7ec5dc4b35ee060

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

cache-control: max-age=31557600, public
cf-cache-status: DYNAMIC
cf-ray: 8e2d32f8e8d267d2-MIA
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 451
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: image/png
last-modified: Fri, 22 Mar 2024 07:04:02 GMT
server: cloudflare
priority: u=3,i
x-frame-options: sameorigin

GET
H3 200 1731579940
ak01-promo-cdn.slidely.com/images/promoVideos/homepage/trusted-by/x1/manpower.png/ 863 B
1 KB 106ms
104ms Image
image/png 172.64.148.114

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ak01-promo-cdn.slidely.com/images/promoVideos/homepage/trusted-by/x1/manpower.png/1731579940

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.148.114 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

fd33224a3d5db032244a23a9d5d260d0614ba436e581070c24ecedfb89c72912

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

cache-control: max-age=31557600, public
cf-cache-status: DYNAMIC
cf-ray: 8e2d32f8e8d667d2-MIA
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 863
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: image/png
last-modified: Fri, 22 Mar 2024 07:04:02 GMT
server: cloudflare
priority: u=3,i
x-frame-options: sameorigin

GET
H3 200 1731579940
ak02-promo-cdn.slidely.com/images/promoVideos/homepage/trusted-by/x1/cisco.png/ 602 B
792 B 300ms
102ms Image
image/png 172.64.148.114

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ak02-promo-cdn.slidely.com/images/promoVideos/homepage/trusted-by/x1/cisco.png/1731579940

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.148.114 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

6bba7d288cee726bb77e4293d1240266d92e784378e1cb1c5e0e7b991b0f1c9e

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

cache-control: max-age=31557600, public
cf-cache-status: DYNAMIC
cf-ray: 8e2d32fa1e4ba699-MIA
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 602
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: image/png
last-modified: Fri, 22 Mar 2024 07:04:02 GMT
server: cloudflare
priority: u=3,i
x-frame-options: sameorigin

GET
H3 200 1731579940
ak03-promo-cdn.slidely.com/images/promoVideos/homepage/trusted-by/x1/radware.png/ 742 B
933 B 90ms
88ms Image
image/png 172.64.148.114

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ak03-promo-cdn.slidely.com/images/promoVideos/homepage/trusted-by/x1/radware.png/1731579940

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.148.114 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

042aaed2e03d5d3229c2d39ff93549256e92f673951c8f44b3349723e61ddb9a

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

cache-control: max-age=31557600, public
cf-cache-status: DYNAMIC
cf-ray: 8e2d32f8ec72da9f-MIA
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 742
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: image/png
last-modified: Fri, 22 Mar 2024 07:04:02 GMT
server: cloudflare
priority: u=3,i
x-frame-options: sameorigin

GET
H3 200 1731579940
ak01-promo-cdn.slidely.com/images/promoVideos/homepage/trusted-by/x1/uber.png/ 561 B
752 B 112ms
110ms Image
image/png 172.64.148.114

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ak01-promo-cdn.slidely.com/images/promoVideos/homepage/trusted-by/x1/uber.png/1731579940

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.148.114 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

b52fb25eaf37f639e7c2f4f0fd67e4dc61298c7ea326c0204e2e1f5108729a50

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

cache-control: max-age=31557600, public
cf-cache-status: DYNAMIC
cf-ray: 8e2d32f8e8d767d2-MIA
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 561
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: image/png
last-modified: Fri, 22 Mar 2024 07:04:02 GMT
server: cloudflare
priority: u=3,i
x-frame-options: sameorigin

GET
H3 200 1731579940
ak02-promo-cdn.slidely.com/images/promoVideos/homepage/trusted-by/x1/salesforce.png/ 1016 B
1 KB 300ms
103ms Image
image/png 172.64.148.114

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ak02-promo-cdn.slidely.com/images/promoVideos/homepage/trusted-by/x1/salesforce.png/1731579940

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.148.114 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

6d3457ac64ef50327dd58a41924baea73f640cc7db40bbfbdba48a387f46fda6

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

cache-control: max-age=31557600, public
cf-cache-status: DYNAMIC
cf-ray: 8e2d32fa1e4aa699-MIA
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1016
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: image/png
last-modified: Fri, 22 Mar 2024 07:04:02 GMT
server: cloudflare
priority: u=3,i
x-frame-options: sameorigin

GET
H3 200 1731579940
ak02-promo-cdn.slidely.com/images/promoVideos/homepage/trusted-by/x1/volvo.png/ 463 B
690 B 285ms
88ms Image
image/png 172.64.148.114

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ak02-promo-cdn.slidely.com/images/promoVideos/homepage/trusted-by/x1/volvo.png/1731579940

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.148.114 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

bb2d441b86e292bc36d6c145a233fa0ef1aec4aae9c884a34ca1f8e95cf2e30a

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

cache-control: max-age=31557600, public
cf-cache-status: DYNAMIC
cf-ray: 8e2d32fa1e49a699-MIA
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 463
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: image/png
last-modified: Fri, 22 Mar 2024 07:04:02 GMT
server: cloudflare
priority: u=3,i
x-frame-options: sameorigin

GET
H2 200 / Show response
ct.pinterest.com/user/ 327 B
740 B 289ms
61ms XHR
application/json 23.220.128.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613017108570&cb=1731652294534&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.5aecc8b1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.220.128.196 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-128-196.deploy.static.akamaitechnologies.com

Software

Resource Hash

5612e07185add6333ccf39345089eedafce9235ae2770f3e3c93e88805532780

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

access-control-expose-headers: Epik,Pin-Unauth
content-encoding: gzip
x-pinterest-rid-128bit: e9efca2bb586f7fc70c56075d3936525
expires: Sat, 01 Jan 2000 00:00:00 GMT
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 0
x-cdn: akamai
access-control-allow-credentials: true
referrer-policy: origin
pin-unauth: dWlkPU1XUTJNakZoTkdNdE16VmxaUzAwTXpCbExUZzNNVEV0TWpjNFl6SXdPVE5pTW1Jeg
pinterest-version: fe8dde823c9d8ad4331a9352a6a28b5f1fb1cf4b
access-control-allow-origin: https://promo.com
content-length: 187
akamai-grn: 0.19dfda17.1731652294.4ef317f
x-pinterest-rid: 8126007161837020

GET
H2 200 / Show response
ct.pinterest.com/user/ 327 B
740 B 288ms
61ms XHR
application/json 23.220.128.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?event=PageVisit&tid=2613017108570&cb=1731652294535&dep=5%2CEVENT_TAGS_ABSENT

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.5aecc8b1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.220.128.196 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-128-196.deploy.static.akamaitechnologies.com

Software

Resource Hash

5612e07185add6333ccf39345089eedafce9235ae2770f3e3c93e88805532780

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

access-control-expose-headers: Epik,Pin-Unauth
content-encoding: gzip
x-pinterest-rid-128bit: ac17cc34acebf0f295f5c63551139d13
expires: Sat, 01 Jan 2000 00:00:00 GMT
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-cdn: akamai
access-control-allow-credentials: true
referrer-policy: origin
pin-unauth: dWlkPVpHRXlaRGM1TW1VdFl6RmpOeTAwWVRJNExXSTJaakl0WmprNFptVXdZMkZsT0RkbA
pinterest-version: fe8dde823c9d8ad4331a9352a6a28b5f1fb1cf4b
access-control-allow-origin: https://promo.com
content-length: 187
akamai-grn: 0.19dfda17.1731652294.4ef3180
x-pinterest-rid: 1080576081324117

GET
H2 200 snippet.js Show response
lift-ai-js.marketlinc.com/promo.com/ 38 KB
10 KB 95ms
94ms Script
application/javascript 18.160.10.63

General

Check archive.org

Show headers Download Go to

Full URL: https://lift-ai-js.marketlinc.com/promo.com/snippet.js?viewId=66703694
Requested by: Host: lift-ai-js.marketlinc.com
URL: https://lift-ai-js.marketlinc.com/promo.com/deployment.js?361516724
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.10.63 , United States, ASN (),
Reverse DNS: server-18-160-10-63.iad12.r.cloudfront.net
Software: Apache/2.4.62 () OpenSSL/1.0.2k-fips /
Resource Hash: ae1cf82617de16d25b1befe19600f6b21b074ab54e68f729fee2e048109d2ef9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

cache-control: no-cache="set-cookie"
content-encoding: gzip
via: 1.1 c13d71f8919c23db6bbd1c08a4dfb350.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 9469
x-amz-cf-id: omPJEeMrkO6cFi3pYoIGrfc2mjg-1FKtPaW--kWjNUnJk9nl0FNT4g==
date: Fri, 15 Nov 2024 06:31:33 GMT
content-type: application/javascript
x-amz-cf-pop: IAD12-P3
server: Apache/2.4.62 () OpenSSL/1.0.2k-fips

GET
H2 200 6si.min.js Show response
j.6sc.co/ 68 KB
19 KB 293ms
72ms Script
application/javascript 23.73.207.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: lift-ai-js.marketlinc.com
URL: https://lift-ai-js.marketlinc.com/promo.com/deployment.js?361516724

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.73.207.15 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-73-207-15.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

56df5bf2317bc2156b954c3fd2913afcce23eb4947c47f3ac401017dc4a0151d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

cache-control: private, proxy-revalidate, max-age=10800
content-encoding: gzip
etag: "66fb91ae-111d7"
x-content-type-options: nosniff
expires: Fri, 15 Nov 2024 09:31:34 GMT
accept-ranges: bytes
content-length: 18830
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: application/javascript
vary: Accept-Encoding
server: nginx/1.14.0 (Ubuntu)
last-modified: Tue, 01 Oct 2024 06:07:42 GMT

GET
H2 200 modules.6f60e575cf8ad7cb10f7.js Show response
script.hotjar.com/ 222 KB
55 KB 243ms
66ms Script
application/javascript 3.167.56.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.6f60e575cf8ad7cb10f7.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1367711.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.167.56.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-167-56-55.iad61.r.cloudfront.net

Software

Resource Hash

f0a9b19d1615e0e2afdca507d4c7cbe384b0bdfad5cbaf63c14a386df33a62d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

x-robots-tag: none
content-encoding: br
etag: "56b1b49a4bdc4c874445907df778d045"
age: 922296
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: DsXe672YcGp_A-Q9Il9sdOCLOC84kT5vuoESsswRy3DKmMxsmWPNxg==
date: Mon, 04 Nov 2024 14:19:58 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 Nov 2024 14:19:24 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 32a86417f344d7ce72f29ebf299d3192.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56128
x-amz-cf-pop: IAD61-P5

GET
H2 200 widget_app_base_1731605784396.js Show response
cdn.userway.org/widgetapp/2024-11-14-17-36-24/ 129 KB
40 KB 253ms
125ms Script
application/javascript 2a02:6ea0:c400::54
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-11-14-17-36-24/widget_app_base_1731605784396.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ca1737927d406907783b80e5e90b1e5c9203853171bdd036c12467fb6fdd615a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://promo.com
Referer: https://promo.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"6d4b93c52ab86c5e3bcfaee695e910f3"
age: 303
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: AD7SpWvm_dWDr07YWklPUTGjz-3bWgkkDmi3nxQJbAXWHLAZz7ixGg==
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 17:39:07 GMT
vary: Accept-Encoding
x-77-nzt-ray: f03d061381d9ac87c6ea36675b12822a
x-77-nzt: EgwBT3/O6QH3VLMAAAwBnJI73wG3DQAAAA
cache-control: max-age=25920000, public
via: 1.1 441f91af2fc013470161b54d14d10a44.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 45908
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

POST
H3 204 rum Show response
promo.com/cdn-cgi/ 0
136 B 45ms
44ms XHR
text/plain 172.64.149.202

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.149.202 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: application/json
Referer: https://promo.com/

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8e2d32f90807e9f1-MIA
access-control-allow-origin: https://promo.com
date: Fri, 15 Nov 2024 06:31:34 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H3 206 1731579940
ak01-promo-cdn.slidely.com/images/promoVideos/homepage/ai/videos/1.mp4/ 307 KB
307 KB 111ms
111ms Media
video/mp4 172.64.148.114

General

Check archive.org

Show headers Download Go to

Full URL

https://ak01-promo-cdn.slidely.com/images/promoVideos/homepage/ai/videos/1.mp4/1731579940

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.148.114 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

6b8a685a18ce72be14284da2746c84aa6c7c3a12e393df6667975b826998f144

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://promo.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

cache-control: max-age=31557600, public
cf-cache-status: DYNAMIC
Content-Range: bytes 0-313986/313987
cf-ray: 8e2d32f918fc67d2-MIA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
Content-Length: 313987
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: video/mp4
last-modified: Thu, 28 Mar 2024 07:03:52 GMT
server: cloudflare
priority: u=3,i
x-frame-options: sameorigin

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 248 KB
73 KB 61ms
60ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=fac72a1b3f1ea01e3a22e739c8a3973e

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

97dc4d7c6b0222cbf2d21652438ab5efa1307878c4d722baa1c817c7d341afe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://promo.com
Referer: https://promo.com/

Response headers

content-md5: hPyIXm1QNjClUcNyaQdbkQ==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "70cb745986846fd6aa173e9356b6e6d4"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 06:19:17 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 618b0783fd6fb5847bcaf5affeed9e76
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: UNKNOWN; q=-1, rtt=-1, rtx=0, c=20, mss=1232, tbw=1826, tp=5, tpl=0, uplat=0, ullat=-1
x-fb-debug: AsMbJCuUp6K+kWlxZq8vREkgJKdQimoUZoIXuLNuWPm+yexkLo4eiAxFR7PScHg9j55gSVOcj9MS5Zw8jN5Iqw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 75118
origin-agent-cluster: ?1

GET
H3 200 712371922135655 Show response
connect.facebook.net/signals/config/ 69 KB
14 KB 135ms
133ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/712371922135655?v=2.9.177&r=stable&domain=promo.com&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

2fa3e5574b9641fa0dbf618bb529cec3f1e231f7625f2dcdcf33e7be4860ea6d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-Cf69mGT3' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-Cf69mGT3' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=59, rtx=0, c=78, mss=1232, tbw=72580, tp=69, tpl=0, uplat=78, ullat=0
pragma: public
x-fb-debug: gAjCIPTDF8caRzVHmjQQn4aq67AO/XIptxr6RfjC/DdlW+vKP8YXTfLDf+qXvn5Dwj2FhhZmhxwPXqysLgnfkA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 / Show response
ct.pinterest.com/v3/ 35 B
559 B 228ms
59ms Fetch
image/gif 23.220.128.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/v3/?tid=2613017108570&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fpromo.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%225aecc8b1%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1731652294592

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.5aecc8b1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.220.128.196 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-128-196.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

x-pinterest-rid-128bit: c5b735a44198d5e6b6d87a16df8aa2a5
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=600
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: image/gif
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 0
x-cdn: akamai
access-control-allow-credentials: true
referrer-policy: origin
pinterest-version: fe8dde823c9d8ad4331a9352a6a28b5f1fb1cf4b
access-control-allow-origin: https://promo.com
content-length: 35
akamai-grn: 0.19dfda17.1731652294.4ef3179
x-pinterest-rid: 1317541494853066

POST
H3 200 8e2d32efeb2fe9f1 Show response
promo.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 3BAB 0
690 B 54ms
47ms XHR
text/plain 172.64.149.202

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.com/cdn-cgi/challenge-platform/h/g/jsd/r/8e2d32efeb2fe9f1
Requested by: Host: promo.com
URL: https://promo.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.149.202 San Francisco, United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

cf-ray: 8e2d32fa49dfe9f1-MIA
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
priority: u=1,i

POST
H3 200 collect
www.google.com/ccm/ 0
0 179ms
67ms Ping
text/plain 172.253.115.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fpromo.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=2018700539.1731652295&auid=2057158053.1731652295&npa=0&gtm=45be4bc0v9174843462za200zb9178168010&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&tft=1731652294792&tfd=1792&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-854658101&l=dataLayer&cx=c&gtm=45je4bc0v9178168010za200
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.115.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bg-in-f103.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/854658101/ 5 KB
2 KB 185ms
73ms Script
text/javascript 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/854658101/?random=1731652294785&cv=11&fst=1731652294785&bg=ffffff&guid=ON&async=1&gtm=45be4bc0v9174843462za200zb9178168010&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromo.com%2F&hn=www.googleadservices.com&frm=0&tiba=Promo%20AI%20Video%20Maker%20by%20Promo.com%20-%20Fast%2C%20Simple%2C%20Free&npa=0&pscdl=noapi&auid=2057158053.1731652295&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-854658101&l=dataLayer&cx=c&gtm=45je4bc0v9178168010za200

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

597ff1d4582c1b71dc6fcb85248d2e75a98fa123eb1568d5b84abcecb45d5502

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2369
date: Fri, 15 Nov 2024 06:31:34 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 854658101
td.doubleclick.net/td/rul/ Frame 97F0 0
0 75ms
74ms Document
text/html 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/854658101?random=1731652294785&cv=11&fst=1731652294785&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bc0v9174843462za200zb9178168010&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromo.com%2F&hn=www.googleadservices.com&frm=0&tiba=Promo%20AI%20Video%20Maker%20by%20Promo.com%20-%20Fast%2C%20Simple%2C%20Free&npa=0&pscdl=noapi&auid=2057158053.1731652295&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-854658101&l=dataLayer&cx=c&gtm=45je4bc0v9178168010za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Nov 2024 06:31:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 854658101
google.com/ccm/form-data/ 0
20 B 171ms
62ms Ping
text/plain 172.253.115.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/ccm/form-data/854658101?gtm=45be4bc0pfv9174843462za200zb9178168010&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&npa=0&frm=0&pscdl=noapi&auid=2057158053.1731652295&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&em=tv.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-854658101&l=dataLayer&cx=c&gtm=45je4bc0v9178168010za200
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.115.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bg-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:57:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:57:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://promo.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/854658101/ 5 KB
2 KB 153ms
79ms Script
text/javascript 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/854658101/?random=1731652294838&cv=11&fst=1731652294838&bg=ffffff&guid=ON&async=1&gtm=45be4bc0v9174843462za200zb9178168010&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromo.com%2F&hn=www.googleadservices.com&frm=0&tiba=Promo%20AI%20Video%20Maker%20by%20Promo.com%20-%20Fast%2C%20Simple%2C%20Free&npa=0&pscdl=noapi&auid=2057158053.1731652295&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dhomepage%20viewed%3Bnon_interaction%3Dtrue%3Bevent_category%3Ddefault%3Bevent_lable%3Dhomepage%20viewed&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-854658101&l=dataLayer&cx=c&gtm=45je4bc0v9178168010za200

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

e9045b6ad404e904a3791d0a260c3a59a5ca6cf192571dd89061ef039a56892f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2407
date: Fri, 15 Nov 2024 06:31:34 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 854658101
td.doubleclick.net/td/rul/ Frame E423 0
0 75ms
74ms Document
text/html 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/854658101?random=1731652294838&cv=11&fst=1731652294838&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bc0v9174843462za200zb9178168010&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromo.com%2F&hn=www.googleadservices.com&frm=0&tiba=Promo%20AI%20Video%20Maker%20by%20Promo.com%20-%20Fast%2C%20Simple%2C%20Free&npa=0&pscdl=noapi&auid=2057158053.1731652295&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dhomepage%20viewed%3Bnon_interaction%3Dtrue%3Bevent_category%3Ddefault%3Bevent_lable%3Dhomepage%20viewed

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-854658101&l=dataLayer&cx=c&gtm=45je4bc0v9178168010za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Nov 2024 06:31:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/854643498/ 5 KB
2 KB 110ms
75ms Script
text/javascript 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/854643498/?random=1731652294867&cv=11&fst=1731652294867&bg=ffffff&guid=ON&async=1&gtm=45be4bc0v9174747982za200zb9178168010&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromo.com%2F&hn=www.googleadservices.com&frm=0&tiba=Promo%20AI%20Video%20Maker%20by%20Promo.com%20-%20Fast%2C%20Simple%2C%20Free&npa=0&pscdl=noapi&auid=2057158053.1731652295&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-854643498&l=dataLayer&cx=c&gtm=45je4bc0v9178168010za200

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

caefbd45cb44bb2dbe3a1a87cd1221d08343502a0a7cdada719b3d5a9743a79c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2367
date: Fri, 15 Nov 2024 06:31:34 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 854643498
td.doubleclick.net/td/rul/ Frame 6E3E 0
0 73ms
72ms Document
text/html 142.251.163.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/854643498?random=1731652294867&cv=11&fst=1731652294867&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bc0v9174747982za200zb9178168010&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromo.com%2F&hn=www.googleadservices.com&frm=0&tiba=Promo%20AI%20Video%20Maker%20by%20Promo.com%20-%20Fast%2C%20Simple%2C%20Free&npa=0&pscdl=noapi&auid=2057158053.1731652295&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-854643498&l=dataLayer&cx=c&gtm=45je4bc0v9178168010za200

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 1224
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Nov 2024 06:31:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/854643498/ 5 KB
2 KB 88ms
87ms Script
text/javascript 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/854643498/?random=1731652294915&cv=11&fst=1731652294915&bg=ffffff&guid=ON&async=1&gtm=45be4bc0v9174747982za200zb9178168010&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromo.com%2F&hn=www.googleadservices.com&frm=0&tiba=Promo%20AI%20Video%20Maker%20by%20Promo.com%20-%20Fast%2C%20Simple%2C%20Free&npa=0&pscdl=noapi&auid=2057158053.1731652295&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dhomepage%20viewed%3Bnon_interaction%3Dtrue%3Bevent_category%3Ddefault%3Bevent_lable%3Dhomepage%20viewed&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-854643498&l=dataLayer&cx=c&gtm=45je4bc0v9178168010za200

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

6e4a214ed145a4c024392be953013d95b2b0a5aa6acc6dfded8914f8170db1a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2406
date: Fri, 15 Nov 2024 06:31:34 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 854643498
td.doubleclick.net/td/rul/ Frame 3F37 0
0 72ms
71ms Document
text/html 142.251.163.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/854643498?random=1731652294915&cv=11&fst=1731652294915&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bc0v9174747982za200zb9178168010&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromo.com%2F&hn=www.googleadservices.com&frm=0&tiba=Promo%20AI%20Video%20Maker%20by%20Promo.com%20-%20Fast%2C%20Simple%2C%20Free&npa=0&pscdl=noapi&auid=2057158053.1731652295&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dhomepage%20viewed%3Bnon_interaction%3Dtrue%3Bevent_category%3Ddefault%3Bevent_lable%3Dhomepage%20viewed

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-854643498&l=dataLayer&cx=c&gtm=45je4bc0v9178168010za200

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 1222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Nov 2024 06:31:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 550C 0
0 165ms
56ms Document
text/html 2607:f8b0:4004:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fpromo.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-854658101&l=dataLayer&cx=c&gtm=45je4bc0v9178168010za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Nov 2024 06:31:35 GMT
expires: Sat, 15 Nov 2025 06:31:35 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
2 KB 57ms
56ms Script
application/javascript 23.220.128.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/static/ct/token_create.js

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.5aecc8b1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.220.128.196 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-128-196.deploy.static.akamaitechnologies.com

Software

Resource Hash

9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: max-age=7200
content-encoding: gzip
etag: "16d5d552603d86726ae439fc61299d42"
x-cdn: akamai
content-length: 2114
date: Fri, 15 Nov 2024 06:31:34 GMT
akamai-grn: 0.19dfda17.1731652294.4ef33bc
content-type: application/javascript
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 ct.html
ct.pinterest.com/ Frame 8BA5 0
0 229ms
65ms Document
text/html 23.220.128.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.5aecc8b1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.220.128.196 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-128-196.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://promo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

akamai-grn: 0.19dfda17.1731652295.4ef360a
alt-svc: h3=":443"; ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Fri, 15 Nov 2024 06:31:35 GMT
pinterest-version: fe8dde823c9d8ad4331a9352a6a28b5f1fb1cf4b
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1226251944158110
x-pinterest-rid-128bit: d1a071d793468dc4aa2d387666c35cf1

POST
H2 200 visitor-scoring Show response
visitor-scoring-new.marketlinc.com/ 185 B
362 B 112ms
110ms XHR
application/json 3.219.104.53

General

Check archive.org

Show headers Download Go to

Full URL: https://visitor-scoring-new.marketlinc.com/visitor-scoring
Requested by: Host: lift-ai-js.marketlinc.com
URL: https://lift-ai-js.marketlinc.com/promo.com/snippet.js?viewId=66703694
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.104.53 Ashburn, United States, ASN (),
Reverse DNS: ec2-3-219-104-53.compute-1.amazonaws.com
Software: Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash: 2a46e3976ecbde85ff8192b7d8fe05d52cb79b6aaf20487f8bb1cafaaf23a24c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://promo.com/

Response headers

expires: -1
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
date: Fri, 15 Nov 2024 06:31:35 GMT
content-type: application/json
server: Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8

OPTIONS
H2 200 visitor-scoring
visitor-scoring-new.marketlinc.com/ Frame 0
0 280ms
56ms Preflight 3.219.104.53

General

Check archive.org

Show headers Download Go to

Full URL: https://visitor-scoring-new.marketlinc.com/visitor-scoring
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.104.53 Ashburn, United States, ASN (),
Reverse DNS: ec2-3-219-104-53.compute-1.amazonaws.com
Software: Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://promo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
content-encoding: gzip
content-length: 0
date: Fri, 15 Nov 2024 06:31:35 GMT
server: Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 115ms
55ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=712371922135655&ev=PageView&dl=https%3A%2F%2Fpromo.com%2F&rl=&if=false&ts=1731652294990&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=4126&fbp=fb.1.1731652294988.721016502616889176&ler=empty&cdl=API_unavailable&it=1731652294586&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=54, rtx=0, c=23, mss=1232, tbw=4600, tp=12, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 15 Nov 2024 06:31:35 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 212ms
152ms Image
image/png 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=712371922135655&ev=PageView&dl=https%3A%2F%2Fpromo.com%2F&rl=&if=false&ts=1731652294990&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=4126&fbp=fb.1.1731652294988.721016502616889176&ler=empty&cdl=API_unavailable&it=1731652294586&coo=false&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7437389976090291580"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x998a53077a7068af","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["1036078446413755"]},"debug_reporting":true,"debug_key":"2539993282598122903"}
date: Fri, 15 Nov 2024 06:31:35 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: MAH8rFvfB2EaOKIpCECPdsNkaU9Xon3ppt9LPAjjjeuAkfVdbVwuJol5jE7Z7fMtC94+nxFSI/Y/uc+WM6IRkA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7437389976090291580", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=54, rtx=0, c=24, mss=1232, tbw=6728, tp=19, tpl=0, uplat=95, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 116ms
57ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=712371922135655&ev=ViewContent&dl=https%3A%2F%2Fpromo.com%2F&rl=&if=false&ts=1731652294992&cd[pageType]=home&cd[pagePlatform]=desktop&sw=1600&sh=1200&v=2.9.177&r=stable&ec=1&o=4126&fbp=fb.1.1731652294988.721016502616889176&ler=empty&cdl=API_unavailable&it=1731652294586&coo=false&eid=ViewContent.1731652294505.hJ77ZnJfFOmI&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=54, rtx=0, c=23, mss=1232, tbw=4920, tp=14, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 15 Nov 2024 06:31:35 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
195 B 223ms
163ms Image
image/png 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=712371922135655&ev=ViewContent&dl=https%3A%2F%2Fpromo.com%2F&rl=&if=false&ts=1731652294992&cd[pageType]=home&cd[pagePlatform]=desktop&sw=1600&sh=1200&v=2.9.177&r=stable&ec=1&o=4126&fbp=fb.1.1731652294988.721016502616889176&ler=empty&cdl=API_unavailable&it=1731652294586&coo=false&eid=ViewContent.1731652294505.hJ77ZnJfFOmI&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7437389976833737316"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xd3a715b0542c2d5f","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["1686610141410322","1199096646775333"]},"debug_reporting":true,"debug_key":"1590622919335143839"}
date: Fri, 15 Nov 2024 06:31:35 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: otAuAJaOHAS2ENla5KbXNhFT/nwsGfU6xOsskRmw6FTQrNBG0+Mw87PxyhlLPyWNva+wejWkjLY+MKlBYL7VmA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7437389976833737316", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=54, rtx=0, c=24, mss=1232, tbw=9272, tp=22, tpl=0, uplat=108, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 5708154.js Show response
bat.bing.com/p/action/ 363 B
422 B 57ms
56ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5708154.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4922a8859b315c354c23ad278e35483c6cf29aebf1c509c2c928c1f41634fe43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A369412482DE41B8823C206D58E94854 Ref B: MIA301000102031 Ref C: 2024-11-15T06:31:35Z
x-cache: CONFIG_NOCACHE
date: Fri, 15 Nov 2024 06:31:35 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
763 B 154ms
81ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=650500&time=1731652295010&url=https%3A%2F%2Fpromo.com%2F
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Referer: https://promo.com/

Response headers

x-li-pop: afd-prod-ltx1-x
content-encoding: gzip
x-fs-uuid: 000626edb7ecdb041725fa8b976f3914
x-msedge-ref: Ref A: 291E79E50CE84856A1C6E6A15C542F3F Ref B: MIA301000108031 Ref C: 2024-11-15T06:31:35Z
x-li-fabric: prod-ltx1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYm7bfs2wQXJfqLl285FA==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Fri, 15 Nov 2024 06:31:34 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=650500&time=1731652295010&li_adsId=600bbd35-4474-497f-9518-48fe172dd9a9&url=https%3A%2F%2Fpromo.com%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=650500&time=1731652295010&li_adsId=600bbd35-4474-497f-9518-48fe172dd9a9&url=https%3A%2F%2Fpromo.com%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D650500%26time%3D1731652295010%26li_adsId%3D600bbd35-4474-497f-9518-48fe172dd9a9%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=650500&time=1731652295010&li_adsId=600bbd35-4474-497f-9518-48fe172dd9a9&url=https%3A%2F%2Fpromo.com%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=650500&time=1731652295010&li_adsId=600bbd35-4474-497f-9518-48fe172dd9a9&url=https%3A%2F%2Fpromo.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQKlfA...

0
486 B

312ms
129ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=650500&time=1731652295010&li_adsId=600bbd35-4474-497f-9518-48fe172dd9a9&url=https%3A%2F%2Fpromo.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQKlfAIvpxi8VQAAAZMuhRr4CWiPhOs5NhXQf8wgR_VTRjewRaCkhp1V8G4jd7Ex7E1vHA
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 9454F9A3822547B889965C991A02866E Ref B: MIAEDGE2906 Ref C: 2024-11-15T06:31:35Z
x-li-fabric: prod-lva1
x-li-uuid: AAYm7bf3glycwlnPdhB6Iw==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Fri, 15 Nov 2024 06:31:35 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=650500&time=1731652295010&li_adsId=600bbd35-4474-497f-9518-48fe172dd9a9&url=https%3A%2F%2Fpromo.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQKlfAIvpxi8VQAAAZMuhRr4CWiPhOs5NhXQf8wgR_VTRjewRaCkhp1V8G4jd7Ex7E1vHA
x-msedge-ref: Ref A: FEFC6F484FC643CB950E0B83AA848B10 Ref B: MIAEDGE2513 Ref C: 2024-11-15T06:31:35Z
x-li-fabric: prod-lva1
x-li-uuid: AAYm7bfxPsPPV41HyvXC1g==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Fri, 15 Nov 2024 06:31:35 GMT

GET
H2 200 frame-modern.83414ee1.js Show response
js.intercomcdn.com/ Frame B86E 471 KB
142 KB 369ms
204ms Script
application/javascript 18.154.227.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.83414ee1.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/van22wlo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.154.227.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-154-227-129.iad55.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

74071d3b27c8bdf5a7c28226840b38486d7b1fab69c7e23b5d0f47ea5c89d5c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "e036ae356352299d17dad2babfb17329"
x-amz-version-id: Rg0_Tdjt4Z3rSiQ65_5CADzmNz88S._j
age: 681
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: NN1eevzQ5eAkOqTSOiZsteI4PMBgiq_MkrZumwpb7pGu0GpGi-phmw==
date: Fri, 15 Nov 2024 06:20:15 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 14 Nov 2024 10:17:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy: cross-origin
via: 1.1 49f322be3af49b998559c8c7dffadf10.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 144931
x-amz-cf-pop: IAD55-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 vendor-modern.5c288613.js Show response
js.intercomcdn.com/ Frame B86E 456 KB
145 KB 231ms
66ms Script
application/javascript 18.154.227.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.5c288613.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/van22wlo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.154.227.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-154-227-129.iad55.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ad0e16e3e83936688a11f292ef26cd62ff0b2125053c37e9cc8ac41b24f44342

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-amz-version-id: TdJ78taByRGLSCfMKUtmlYofH9QGb_Mi
etag: "cfcbe890471af67f5140f9f36766a673"
age: 2702
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 3X8dcD4P59FzZiJXg1_p_3vVQUwGu_zEmFZdu_MCcwtKgpN4JZWVMw==
date: Fri, 15 Nov 2024 05:46:34 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
last-modified: Thu, 14 Nov 2024 10:17:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy: cross-origin
via: 1.1 49f322be3af49b998559c8c7dffadf10.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 147369
x-amz-cf-pop: IAD55-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 adsct
t.co/i/ 43 B
626 B 162ms
62ms Image
image/gif 172.66.0.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&dv=Pacific%2FHonolulu%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2616%2624%261600%261200%260%26na&eci=2&event_id=866b0911-5046-48f2-8bd9-0ae83e934258&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9a6e2b11-bb79-435b-bbf2-2f0943a94499&tw_document_href=https%3A%2F%2Fpromo.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o50rq&type=javascript&version=2.3.31

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

strict-transport-security: max-age=0
x-transaction-id: c9781faedec8491a
cache-control: no-cache, no-store, max-age=0
x-connection-hash: b406bbf9b8a7c55925ca71395ffa92c16a60d033f0f6622caf1e86fb019d02cb
cf-cache-status: DYNAMIC
cf-ray: 8e2d32fca9bda540-MIA
x-response-time: 6
content-length: 43
date: Fri, 15 Nov 2024 06:31:35 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_b

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 254ms
112ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&dv=Pacific%2FHonolulu%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2616%2624%261600%261200%260%26na&eci=2&event_id=866b0911-5046-48f2-8bd9-0ae83e934258&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9a6e2b11-bb79-435b-bbf2-2f0943a94499&tw_document_href=https%3A%2F%2Fpromo.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o50rq&type=javascript&version=2.3.31

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

strict-transport-security: max-age=631138519
x-transaction-id: 080a8530a963b0d2
cache-control: no-cache, no-store, max-age=0
x-connection-hash: c3749b1237fc6f468f1befbba5a4280cf917fb0c420f6ddce29f329efb8792db
x-response-time: 68
content-length: 43
date: Fri, 15 Nov 2024 06:31:34 GMT
perf: 7402827104
content-type: image/gif;charset=utf-8
server: tsa_b

GET
H3 200 / Show response
ct.pinterest.com/v3/ 35 B
65 B 62ms
62ms Fetch
image/gif 23.220.128.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/v3/?event=PageVisit&tid=2613017108570&cb=1731652295035&dep=5%2CEVENT_TAGS_ABSENT&ad=%7B%22loc%22%3A%22https%3A%2F%2Fpromo.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%225aecc8b1%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.5aecc8b1.js

Protocol

Security

QUIC, , AES_256_GCM

Server

23.220.128.196 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-128-196.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

x-pinterest-rid-128bit: 52f5649912e6a5e3a925fbb480963da9
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=600
date: Fri, 15 Nov 2024 06:31:35 GMT
content-type: image/gif
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-cdn: akamai
access-control-allow-credentials: true
referrer-policy: origin
quic-version: 0x00000001
pinterest-version: fe8dde823c9d8ad4331a9352a6a28b5f1fb1cf4b
access-control-allow-origin: https://promo.com
content-length: 35
akamai-grn: 0.08dfda17.1731652295.4246ff9
x-pinterest-rid: 1218842471921813

POST
H2 200 zFP2NX1OXE Show response
api.userway.org/api/tunings/ 2 KB
2 KB 385ms
115ms XHR
application/json 2600:1f14:5db:eb00:c1d:4dc4:9e05:ecb4

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/zFP2NX1OXE
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-14-17-36-24/widget_app_base_1731605784396.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:c1d:4dc4:9e05:ecb4 Boardman, United States, ASN (),
Reverse DNS
Software: /
Resource Hash: 6236f0de4c0336d2efe7f1a90f752548541eddb6f5e340fa375cf71a57394b19

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://promo.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
x-service-request-id: usr7a0fe3e906324f7
etag: W/"7c5-205Pn/Ve8wX3IpKQ+el8FwxxMbw"
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
content-length: 1989
date: Fri, 15 Nov 2024 06:31:35 GMT
content-type: application/json; charset=utf-8
x-service-version: uw-pr
access-control-allow-headers: *

GET
H2 200 / Show response
c.6sc.co/ 7 B
188 B 145ms
56ms XHR
text/html 23.73.207.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.73.207.15 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-73-207-15.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-origin: https://promo.com
content-length: 7
date: Fri, 15 Nov 2024 06:31:35 GMT
content-type: text/html
access-control-allow-headers: *

GET
H2 200 / Show response
ipv6.6sc.co/ 18 B
302 B 289ms
73ms XHR
text/html 2600:1408:c400:1d::17d4:fa58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:1d::17d4:fa58 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fcf9a126ebf0e817036c5c3007142edffdb749ca3d3575d693857e5474299e65

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

cache-control: max-age=0, no-cache, no-store
pragma: no-cache
6si-ipv6: 2001:550:1d05:1::5
expires: Fri, 15 Nov 2024 06:31:35 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1731652295278_400321093_111854571_30_972_54_74_219";dur=1
access-control-allow-origin: https://promo.com
content-length: 18
date: Fri, 15 Nov 2024 06:31:35 GMT
content-type: text/html
vary: Origin

GET
H3 200 external Show response
promo.com/services/auth/v1/ 728 B
584 B 94ms
94ms Fetch
application/json 172.64.149.202

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.com/services/auth/v1/external?redirect_url=undefined&state=undefined&csrfToken=4bul8l9oqehsv58s9ba5gn8li5

Requested by

Host: ak04-promo-cdn.slidely.com
URL: https://ak04-promo-cdn.slidely.com/1731579940/dist/seo/promo-common-seo-chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.149.202 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

b324ba64e25efc1a07bd001ad486d37361a0d193e9e9e159599054341b9991c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
cf-ray: 8e2d32fc6cffe9f1-MIA
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 15 Nov 2024 06:31:35 GMT
x-xss-protection: 1; mode=block
content-type: application/json; charset=utf-8
server: cloudflare
priority: u=1,i

GET
H3 200 status
www.facebook.com/x/oauth/ 0
0 77ms
77ms Fetch
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=255083304564274&input_token&origin=1&redirect_uri=https%3A%2F%2Fpromo.com%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=fac72a1b3f1ea01e3a22e739c8a3973e

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

access-control-expose-headers: fb-s
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7437389976038066876"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 15 Nov 2024 06:31:35 GMT
content-type: text/plain; charset=UTF-8
x-fb-debug: 7o7qjm4lHnwVu1rQut0+uhDvb3O26WdgqUHoMtx3E6uD5EdTS18G29wISj2Tk9oSOIRa9wvAC5UszLR0c01eLQ==
priority: u=1,i
strict-transport-security: max-age=15552000; preload
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7437389976038066876", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
cache-control: private, no-cache, no-store, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=54, rtx=0, c=24, mss=1232, tbw=5128, tp=17, tpl=0, uplat=21, ullat=0
pragma: no-cache
fb-s: unknown
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: https://promo.com
content-length: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.google.com/pagead/1p-user-list/854658101/ 42 B
64 B 70ms
67ms Image
image/gif 172.253.115.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/854658101/?random=1731652294785&cv=11&fst=1731650400000&bg=ffffff&guid=ON&async=1&gtm=45be4bc0v9174843462za200zb9178168010&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromo.com%2F&hn=www.googleadservices.com&frm=0&tiba=Promo%20AI%20Video%20Maker%20by%20Promo.com%20-%20Fast%2C%20Simple%2C%20Free&npa=0&pscdl=noapi&auid=2057158053.1731652295&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dNW3aSVG7KoMNGMXw5ZhudI6mkVSUOQ4P8vkwKTusiSWKtG3T&random=1976399682&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f103.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 15 Nov 2024 06:31:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/854643498/ 42 B
64 B 73ms
70ms Image
image/gif 172.253.115.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/854643498/?random=1731652294867&cv=11&fst=1731650400000&bg=ffffff&guid=ON&async=1&gtm=45be4bc0v9174747982za200zb9178168010&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromo.com%2F&hn=www.googleadservices.com&frm=0&tiba=Promo%20AI%20Video%20Maker%20by%20Promo.com%20-%20Fast%2C%20Simple%2C%20Free&npa=0&pscdl=noapi&auid=2057158053.1731652295&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7d5viXB2dKWI2eD68cp1PnNFMHAAUmugyaO0DNvQRBdZ2-O5i0&random=3863645657&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f103.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 15 Nov 2024 06:31:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/854658101/ 42 B
64 B 75ms
73ms Image
image/gif 172.253.115.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/854658101/?random=1731652294838&cv=11&fst=1731650400000&bg=ffffff&guid=ON&async=1&gtm=45be4bc0v9174843462za200zb9178168010&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromo.com%2F&hn=www.googleadservices.com&frm=0&tiba=Promo%20AI%20Video%20Maker%20by%20Promo.com%20-%20Fast%2C%20Simple%2C%20Free&npa=0&pscdl=noapi&auid=2057158053.1731652295&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dhomepage%20viewed%3Bnon_interaction%3Dtrue%3Bevent_category%3Ddefault%3Bevent_lable%3Dhomepage%20viewed&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dP5sdx8FZsK_C7o3lP7uFjFSbYHM-GpT74pyCzs6rmfkbcDBV&random=2325531242&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f103.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 15 Nov 2024 06:31:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/854643498/ 42 B
64 B 71ms
70ms Image
image/gif 172.253.115.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/854643498/?random=1731652294915&cv=11&fst=1731650400000&bg=ffffff&guid=ON&async=1&gtm=45be4bc0v9174747982za200zb9178168010&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromo.com%2F&hn=www.googleadservices.com&frm=0&tiba=Promo%20AI%20Video%20Maker%20by%20Promo.com%20-%20Fast%2C%20Simple%2C%20Free&npa=0&pscdl=noapi&auid=2057158053.1731652295&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dhomepage%20viewed%3Bnon_interaction%3Dtrue%3Bevent_category%3Ddefault%3Bevent_lable%3Dhomepage%20viewed&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dwyrAkuEk7f5K5TA09biqccmKcMUlQEeVIfKtaGFooLYW64SB&random=2575340051&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f103.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 15 Nov 2024 06:31:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 204 0
bat.bing.com/action/ 0
361 B 57ms
57ms Image
text/plain 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5708154&Ver=2&mid=dd63c431-cbe2-4f7c-8e40-e3af68fbe87c&bo=1&sid=42c36ca0a31b11efa680654d3016307f&vid=42c36940a31b11efb5b7619010e3ea6a&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=Promo%20AI%20Video%20Maker%20by%20Promo.com%20-%20Fast,%20Simple,%20Free&p=https%3A%2F%2Fpromo.com%2F&r=&lt=1012&evt=pageLoad&sv=1&cdb=AQAQ&rn=866824

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3D792383FF6F4A5D96566F97EB8C2901 Ref B: MIA301000102031 Ref C: 2024-11-15T06:31:35Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Fri, 15 Nov 2024 06:31:35 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 226 KB
86 KB 188ms
74ms Script
application/javascript 2607:f8b0:4004:c17::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: ak04-promo-cdn.slidely.com
URL: https://ak04-promo-cdn.slidely.com/1731579940/dist/seo/promoIndex.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::54 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4bae9a80b23a0992dff0acedbdfa76541ee19564893a2a60d6c1b1e2147599b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-8fwUsV5vn-Pk4gXdx_JhOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-8fwUsV5vn-Pk4gXdx_JhOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cache-control: private, max-age=1800
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
x-content-type-options: nosniff
expires: Fri, 15 Nov 2024 06:31:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date: Fri, 15 Nov 2024 06:31:35 GMT
x-xss-protection: 0
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 details Show response
eps.6sc.co/v3/company/ 752 B
654 B 168ms
82ms XHR
application/json 99.83.231.3

General

Check archive.org

Show headers Download Go to

Full URL: https://eps.6sc.co/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.231.3 , United States, ASN (),
Reverse DNS: afe865822f884bb48.awsglobalaccelerator.com
Software: /
Resource Hash: 55096bdb72819db90b109af46d94fce8e71551e9c7a8464a6dcf930f60bb7f39

Request headers

Authorization: Token c12adc307bb7aca31aeb5017c9d7c843c454c983
X-6s-CustomID: LegacyWebTag
Referer: https://promo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-expose-headers: X-6si-Region
timing-allow-origin: https://6sense.com
content-encoding: gzip
x-6si-region
access-control-allow-credentials: true
access-control-allow-origin: https://promo.com
content-length: 400
date: Fri, 15 Nov 2024 06:31:35 GMT
content-type: application/json
vary: Origin, Accept-Encoding

OPTIONS
H2 200 details
eps.6sc.co/v3/company/ Frame 0
0 178ms
57ms Preflight 99.83.231.3

General

Check archive.org

Show headers Download Go to

Full URL: https://eps.6sc.co/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.231.3 , United States, ASN (),
Reverse DNS: afe865822f884bb48.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-6s-customid
Access-Control-Request-Method: GET
Origin: https://promo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-6s-customid
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://promo.com
access-control-expose-headers: X-6si-Region
access-control-max-age: 1800
content-length: 0
date: Fri, 15 Nov 2024 06:31:35 GMT
timing-allow-origin: https://6sense.com
x-6si-region

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2024-11-14-17-36-24/locales/ 607 B
946 B 62ms
61ms XHR
application/json 2a02:6ea0:c400::54
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-11-14-17-36-24/locales/en-US.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-14-17-36-24/widget_app_base_1731605784396.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"971644f50e2020e1ff22e37edcad46f6"
age: 304
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: nBXzPjRmgkKZJYeehdRwBJdwN5CDaiOJ2TgnzLoLDAzOppdfFVlDdQ==
date: Fri, 15 Nov 2024 06:31:35 GMT
content-type: application/json
last-modified: Thu, 14 Nov 2024 17:39:06 GMT
x-77-nzt-ray: f03d061381d9ac87c7ea3667f018a81b
vary: Accept-Encoding
x-77-nzt: EgwBT3/O6QH3VLMAAAwBnJI74gG3DQAAAA
cache-control: max-age=25920000, public
via: 1.1 8d7b6b58f3b6f5fc348dc0fff9c2856c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 45908
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

POST
H2 200 launcher_settings Show response
api-iam.intercom.io/messenger/web/ Frame B86E 240 B
892 B 234ms
89ms XHR
application/json 44.209.155.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/launcher_settings

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.83414ee1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.209.155.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-209-155-11.compute-1.amazonaws.com

Software

nginx /

Resource Hash

993fa0a7ee51369e157a3c05bfffa93eef911e5c21ed970ab33300561ea0df56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer

Response headers

x-request-id: 001rp3avealsdrnj3kl0
access-control-expose-headers: x-request-id
content-encoding: gzip
etag: W/"993fa0a7ee51369e157a3c05bfffa93e"
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
status: 200 OK
date: Fri, 15 Nov 2024 06:31:35 GMT
content-type: application/json; charset=utf-8
vary: Accept,Accept-Encoding
x-runtime: 0.028104
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-request-queueing: 0
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://promo.com
x-xss-protection: 1; mode=block
x-intercom-version: b52d8b74570e97657966bba2b795c11abf5bd33c
x-ami-version: ami-0d82ec08b45e6923b
server: nginx

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame B86E 5 KB
3 KB 459ms
316ms XHR
application/json 44.209.155.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.83414ee1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.209.155.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-209-155-11.compute-1.amazonaws.com

Software

nginx /

Resource Hash

51a9a804438165265a0045e1aceaeed7fd9551f7bf0870cfa289de5c6e955adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer

Response headers

x-request-id: 001qrkf380aglp3ugk90
access-control-expose-headers: x-request-id
content-encoding: gzip
etag: W/"51a9a804438165265a0045e1aceaeed7"
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
status: 200 OK
date: Fri, 15 Nov 2024 06:31:36 GMT
content-type: application/json; charset=utf-8
vary: Accept,Accept-Encoding
x-runtime: 0.240670
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-request-queueing: 0
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://promo.com
x-xss-protection: 1; mode=block
x-intercom-version: b52d8b74570e97657966bba2b795c11abf5bd33c
x-ami-version: ami-0d82ec08b45e6923b
server: nginx

OPTIONS
H2 200 tracking-event
visitor-scoring-new.marketlinc.com/ Frame 0
0 56ms
56ms Preflight 3.219.104.53

General

Check archive.org

Show headers Download Go to

Full URL: https://visitor-scoring-new.marketlinc.com/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.104.53 Ashburn, United States, ASN (),
Reverse DNS: ec2-3-219-104-53.compute-1.amazonaws.com
Software: Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://promo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
content-encoding: gzip
content-length: 0
date: Fri, 15 Nov 2024 06:31:35 GMT
server: Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8

POST
H2 200 tracking-event Show response
visitor-scoring-new.marketlinc.com/ 0
186 B 72ms
71ms XHR
text/plain 3.219.104.53

General

Check archive.org

Show headers Download Go to

Full URL: https://visitor-scoring-new.marketlinc.com/tracking-event
Requested by: Host: lift-ai-js.marketlinc.com
URL: https://lift-ai-js.marketlinc.com/promo.com/snippet.js?viewId=66703694
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.104.53 Ashburn, United States, ASN (),
Reverse DNS: ec2-3-219-104-53.compute-1.amazonaws.com
Software: Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://promo.com/

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
expires: -1
access-control-allow-origin: *
content-length: 0
date: Fri, 15 Nov 2024 06:31:35 GMT
content-type: text/plain; charset=UTF-8
server: Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8

GET
H2 200 style
accounts.google.com/gsi/ 533 B
586 B 78ms
77ms Stylesheet
text/css 2607:f8b0:4004:c17::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::54 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UWRvrHR6bvyFhTanjad9Xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

content-security-policy: script-src 'report-sample' 'nonce-UWRvrHR6bvyFhTanjad9Xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cache-control: private, max-age=86400
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
x-content-type-options: nosniff
expires: Fri, 15 Nov 2024 06:31:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date: Fri, 15 Nov 2024 06:31:35 GMT
x-xss-protection: 0
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
x-frame-options: SAMEORIGIN

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
190 B 80ms
78ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://promo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: B0E6D6BE25904A89AEBB7D9FF194A6B7 Ref B: MIAEDGE2513 Ref C: 2024-11-15T06:31:35Z
x-li-fabric: prod-lva1
access-control-allow-credentials: true
x-li-uuid: AAYm7bf5gMp+kU3UrtdusA==
x-li-proto: http/2
access-control-allow-origin: https://promo.com
x-cache: CONFIG_NOCACHE
date: Fri, 15 Nov 2024 06:31:35 GMT
vary: Origin

GET
H2 200 remediation_1731605784396.js Show response
cdn.userway.org/widgetapp/2024-11-14-17-36-24/remediation/ 79 KB
23 KB 127ms
126ms Script
application/javascript 2a02:6ea0:c400::54
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-11-14-17-36-24/remediation/remediation_1731605784396.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-14-17-36-24/widget_app_base_1731605784396.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: cb872e528d79cd0d23622cbb65d62a0f317ab65b1b73effcfa8736f962e7ef1c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://promo.com
Referer: https://promo.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"65e0a02bc678829a60883efe71a66a27"
age: 300
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: 8Yx3wxd-4-UuFUNuI1f3eF0TGV5oCwKXrDCWVkrdj4hL7eXH-M0oJA==
date: Fri, 15 Nov 2024 06:31:35 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 17:39:07 GMT
vary: Accept-Encoding
x-77-nzt-ray: f03d061381d9ac87c7ea3667a72ab539
x-77-nzt: EgwBT3/O6QH3VLMAAAwBnJI76AG3DQAAAA
cache-control: max-age=25920000, public
via: 1.1 a4c7006ff62b5b4c16c58f54fdfeb656.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 45908
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 AoKQIKJwP8L4NZIZ.json Show response
cdn.userway.org/remediations/consolidated/3524903/ 2 MB
263 KB 79ms
79ms XHR
application/json 2a02:6ea0:c400::54
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/3524903/AoKQIKJwP8L4NZIZ.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-14-17-36-24/widget_app_base_1731605784396.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 0ac62d1b91dc31021b37ca0386619f9230275c08d09d6d5e22ccc19703e611bb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"f9e80a2c0f772e179c4cc20b52fa0285"
age: 23
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: aD-XvLKs59jBYJHdHvCYKJ_zCF_RcbZx-0hnTCGoTG8y8suU3GhsKQ==
date: Fri, 15 Nov 2024 06:31:35 GMT
content-type: application/json
last-modified: Tue, 29 Oct 2024 17:01:20 GMT
vary: Accept-Encoding
x-77-nzt-ray: f03d061381d9ac87c7ea36674a5caa39
x-77-nzt: EgwBT3/O6QH3AKQAAAwBnJI73wG30w4AAA
cache-control: public, max-age=31536000
via: 1.1 024ebcc63921610877d4ba277290628c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 41984
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 widget_base.css
cdn.userway.org/styles/2024-11-14-17-36-24/ 30 KB
5 KB 69ms
68ms Stylesheet
text/css 2a02:6ea0:c400::54
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/styles/2024-11-14-17-36-24/widget_base.css?v=1731605784396
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-14-17-36-24/widget_app_base_1731605784396.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 88774a690c8481144dbb8919e693669b2fe915d3898d78beed8a0c38673de186

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"f2af0550fd876a33ddea966e61b5093b"
age: 303
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: y3fpCSThER4s57mBINwv3bTUaxJ0Esq-Wef_Sd33LpiIOXExtPwxSw==
date: Fri, 15 Nov 2024 06:31:35 GMT
content-type: text/css
last-modified: Thu, 14 Nov 2024 17:38:26 GMT
vary: Accept-Encoding
x-77-nzt-ray: f03d06134ffbd17bc7ea36677d52bb39
x-77-nzt: EgwBT3/O6QH3VLMAAAwBuTvfFAG3DQAAAA
cache-control: max-age=864000, public
via: 1.1 021c711549f5f4a7c98f2f921f46beba.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 45908
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 widget_base.css
cdn.userway.org/styles/2024-11-14-17-36-24/ Frame 3BAB 30 KB
0 69ms
69ms Stylesheet
text/css 2a02:6ea0:c400::54
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/styles/2024-11-14-17-36-24/widget_base.css?v=1731605784396
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-14-17-36-24/widget_app_base_1731605784396.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 88774a690c8481144dbb8919e693669b2fe915d3898d78beed8a0c38673de186

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"f2af0550fd876a33ddea966e61b5093b"
age: 303
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: y3fpCSThER4s57mBINwv3bTUaxJ0Esq-Wef_Sd33LpiIOXExtPwxSw==
date: Fri, 15 Nov 2024 06:31:35 GMT
content-type: text/css
last-modified: Thu, 14 Nov 2024 17:38:26 GMT
vary: Accept-Encoding
x-77-nzt-ray: f03d06134ffbd17bc7ea36677d52bb39
x-77-nzt: EgwBT3/O6QH3VLMAAAwBuTvfFAG3DQAAAA
cache-control: max-age=864000, public
via: 1.1 021c711549f5f4a7c98f2f921f46beba.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 45908
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 widget_base.css
cdn.userway.org/styles/2024-11-14-17-36-24/ Frame 812B 30 KB
0 69ms
69ms Stylesheet
text/css 2a02:6ea0:c400::54
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/styles/2024-11-14-17-36-24/widget_base.css?v=1731605784396
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-14-17-36-24/widget_app_base_1731605784396.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 88774a690c8481144dbb8919e693669b2fe915d3898d78beed8a0c38673de186

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"f2af0550fd876a33ddea966e61b5093b"
age: 303
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: y3fpCSThER4s57mBINwv3bTUaxJ0Esq-Wef_Sd33LpiIOXExtPwxSw==
date: Fri, 15 Nov 2024 06:31:35 GMT
content-type: text/css
last-modified: Thu, 14 Nov 2024 17:38:26 GMT
vary: Accept-Encoding
x-77-nzt-ray: f03d06134ffbd17bc7ea36677d52bb39
x-77-nzt: EgwBT3/O6QH3VLMAAAwBuTvfFAG3DQAAAA
cache-control: max-age=864000, public
via: 1.1 021c711549f5f4a7c98f2f921f46beba.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 45908
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 widget_base.css
cdn.userway.org/styles/2024-11-14-17-36-24/ Frame B86E 30 KB
0 70ms
70ms Stylesheet
text/css 2a02:6ea0:c400::54
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/styles/2024-11-14-17-36-24/widget_base.css?v=1731605784396
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-14-17-36-24/widget_app_base_1731605784396.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 88774a690c8481144dbb8919e693669b2fe915d3898d78beed8a0c38673de186

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"f2af0550fd876a33ddea966e61b5093b"
age: 303
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: y3fpCSThER4s57mBINwv3bTUaxJ0Esq-Wef_Sd33LpiIOXExtPwxSw==
date: Fri, 15 Nov 2024 06:31:35 GMT
content-type: text/css
last-modified: Thu, 14 Nov 2024 17:38:26 GMT
vary: Accept-Encoding
x-77-nzt-ray: f03d06134ffbd17bc7ea36677d52bb39
x-77-nzt: EgwBT3/O6QH3VLMAAAwBuTvfFAG3DQAAAA
cache-control: max-age=864000, public
via: 1.1 021c711549f5f4a7c98f2f921f46beba.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 45908
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 widget_base.css
cdn.userway.org/styles/2024-11-14-17-36-24/ Frame 2BC9 30 KB
0 71ms
71ms Stylesheet
text/css 2a02:6ea0:c400::54
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/styles/2024-11-14-17-36-24/widget_base.css?v=1731605784396
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-14-17-36-24/widget_app_base_1731605784396.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 88774a690c8481144dbb8919e693669b2fe915d3898d78beed8a0c38673de186

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"f2af0550fd876a33ddea966e61b5093b"
age: 303
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: y3fpCSThER4s57mBINwv3bTUaxJ0Esq-Wef_Sd33LpiIOXExtPwxSw==
date: Fri, 15 Nov 2024 06:31:35 GMT
content-type: text/css
last-modified: Thu, 14 Nov 2024 17:38:26 GMT
vary: Accept-Encoding
x-77-nzt-ray: f03d06134ffbd17bc7ea36677d52bb39
x-77-nzt: EgwBT3/O6QH3VLMAAAwBuTvfFAG3DQAAAA
cache-control: max-age=864000, public
via: 1.1 021c711549f5f4a7c98f2f921f46beba.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 45908
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 4 KB
3 KB 69ms
68ms Image
image/svg+xml 2a02:6ea0:c400::54
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"1d8b1582fe82bd329041cc1982ad42e4"
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: GkOdkJM5cq5uLDGheSbxYYkqdOHWdY3b6NO-5xFV7u4VqEbndtmd2Q==
date: Fri, 15 Nov 2024 06:31:36 GMT
content-type: image/svg+xml
x-77-nzt-ray: f03d06134ffbd17bc8ea36671d5d7803
vary: Accept-Encoding
last-modified: Thu, 14 Nov 2024 17:39:08 GMT
x-77-nzt: EgwBT3/O6QH3VrMAAAwBnJI73wG3DQAAAA
cache-control: max-age=25920000, public
via: 1.1 bef00830ac8715b50c3242c5f64020a4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 45910
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 69ms
68ms Image
image/svg+xml 2a02:6ea0:c400::54
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: wKdjNHoI4xHPQY0W7TG2df-nsXl2s_pdmnyut41OvrhsTWljXcXQnA==
date: Fri, 15 Nov 2024 06:31:36 GMT
content-type: image/svg+xml
x-77-nzt-ray: f03d06134ffbd17bc8ea366720417d03
vary: Accept-Encoding
last-modified: Thu, 14 Nov 2024 17:39:09 GMT
x-77-nzt: EgwBT3/O6QH3VrMAAAwBuTvfFAG3DQAAAA
cache-control: max-age=25920000, public
via: 1.1 2ea9039b9f2f8786d91875568c2764d6.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 45910
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame B86E 5 KB
3 KB 269ms
267ms XHR
application/json 44.209.155.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.83414ee1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.209.155.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-209-155-11.compute-1.amazonaws.com

Software

nginx /

Resource Hash

30f1dc0750fb40a4ad3667a6ea8b9c50817a4a954abe78683a9a03018a370274

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer

Response headers

x-request-id: 001rp3disdvstuh3ubk0
access-control-expose-headers: x-request-id
content-encoding: gzip
etag: W/"30f1dc0750fb40a4ad3667a6ea8b9c50"
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
status: 200 OK
date: Fri, 15 Nov 2024 06:31:36 GMT
content-type: application/json; charset=utf-8
vary: Accept,Accept-Encoding
x-runtime: 0.207440
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-request-queueing: 0
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://promo.com
x-xss-protection: 1; mode=block
x-intercom-version: b52d8b74570e97657966bba2b795c11abf5bd33c
x-ami-version: ami-0d82ec08b45e6923b
server: nginx

POST
H2 200 events Show response
api-iam.intercom.io/messenger/web/ Frame B86E 4 B
728 B 208ms
207ms XHR
application/json 44.209.155.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/events

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.83414ee1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.209.155.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-209-155-11.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e10808d43975dc400731053386849f864f297e6c4f7519c380f3dbaf7067a840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer

Response headers

x-request-id: 001rrjg0hfos247vq9jg
access-control-expose-headers: x-request-id
content-encoding: gzip
etag: W/"e10808d43975dc400731053386849f86"
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
status: 200 OK
date: Fri, 15 Nov 2024 06:31:36 GMT
content-type: application/json; charset=utf-8
vary: Accept,Accept-Encoding
x-runtime: 0.123043
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-request-queueing: 0
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://promo.com
x-xss-protection: 1; mode=block
x-intercom-version: b52d8b74570e97657966bba2b795c11abf5bd33c
x-ami-version: ami-0d82ec08b45e6923b
server: nginx

GET
H2 200 remediation-tool.js Show response
cdn.userway.org/remediation/2024-11-14-17-36-24/paid/ 72 KB
26 KB 64ms
64ms Script
application/javascript 2a02:6ea0:c400::54
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediation/2024-11-14-17-36-24/paid/remediation-tool.js?ts=1731605784396
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-14-17-36-24/widget_app_base_1731605784396.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 122b304c7702c1ddbd8537c129070ba90e5e4a9328774403da2b1d7de8afed9f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://promo.com
Referer: https://promo.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"20fbcd3262f52a4f35d8cb55d5f7a4b8"
age: 301
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: BlRJ0W5TFztOr6_AtOK6DLEPRsGOMvmfNO5tpaljoJ7ahHSITwNhUg==
date: Fri, 15 Nov 2024 06:31:36 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 17:39:18 GMT
vary: Accept-Encoding
x-77-nzt-ray: f03d061381d9ac87c8ea3667a26ec90d
x-77-nzt: EgwBT3/O6QH3VbMAAAwBnJI74gG3DAAAAA
cache-control: max-age=25920000, public
via: 1.1 441f91af2fc013470161b54d14d10a44.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 45909
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 AoKQIKJwP8L4NZIZ.json Show response
cdn.userway.org/remediations/consolidated/3524903/ 2 MB
0 0ms
0ms Fetch
application/json 2a02:6ea0:c400::54
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/3524903/AoKQIKJwP8L4NZIZ.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-11-14-17-36-24/paid/remediation-tool.js?ts=1731605784396
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 0ac62d1b91dc31021b37ca0386619f9230275c08d09d6d5e22ccc19703e611bb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"f9e80a2c0f772e179c4cc20b52fa0285"
age: 23
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: aD-XvLKs59jBYJHdHvCYKJ_zCF_RcbZx-0hnTCGoTG8y8suU3GhsKQ==
date: Fri, 15 Nov 2024 06:31:35 GMT
content-type: application/json
last-modified: Tue, 29 Oct 2024 17:01:20 GMT
vary: Accept-Encoding
x-77-nzt-ray: f03d061381d9ac87c7ea36674a5caa39
x-77-nzt: EgwBT3/O6QH3AKQAAAwBnJI73wG30w4AAA
cache-control: public, max-age=31536000
via: 1.1 024ebcc63921610877d4ba277290628c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 41984
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 3524903 Show response
api.userway.org/api/br-links/v0/contribute/ 51 B
429 B 115ms
114ms Fetch
application/json 2600:1f14:5db:eb00:c1d:4dc4:9e05:ecb4

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/contribute/3524903
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-11-14-17-36-24/paid/remediation-tool.js?ts=1731605784396
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:c1d:4dc4:9e05:ecb4 Boardman, United States, ASN (),
Reverse DNS
Software: /
Resource Hash: a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
etag: W/"33-H+KjAZZBE0PpJIInQTjCoPBRoaQ"
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
content-length: 51
date: Fri, 15 Nov 2024 06:31:36 GMT
content-type: application/json; charset=utf-8
x-service-version: apps-5b4b97f5
vary: Accept-Encoding
access-control-allow-headers: *

GET
H2 200 3524903 Show response
api.userway.org/api/br-links/v0/links/ 300 B
668 B 115ms
115ms Fetch
application/json 2600:1f14:5db:eb00:c1d:4dc4:9e05:ecb4

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/links/3524903
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-11-14-17-36-24/paid/remediation-tool.js?ts=1731605784396
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:c1d:4dc4:9e05:ecb4 Boardman, United States, ASN (),
Reverse DNS
Software: /
Resource Hash: 12a92bedef8080db0fec90a0a244ddfed91436d020b0b766814695f5d7ed7308

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=300, public
etag: W/"12c-RG57+ItojGgomu3UqUDjLiZyIBM"
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
content-length: 300
date: Fri, 15 Nov 2024 06:31:36 GMT
content-type: application/json; charset=utf-8
x-service-version: apps-5b4b97f5
vary: Accept-Encoding
access-control-allow-headers: *

GET
H2 200 nav_menu_helper_1731605784396.js Show response
cdn.userway.org/widgetapp/2024-11-14-17-36-24/remediation/ 23 KB
7 KB 63ms
63ms Script
application/javascript 2a02:6ea0:c400::54
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-11-14-17-36-24/remediation/nav_menu_helper_1731605784396.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-14-17-36-24/widget_app_base_1731605784396.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 48eef7fe61a3e2c7c88ac1c6a263bd851b6a05363607e52fd2be4e4472d42255

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://promo.com
Referer: https://promo.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"d5babf1f477d0f7bf4044b0693b956d9"
age: 250
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: aHSAo8a2fTMOL6se2hexJt7hJnQw-XgTYrYYX0vL1PUoXDWLGuwwfA==
date: Fri, 15 Nov 2024 06:31:37 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 17:39:07 GMT
vary: Accept-Encoding
x-77-nzt-ray: f03d061381d9ac87c9ea366754d1da0d
x-77-nzt: EgwBT3/O6QH3VbMAAAwBnJI74gG3PwAAAA
cache-control: max-age=25920000, public
via: 1.1 eb7da8ca0dd07aa429ce47312003e292.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 45909
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 alts.json Show response
cdn77.api.userway.org/api/img-dscr/v2/zFP2NX1OXE/3524903/2tzlrKg5OEPMF2z2/ 2 KB
854 B 63ms
63ms Fetch
application/json 2a02:6ea0:c400::54
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/zFP2NX1OXE/3524903/2tzlrKg5OEPMF2z2/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fak01-promo-cdn.slidely.com%2Fimages%2FpromoVideos%2Fhomepage%2Fpartners%2Fx1%2Fmeta.png%2F1731579940%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fak01-promo-cdn.slidely.com%2Fimages%2FpromoVideos%2Fhomepage%2Ftrusted-by%2Fx1%2Fmanpower.png%2F1731579940%22%2C%22alt%22%3A%22manpower%20icon%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fak01-promo-cdn.slidely.com%2Fimages%2FpromoVideos%2FSanta.svg%2F1731579940%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fak02-promo-cdn.slidely.com%2Fimages%2FpromoVideos%2Fhomepage%2Ftrusted-by%2Fx1%2Fcisco.png%2F1731579940%22%2C%22alt%22%3A%22cisco%20icon%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fak02-promo-cdn.slidely.com%2Fimages%2FpromoVideos%2Fhomepage%2Ftrusted-by%2Fx1%2Fsalesforce.png%2F1731579940%22%2C%22alt%22%3A%22salesforce%20icon%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fak04-promo-cdn.slidely.com%2Fimages%2FpromoVideos%2Fhomepage%2Fai%2Famazon.svg%2F1731579940%22%2C%22alt%22%3A%22Amazon%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fak04-promo-cdn.slidely.com%2Fimages%2FpromoVideos%2Fhomepage%2Fai%2Fplaceholder.png%2F1731579940%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%2C%22pageUrl%22%3A%22https%3A%2F%2Fpromo.com%2F%22%7D
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-11-14-17-36-24/paid/remediation-tool.js?ts=1731605784396
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5ecd007de9b45beb67e87a4d5859c82c90c1bf1dfbe869f4b6ffaf9083bcc623

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://promo.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"84c-gptqjeDALVP6tczjo6xLwidW4k4"
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
date: Fri, 15 Nov 2024 06:31:38 GMT
content-type: application/json; charset=utf-8
x-77-nzt-ray: f03d061348fce4bccaea366730c0620e
vary: Accept-Encoding
access-control-allow-headers: *
x-77-nzt: EgwBT3/O6QH3YJIAAAwBnJI74gG3TIQAAA
cache-control: max-age=604800
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 37472
x-service-version: img-dscr-srv-a1be253c
server: CDN77-Turbo

OPTIONS
H2 200 alts.json
cdn77.api.userway.org/api/img-dscr/v2/zFP2NX1OXE/3524903/2tzlrKg5OEPMF2z2/ Frame 0
0 355ms
140ms Preflight 2a02:6ea0:c400::54
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/zFP2NX1OXE/3524903/2tzlrKg5OEPMF2z2/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fak01-promo-cdn.slidely.com%2Fimages%2FpromoVideos%2Fhomepage%2Fpartners%2Fx1%2Fmeta.png%2F1731579940%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fak01-promo-cdn.slidely.com%2Fimages%2FpromoVideos%2Fhomepage%2Ftrusted-by%2Fx1%2Fmanpower.png%2F1731579940%22%2C%22alt%22%3A%22manpower%20icon%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fak01-promo-cdn.slidely.com%2Fimages%2FpromoVideos%2FSanta.svg%2F1731579940%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fak02-promo-cdn.slidely.com%2Fimages%2FpromoVideos%2Fhomepage%2Ftrusted-by%2Fx1%2Fcisco.png%2F1731579940%22%2C%22alt%22%3A%22cisco%20icon%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fak02-promo-cdn.slidely.com%2Fimages%2FpromoVideos%2Fhomepage%2Ftrusted-by%2Fx1%2Fsalesforce.png%2F1731579940%22%2C%22alt%22%3A%22salesforce%20icon%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fak04-promo-cdn.slidely.com%2Fimages%2FpromoVideos%2Fhomepage%2Fai%2Famazon.svg%2F1731579940%22%2C%22alt%22%3A%22Amazon%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fak04-promo-cdn.slidely.com%2Fimages%2FpromoVideos%2Fhomepage%2Fai%2Fplaceholder.png%2F1731579940%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%2C%22pageUrl%22%3A%22https%3A%2F%2Fpromo.com%2F%22%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://promo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
date: Fri, 15 Nov 2024 06:31:38 GMT
server: CDN77-Turbo
x-77-cache: MISS
x-77-nzt: EggBT3/O6QAACAGckjviAAA
x-77-nzt-ray: f03d061348fce4bccaea3667e33dfa05
x-77-pop: newyorkUSNY
x-service-version: img-dscr-srv-a1be253c

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame B86E 5 KB
3 KB 252ms
251ms XHR
application/json 44.209.155.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.83414ee1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.209.155.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-209-155-11.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e6211956b7bda83e2b287790cc9da487897f64d5196af474b6f6e049bb3ba29e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer

Response headers

x-request-id: 001qmpsngc0kgr94h460
access-control-expose-headers: x-request-id
content-encoding: gzip
etag: W/"e6211956b7bda83e2b287790cc9da487"
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
status: 200 OK
date: Fri, 15 Nov 2024 06:31:38 GMT
content-type: application/json; charset=utf-8
vary: Accept,Accept-Encoding
x-runtime: 0.192280
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-request-queueing: 0
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://promo.com
x-xss-protection: 1; mode=block
x-intercom-version: b52d8b74570e97657966bba2b795c11abf5bd33c
x-ami-version: ami-0d82ec08b45e6923b
server: nginx

POST
H2 204 collect
analytics.google.com/g/ 0
0 65ms
65ms Fetch
text/plain 2607:f8b0:4004:c1d::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-115YEV4FHZ&gtm=45je4bc0v9178168010za200&_p=1731652294007&gcs=G111&gcd=13t3t3t3t5l1&npa=0&dma=0&tag_exp=101925629~102067554~102067808~102077855&cid=1334172061.1731652294&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=2&sid=1731652294&sct=1&seg=0&dl=https%3A%2F%2Fpromo.com%2F&dt=Promo%20AI%20Video%20Maker%20by%20Promo.com%20-%20Fast%2C%20Simple%2C%20Free&en=homepage%20viewed&_ee=1&ep.non_interaction=true&ep.event_category=default&ep.event_lable=homepage%20viewed&_et=35&tfd=6505
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-115YEV4FHZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://promo.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 06:31:39 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 25 B
368 B 193ms
102ms XHR
application/json 107.178.240.159

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1731652299598

Requested by

Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.240.159 Kansas City, United States, ASN (),

Reverse DNS

159.240.178.107.bc.googleusercontent.com

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://promo.com/

Response headers

strict-transport-security: max-age=604800; includeSubDomains
access-control-max-age: 1728000
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
x-envoy-upstream-service-time: 35
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
access-control-allow-origin: https://promo.com
alt-svc: clear
content-length: 25
date: Fri, 15 Nov 2024 06:31:39 GMT
content-type: application/json
server: envoy
access-control-allow-headers: X-Requested-With, Content-Type

GET
H2 200 status Show response
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fpromo.com%2F/DESKTOP/WIDGET_ON/ 77 B
454 B 119ms
118ms Fetch
application/json 2600:1f14:5db:eb00:c1d:4dc4:9e05:ecb4

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fpromo.com%2F/DESKTOP/WIDGET_ON/status
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-14-17-36-24/widget_app_base_1731605784396.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:c1d:4dc4:9e05:ecb4 Boardman, United States, ASN (),
Reverse DNS
Software: /
Resource Hash: d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promo.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
etag: W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY"
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
content-length: 77
date: Fri, 15 Nov 2024 06:31:41 GMT
content-type: application/json; charset=utf-8
x-service-version: seo-w-eb3c4543
vary: Accept-Encoding
access-control-allow-headers: *

POST
H2 200 time-on-page Show response
visitor-scoring-new.marketlinc.com/ 184 B
363 B 87ms
86ms XHR
application/json 3.219.104.53

General

Check archive.org

Show headers Download Go to

Full URL: https://visitor-scoring-new.marketlinc.com/time-on-page?recalculate=true&pageViewComplete=false
Requested by: Host: lift-ai-js.marketlinc.com
URL: https://lift-ai-js.marketlinc.com/promo.com/snippet.js?viewId=66703694
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.104.53 Ashburn, United States, ASN (),
Reverse DNS: ec2-3-219-104-53.compute-1.amazonaws.com
Software: Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash: 66788062709670729b7273529a030fb6447eac1d54b0a1f5980962a6616af41b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://promo.com/

Response headers

expires: -1
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
date: Fri, 15 Nov 2024 06:31:45 GMT
content-type: application/json
server: Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8

OPTIONS
H2 200 time-on-page
visitor-scoring-new.marketlinc.com/ Frame 0
0 57ms
56ms Preflight 3.219.104.53

General

Check archive.org

Show headers Download Go to

Full URL: https://visitor-scoring-new.marketlinc.com/time-on-page?recalculate=true&pageViewComplete=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.104.53 Ashburn, United States, ASN (),
Reverse DNS: ec2-3-219-104-53.compute-1.amazonaws.com
Software: Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://promo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
content-encoding: gzip
content-length: 0
date: Fri, 15 Nov 2024 06:31:45 GMT
server: Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
promo.com/	1970-01-21 01:10:58	Name: EZSESSID Value: 4bul8l9oqehsv58s9ba5gn8li5
promo.com/	1970-01-21 01:44:04	Name: urn Value: 18
promo.com/	1970-01-21 01:44:04	Name: tid Value: 200220240
.promo.com/	1970-01-21 01:00:54	Name: __cf_bm Value: MHXic3SuRVV91tZvO23q0CYAxM_0z6Dvsedvrb9h7ZU-1731652293-1.0.1.1-ypUYGbzrFZ5xWBH2agYR9hLpJ1T8rmCphsyZGof.q31lFaq3Zt5yonrC_C8U7bdKz95tZ64f0EQQc72AnX5VQA
promo.com/	1969-12-31 23:59:59	Name: ezRI Value: %7B%22source%22%3A%22organicdirect%22%7D
.promo.com/	1970-01-21 10:36:52	Name: _ga Value: GA1.1.1334172061.1731652294
.promo.com/	1970-01-21 10:36:52	Name: _ga_115YEV4FHZ Value: GS1.1.1731652294.1.0.1731652294.60.0.0
.promo.com/	1969-12-31 23:59:59	Name: vs_intent Value: LowIntent
.promo.com/	1970-01-21 09:46:28	Name: mp_e7d2894fb113ce2e99d62bcfd0f0a3f0_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A1932e8517cc643-09086b3df66f39-17462c6e-1d4c00-1932e8517cc644%22%2C%22%24device_id%22%3A%20%221932e8517cc643-09086b3df66f39-17462c6e-1d4c00-1932e8517cc644%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%7D
.promo.com/	1970-01-21 03:10:28	Name: _gcl_au Value: 1.1.2057158053.1731652295
.promo.com/	1970-01-21 09:46:28	Name: cf_clearance Value: tLwOj9n9YT5mUOkCXDeAgODOqGt8OLgGXZ4BteQ8GGI-1731652294-1.2.1.1-9FWVr0.3lW0kLYabYEoisCmlTNGsf5C4psoyTdTTg6ONqzukhpV4XLRkmaX3knvPU88Bsv2ev.xREYnD4RXLShxRHEZMmS8grg5LxDk_Msi4HlGMtgREn0Q2citVbx6XPh8PLt9gbKDw9uPDwKSYR4qAar4AN.VCeRxXXZ7NGlKtlIerJSIBLcGAHLFrD2w0RvhsCAc2oPheman42VmJA02uaoKrEUt0hXQG0J9LGBS11Thv6cfgbdM0qhFRxnC07wzaptZ1h2Hl9a2YtOpayFavYvViLezD0HKI0VkZk08FPDZghpugdzalBpEk4W6ntdyAQrUgIZPiz1hjnv78Xikimu9iwK0plgSoCoh.7UxC8_s29TZUb71AKZUEgX.J
.pinterest.com/	1970-01-21 09:46:28	Name: ar_debug Value: 1
.promo.com/	1970-01-21 09:46:28	Name: _pin_unauth Value: dWlkPU1XUTJNakZoTkdNdE16VmxaUzAwTXpCbExUZzNNVEV0TWpjNFl6SXdPVE5pTW1Jeg
.promo.com/	1970-01-21 03:10:28	Name: _fbp Value: fb.1.1731652294988.721016502616889176
.doubleclick.net/	1970-01-21 10:36:52	Name: IDE Value: AHWqTUlLozQzksB7z7mzg1eUY9atzEmCt3IXmmtMyNaah5D5vDN0iVhzQX7wET0z
.promo.com/	1970-01-21 09:46:28	Name: _hjSessionUser_1367711 Value: eyJpZCI6IjRjYjVmZjc4LTRlYzItNTc5ZS1hZTI1LTQ0ZjRmNWVlZDU5MiIsImNyZWF0ZWQiOjE3MzE2NTIyOTUwNzksImV4aXN0aW5nIjp0cnVlfQ==
.promo.com/	1970-01-21 01:00:54	Name: _hjSession_1367711 Value: eyJpZCI6IjBiODE5ZGMyLTA3NjYtNDM2Mi05ZGY2LTFlM2MwNzYzYTU4MSIsImMiOjE3MzE2NTIyOTUwODAsInMiOjEsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.ct.pinterest.com/	1970-01-21 09:46:28	Name: _pinterest_ct_ua Value: "TWc9PSZzODlWZ2loaTIxQm9QUDBXUnEvQVJSeS9VbE1najYwRk1iVkxocHhCV0RhYzlkYUt0OFNJUWtYKzdiZnVTT0NyNVZFWmtuWkRrQ2M1K204UW9JaXlFNGxTbnEvUjIzOG5XTTFXdHhTWmR4RT0mTnpINEljMGo3T2psa3RIM09US0tjMHZxV3hRPQ=="
.promo.com/	1970-01-21 01:02:18	Name: _uetsid Value: 42c36ca0a31b11efa680654d3016307f
.promo.com/	1970-01-21 10:22:28	Name: _uetvid Value: 42c36940a31b11efb5b7619010e3ea6a
promo.com/	1970-01-21 01:00:55	Name: PromoAuthCSRF Value: 0950ef9a-751b-42b9-b5e9-788d5c1cd4a7
.bing.com/	1970-01-21 10:22:28	Name: MUID Value: 02011A95F7506CA036370FADF64A6D78
.bat.bing.com/	1970-01-21 01:10:57	Name: MR Value: 0
.t.co/	1970-01-21 10:36:52	Name: muc_ads Value: d39972b7-90c8-47d6-acab-d52bc9055a76
.t.co/	1970-01-21 01:00:54	Name: __cf_bm Value: xdyNDjNvNdRoXi6AS3xn47PafabxtxMlSeKzk.Ah4hU-1731652295-1.0.1.1-c31ZZRkm9Dpe1Wud7OkbRzDQ3kjg7C1B5SomltzBerdVLRuVLAvw.HlxpE4iqTOqukawQegE.g6CfnS.OqNgZw
.linkedin.com/	1970-01-21 03:10:28	Name: li_sugr Value: 40630a59-7858-42cd-a0eb-1af29734d093
.linkedin.com/	1970-01-21 09:46:28	Name: bcookie Value: "v=2&19e1b026-4ba1-4932-813c-4100153edf14"
.linkedin.com/	1970-01-21 01:02:18	Name: lidc Value: "b=VGST09:s=V:r=V:a=V:p=V:g=3043:u=1:x=1:i=1731652295:t=1731738695:v=2:sig=AQEOSaRMXaBFCnIN5bBLoQitQ6phhvK_"
.linkedin.com/	1970-01-21 01:44:04	Name: UserMatchHistory Value: AQLAw36BbQjXMwAAAZMuhRpXCfrvE5YQ4rU4czQb0gF6V_P0PKHR_aWNmnzmAuXaIjPnuVPnunzesA
.linkedin.com/	1970-01-21 01:44:04	Name: AnalyticsSyncHistory Value: AQI4DAKRb5wNnwAAAZMuhRpXc6qS4WhlV7Bgk2S3zFRwJZFPaq-9xdTSWejnyErvKpmKRUvXk5qyj_2gV3iOig
.twitter.com/	1970-01-21 10:36:52	Name: personalization_id Value: "v1_XwC5D231n5jLa5WZbrLrPg=="
.promo.com/	1970-01-21 10:36:52	Name: vs_vid Value: OXpaEy5DOs1
.promo.com/	1969-12-31 23:59:59	Name: vs_vfs Value: 1
.promo.com/	1969-12-31 23:59:59	Name: vs_sid Value: 63MLbRp2nSAv
.promo.com/	1969-12-31 23:59:59	Name: vs_conv_ai Value: 20-24
.promo.com/	1969-12-31 23:59:59	Name: vs_lift_ai Value: 85-89
.www.linkedin.com/	1970-01-21 09:46:28	Name: bscookie Value: "v=1&20241115063135acb4cfa7-563d-4ee0-84d0-8b66dfc1b31cAQEdKJ1uLA1G5TFCpgb93YyNZEukO6V5"
.promo.com/	1970-01-21 07:29:42	Name: intercom-id-van22wlo Value: 75b8e21f-db46-4aac-9633-83595a9346d9
.promo.com/	1970-01-21 01:10:57	Name: intercom-session-van22wlo Value:
.promo.com/	1970-01-21 07:29:42	Name: intercom-device-id-van22wlo Value: 30813e96-395e-47a0-8db5-09ec4cd6b209

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://promo.com/ Message: Provider's accounts list is empty.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ak01-promo-cdn.slidely.com
ak02-promo-cdn.slidely.com
ak03-cdn.slidely.com
ak03-promo-cdn.slidely.com
ak04-promo-cdn.slidely.com
analytics.google.com
analytics.twitter.com
api-iam.intercom.io
api-js.mixpanel.com
api.userway.org
bat.bing.com
c.6sc.co
cdn.mxpnl.com
cdn.userway.org
cdn77.api.userway.org
connect.facebook.net
ct.pinterest.com
eps.6sc.co
google.com
googleads.g.doubleclick.net
ipv6.6sc.co
j.6sc.co
js.intercomcdn.com
js.iterable.com
lift-ai-js.marketlinc.com
promo.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.pinimg.com
script.hotjar.com
snap.licdn.com
static.ads-twitter.com
static.cloudflareinsights.com
static.hotjar.com
stats.g.doubleclick.net
t.co
td.doubleclick.net
visitor-scoring-new.marketlinc.com
widget.intercom.io
widget.trustpilot.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.linkedin.com
104.244.42.67
107.178.240.159
108.138.64.19
108.138.64.83
13.107.42.14
142.251.163.155
172.253.115.100
172.253.115.103
172.253.63.154
172.64.148.114
172.64.149.202
172.66.0.227
18.154.227.129
18.160.10.63
18.160.41.112
199.232.72.157
23.220.128.196
23.73.207.15
2600:1408:c400:1d::17d4:fa58
2600:1408:c400:5::17c7:3716
2600:1901:0:498c::
2600:1f14:5db:eb00:c1d:4dc4:9e05:ecb4
2606:4700::6810:4f49
2607:f8b0:4004:c09::9b
2607:f8b0:4004:c0b::61
2607:f8b0:4004:c17::54
2607:f8b0:4004:c1b::9d
2607:f8b0:4004:c1d::71
2620:1ec:21::14
2620:1ec:33::10
2a02:6ea0:c400::54
2a04:4e42:600::84
3.167.56.55
3.219.104.53
31.13.66.19
31.13.66.35
44.209.155.11
52.85.132.26
99.83.231.3
042aaed2e03d5d3229c2d39ff93549256e92f673951c8f44b3349723e61ddb9a
067bb9957424e5ba224acc6f41404edd86302de3b419dc5e09daeb458a63de99
0ac62d1b91dc31021b37ca0386619f9230275c08d09d6d5e22ccc19703e611bb
0c28a3b893740df4c1372e6321ce52981e0f77543c6fc8384af2deab941773c2
0ca4308e22228da627b295acf6ace2399ff8a66e55aed4413a2c89f13d023f31
10e304dc3352c0d520a619412c1079c278a3cf1e534ef6944822b9606e065a00
122b304c7702c1ddbd8537c129070ba90e5e4a9328774403da2b1d7de8afed9f
12a92bedef8080db0fec90a0a244ddfed91436d020b0b766814695f5d7ed7308
18c2dce0edae42c8f2d1275603fe291ea90105218ad58294a7ec5dc4b35ee060
19576a00ececd1add5cecaa486d9f1f224597e55442a826c77d6ad17f8c11e07
1b07ff9cb3ee66f1f0e4c708320ea5d9d6487d1b15e022416d914e214df163aa
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1e19c7cf6ff5bcab60aaff50e051635f20cfe65387c83200557af10722fc9c9f
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2a21198cacf3683a520209450dd9c5ae845d25f3c0a8522cca419ee8ffd57878
2a46e3976ecbde85ff8192b7d8fe05d52cb79b6aaf20487f8bb1cafaaf23a24c
2fa3e5574b9641fa0dbf618bb529cec3f1e231f7625f2dcdcf33e7be4860ea6d
30f1dc0750fb40a4ad3667a6ea8b9c50817a4a954abe78683a9a03018a370274
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3aa52c507a4996678bf39c48e86b91e6f03e66940f33c20f770709c77250c233
3fdbe845c9b32342539f1e26581d8fe16581455951c9f67b09a474585f8b6e30
41faf98559d019b50a1c74d296df889554d9f3638a981c7be93aae44e9d90074
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443e0a429443e5f77a0bd31cfd8339a08bdcd932d9c376c7dd423c32cb697887
455560bddccbf75cbe80bf0c62467262bc799b9471358501bd462b5f2c093580
48eef7fe61a3e2c7c88ac1c6a263bd851b6a05363607e52fd2be4e4472d42255
4922a8859b315c354c23ad278e35483c6cf29aebf1c509c2c928c1f41634fe43
495a890e80ef117a67c6870361f457abee5301a4c21c45553476b6936992595b
4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
51a9a804438165265a0045e1aceaeed7fd9551f7bf0870cfa289de5c6e955adf
55096bdb72819db90b109af46d94fce8e71551e9c7a8464a6dcf930f60bb7f39
5612e07185add6333ccf39345089eedafce9235ae2770f3e3c93e88805532780
56df5bf2317bc2156b954c3fd2913afcce23eb4947c47f3ac401017dc4a0151d
56e8d7a778678aeb0d4650bdc4d894afd8531dac4fac354aa7d40e0238af8a74
597ff1d4582c1b71dc6fcb85248d2e75a98fa123eb1568d5b84abcecb45d5502
5ecd007de9b45beb67e87a4d5859c82c90c1bf1dfbe869f4b6ffaf9083bcc623
5f7cef2df37f752a57f1d883c342d300ccbb3d5dfe758c5ae7f13d9dd7d19457
6236f0de4c0336d2efe7f1a90f752548541eddb6f5e340fa375cf71a57394b19
625661b8554c143ea30a9626aa6a3eab934670c7c260b4cefa6521602c0ee67a
66788062709670729b7273529a030fb6447eac1d54b0a1f5980962a6616af41b
68c7b5ae38e7bd2af842f16ee8d23353e5cdc91dc74da95973b525fe2a161497
690d7475f07d251418f8cafb86519103bfa82159742d55b73afee1fdbe9b596b
6b8a685a18ce72be14284da2746c84aa6c7c3a12e393df6667975b826998f144
6bba7d288cee726bb77e4293d1240266d92e784378e1cb1c5e0e7b991b0f1c9e
6d3457ac64ef50327dd58a41924baea73f640cc7db40bbfbdba48a387f46fda6
6df8f5958e5d993f597ce6e745b03147f613c04163391ab9e3c66b8edb73fcc7
6e4a214ed145a4c024392be953013d95b2b0a5aa6acc6dfded8914f8170db1a8
74071d3b27c8bdf5a7c28226840b38486d7b1fab69c7e23b5d0f47ea5c89d5c3
776f40baf8f985aabf7b409cad45d04ecee1134e4eeddf075575c8a2d22bdf2c
7d112435eff9b4edeefd2ebf6affa662637d977ec8d441f67f3bfb951f5d335f
88774a690c8481144dbb8919e693669b2fe915d3898d78beed8a0c38673de186
88d6ad55118ebcb9135389c19e07694ad6d82a572acbfab24d4768e532372595
896faeed883c92f039329aacdec4abf6dd60752b10ee18af10262985bba2862b
89b91379c34ce472b4ed6561e27c5a520387e28f8e75143120b1fa83e7512924
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
957736737a1a7a3546b8d8eb35144807c9056a06a867a0090d17a6902d8cd7a1
97dc4d7c6b0222cbf2d21652438ab5efa1307878c4d722baa1c817c7d341afe8
993fa0a7ee51369e157a3c05bfffa93eef911e5c21ed970ab33300561ea0df56
9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552
a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
aae4a19e0549a731e1e3c96af1174ac22c0e98eb09b958bb2f6466c85c1f64af
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad0e16e3e83936688a11f292ef26cd62ff0b2125053c37e9cc8ac41b24f44342
ae1cf82617de16d25b1befe19600f6b21b074ab54e68f729fee2e048109d2ef9
b0758f00b20dbd7bf48163e24fbefaa7b15f6343f21bd053a84d99e51c15171d
b324ba64e25efc1a07bd001ad486d37361a0d193e9e9e159599054341b9991c3
b4bae9a80b23a0992dff0acedbdfa76541ee19564893a2a60d6c1b1e2147599b
b52fb25eaf37f639e7c2f4f0fd67e4dc61298c7ea326c0204e2e1f5108729a50
b5d7b287cee71597b5df9c723d516d12805d54104463b10040042a68c59b157d
bb2d441b86e292bc36d6c145a233fa0ef1aec4aae9c884a34ca1f8e95cf2e30a
bc94ac4cf8c40825ad44690336b1de510a0b5dd6428a5759b0cc5284dcdc7e08
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de
c69de41dda83f00cc1b13dba90a57f25df046286ecd227bdd0c4d51d94947b61
ca1737927d406907783b80e5e90b1e5c9203853171bdd036c12467fb6fdd615a
caefbd45cb44bb2dbe3a1a87cd1221d08343502a0a7cdada719b3d5a9743a79c
cb872e528d79cd0d23622cbb65d62a0f317ab65b1b73effcfa8736f962e7ef1c
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c
d46f0a5d6fb44363e2be8299c500bd0a4a484608154ababe14cd4b53d3ca5eb6
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60
da93ef3cf88314b3688c847052e0ba7050dfdfa7112e6a77378835cd76a7d4c1
e10808d43975dc400731053386849f864f297e6c4f7519c380f3dbaf7067a840
e1be07eea8a3f7d905ec1e911c8217b8e102806b8988c9fb10fa768b1bc9fcd0
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e617567d7f0008eb6f77c522e18424ba510c5085c1b5a8a2a8e859ed3c4c4ca4
e6211956b7bda83e2b287790cc9da487897f64d5196af474b6f6e049bb3ba29e
e73f0ca14a65362bbc794ea2f950e3055bd9e555d540b8124612bed78df093e4
e7cb981ef275981b663756d5edc3daa8fb670593df052ca520a9ddb3e0b9ed2c
e9045b6ad404e904a3791d0a260c3a59a5ca6cf192571dd89061ef039a56892f
eacb1a012fc0820bb358ea06380857fd97d62a420932142014ac89bcc4afbbc3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a9b19d1615e0e2afdca507d4c7cbe384b0bdfad5cbaf63c14a386df33a62d7
f52bba05a436efae8dee3a601d2bf29c1cf2000f3b74549e793e40a82f919cd0
f9fe3269835ba1d5f608624333f325c24858f6b14384791c1326fba76901adad
fccde85781ba49073687a647a8b2b79c6f62739859579a3687fa5813a70ba9e7
fcf9a126ebf0e817036c5c3007142edffdb749ca3d3575d693857e5474299e65
fd33224a3d5db032244a23a9d5d260d0614ba436e581070c24ecedfb89c72912
fd550b86a6b6905d7aa04486df2d7d7cbb87a33d7309a57544c78794b8b50a55
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
ff93fc02952e4fbc3d3f99e7ee419846f118d79b238ff57ba0a61502d149f2ca

promo.com Open in urlscan Pro 172.64.149.202 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

149 Requests

98 %HTTPS

36 %IPv6

26 Domains

45 Subdomains

39 IPs

1 Countries

2806 kBTransfer

10627 kBSize

40 Cookies

17 Outgoing links

Page URL History

Redirected requests

149 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

promo.com Open in urlscan Pro
172.64.149.202 Public Scan

Screenshot
Live screenshot

Full Image

149
Requests

98 %
HTTPS

36 %
IPv6

26
Domains

45
Subdomains

39
IPs

1
Countries

2806 kB
Transfer

10627 kB
Size

40
Cookies

149 HTTP transactions
0 data transactions