wearepromo.net Open in urlscan Pro
91.199.78.231 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://wearepromo.net/
Submission: On February 29 via api (February 29th 2024, 11:40:43 am UTC) from BE — Scanned from GB

Summary HTTP 17 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 17 HTTP transactions. The main IP is 91.199.78.231, located in United Kingdom and belongs to A4N Network Services, GB. The main domain is wearepromo.net.

This is the only time wearepromo.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	91.199.78.231 91.199.78.231	44574 (A4N Netwo...) (A4N Network Services)
11	2600:9000:223... 2600:9000:223c:a200:a:7956:6e80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	95.215.174.141 95.215.174.141	44574 (A4N Netwo...) (A4N Network Services)
3	95.215.174.140 95.215.174.140	44574 (A4N Netwo...) (A4N Network Services)
17	4

1 91.199.78.231 (United Kingdom)

ASN44574 (A4N Network Services, GB)
PTR: vip-holding.xilo.net

wearepromo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:223c:a200:a:7956:6e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.xilo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.215.174.141 (United Kingdom)

ASN44574 (A4N Network Services, GB)
PTR: stat.custserv.net

stat.xilo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.215.174.140 (United Kingdom)

ASN44574 (A4N Network Services, GB)
PTR: stats.custserv.net

stats.xilo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	xilo.net cdn.xilo.net stat.xilo.net stats.xilo.net	273 KB
1	wearepromo.net wearepromo.net	4 KB
17	2

	Domain	Requested by
11	cdn.xilo.net	wearepromo.net cdn.xilo.net stats.xilo.net
3	stats.xilo.net	wearepromo.net stats.xilo.net
2	stat.xilo.net	wearepromo.net stat.xilo.net
1	wearepromo.net
17	4

This site contains links to these domains. Also see Links.

Domain
www.xilo.net
my.xilo.net

Subject Issuer	Validity	Valid
cdn.xilo.net Amazon RSA 2048 M02	`2023-09-08` - `2024-10-05`	a year	crt.sh
stat.coconut.net R3	`2023-12-16` - `2024-03-15`	3 months	crt.sh
stats.coconut.net R3	`2023-12-23` - `2024-03-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://wearepromo.net/
Frame ID: 5F70901828458A1FEE565A3190F21DC8
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Holding Page - wearepromo.net

Page Statistics

17
Requests

94 %
HTTPS

25 %
IPv6

2
Domains

4
Subdomains

4
IPs

2
Countries

278 kB
Transfer

1777 kB
Size

2
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.xilo.net/?utm_source=wearepromo.net&utm_medium=web&utm_campaign=holding
Title: xilo

Search URL Search Domain Scan URL

URL: https://my.xilo.net/?utm_source=wearepromo.net&utm_medium=web&utm_campaign=holding
Title: login to my.xilo

Search URL Search Domain Scan URL

URL: https://www.xilo.net/shared_web_hosting/?utm_source=wearepromo.net&utm_medium=web&utm_campaign=holding
Title: Hosting

Search URL Search Domain Scan URL

URL: https://www.xilo.net/dedicated_servers/?utm_source=wearepromo.net&utm_medium=web&utm_campaign=holding
Title: Servers

Search URL Search Domain Scan URL

URL: https://www.xilo.net/domain_names/?utm_source=wearepromo.net&utm_medium=web&utm_campaign=holding
Title: Domain Names

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
wearepromo.net/ 5 KB
4 KB 619ms
550ms Document
text/html 91.199.78.231
A4N Network Services

General

Check archive.org

Show headers Download Go to

Full URL

http://wearepromo.net/

Protocol

HTTP/1.1

Server

91.199.78.231 , United Kingdom, ASN44574 (A4N Network Services, GB),

Reverse DNS

vip-holding.xilo.net

Software

Webserver /

Resource Hash

e356dfc84595fe09edde725c1606ed13189b4b35be71b0bfa535a70377448200

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.xilo.net; object-src 'none'; style-src 'self' data: 'unsafe-inline' https://.xilo.net; img-src 'self' blob: data: https://.xilo.net; media-src 'self' data: https://.xilo.net; frame-src ; font-src ; form-action 'self' https://.xilo.net; connect-src 'self' https://.xilo.net; prefetch-src 'self' https://.xilo.net; manifest-src 'self' https://.xilo.net; frame-ancestors 'self'; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
X-Content-Security-Policy	default-src 'none'; base-uri 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.xilo.net; object-src 'none'; style-src 'self' data: 'unsafe-inline' https://.xilo.net; img-src 'self' blob: data: https://.xilo.net; media-src 'self' data: https://.xilo.net; frame-src ; font-src ; form-action 'self' https://.xilo.net; connect-src 'self' https://.xilo.net; prefetch-src 'self' https://.xilo.net; manifest-src 'self' https://.xilo.net; frame-ancestors 'self'; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: default-src 'none'; base-uri 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.xilo.net; object-src 'none'; style-src 'self' data: 'unsafe-inline' https://*.xilo.net; img-src 'self' blob: data: https://*.xilo.net; media-src 'self' data: https://*.xilo.net; frame-src *; font-src *; form-action 'self' https://*.xilo.net; connect-src 'self' https://*.xilo.net; prefetch-src 'self' https://*.xilo.net; manifest-src 'self' https://*.xilo.net; frame-ancestors 'self'; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
Content-Type: text/html; charset=UTF-8
Cross-Origin-Embedder-Policy: require-corp; report-to="default"
Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="default"
Cross-Origin-Resource-Policy: same-site
Date: Thu, 29 Feb 2024 11:40:37 GMT
Expect-CT: max-age=0, report-uri="https://xcdn.report-uri.com/r/d/ct/reportOnly"
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), usb=(), interest-cohort=()
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://xcdn.report-uri.com/a/d/g"}],"include_subdomains":true}
Server: Webserver
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Cache-Status: BYPASS
X-Content-Security-Policy: default-src 'none'; base-uri 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.xilo.net; object-src 'none'; style-src 'self' data: 'unsafe-inline' https://*.xilo.net; img-src 'self' blob: data: https://*.xilo.net; media-src 'self' data: https://*.xilo.net; frame-src *; font-src *; form-action 'self' https://*.xilo.net; connect-src 'self' https://*.xilo.net; prefetch-src 'self' https://*.xilo.net; manifest-src 'self' https://*.xilo.net; frame-ancestors 'self'; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Page-Speed: PS
X-Via: lb01
X-WebKit-CSP: default-src 'none'; base-uri 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.xilo.net; object-src 'none'; style-src 'self' data: 'unsafe-inline' https://*.xilo.net; img-src 'self' blob: data: https://*.xilo.net; media-src 'self' data: https://*.xilo.net; frame-src *; font-src *; form-action 'self' https://*.xilo.net; connect-src 'self' https://*.xilo.net; prefetch-src 'self' https://*.xilo.net; manifest-src 'self' https://*.xilo.net; frame-ancestors 'self'; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
X-XSS-Protection: 1; mode=block

GET
H2 200 main.m.css
cdn.xilo.net/xv3/css/ 718 KB
68 KB 244ms
66ms Stylesheet
text/css 2600:9000:223c:a200:a:7956:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.xilo.net/xv3/css/main.m.css

Requested by

Host: wearepromo.net
URL: http://wearepromo.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:a200:a:7956:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Webserver /

Resource Hash

6f6e7cf8b78e6f8320ae40d5800551d77b8120a0b9b88c65cc8780a86dd2c5c9

Security Headers

Name	Value
Content-Security-Policy	default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Security-Policy	default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://wearepromo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-content-security-policy: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-security-policy: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
x-content-type-options: nosniff
date: Mon, 26 Feb 2024 07:33:04 GMT
x-original-content-length: 738091
content-encoding: gzip
x-amz-cf-pop: FRA56-P2
x-cache-status: STALE
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-via: lb01
age: 274053
cross-origin-resource-policy: cross-origin
content-length: 68131
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: Webserver
etag: W/"PSA-aj-tVBFsauLnn"
expect-ct: max-age=0, report-uri="https://xcdn.report-uri.com/r/d/ct/reportOnly"
x-frame-options: SAMEORIGIN
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://xcdn.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=602084, public
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), usb=(), interest-cohort=()
vary: Accept-Encoding
x-webkit-csp: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
x-amz-cf-id: MG1j7olFeFICJVFmFTXOH0JuWV1WAP8_jWJ_1YGua0dV8xRWXsuZHQ==
expires: Mon, 04 Mar 2024 06:47:49 GMT

GET
H2 200 animate.m.css
cdn.xilo.net/xv3/css/ 60 KB
5 KB 233ms
56ms Stylesheet
text/css 2600:9000:223c:a200:a:7956:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.xilo.net/xv3/css/animate.m.css

Requested by

Host: wearepromo.net
URL: http://wearepromo.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:a200:a:7956:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Webserver /

Resource Hash

c56c1b88de91b214568b7bb434bd528dc458b5efa864a8b229173f5388f2066e

Security Headers

Name	Value
Content-Security-Policy	default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Security-Policy	default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://wearepromo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-content-security-policy: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-security-policy: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
x-content-type-options: nosniff
date: Mon, 26 Feb 2024 04:06:26 GMT
x-original-content-length: 61274
content-encoding: gzip
x-amz-cf-pop: FRA56-P2
x-cache-status: STALE
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-via: lb01
age: 286451
cross-origin-resource-policy: cross-origin
content-length: 4028
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: Webserver
etag: W/"PSA-aj-FD6EFYlTC8"
expect-ct: max-age=0, report-uri="https://xcdn.report-uri.com/r/d/ct/reportOnly"
x-frame-options: SAMEORIGIN
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://xcdn.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=599191, public
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), usb=(), interest-cohort=()
vary: Accept-Encoding
x-webkit-csp: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
x-amz-cf-id: Ttdj6WOd7QIrlm0r8_CE0SwKmLbJ4kdyV2Ha9j9X_iGjMPcyiLteKA==
expires: Mon, 04 Mar 2024 02:32:58 GMT

GET
H2 200 slick.m.css
cdn.xilo.net/xv3/css/ 1 KB
2 KB 307ms
130ms Stylesheet
text/css 2600:9000:223c:a200:a:7956:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.xilo.net/xv3/css/slick.m.css

Requested by

Host: wearepromo.net
URL: http://wearepromo.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:a200:a:7956:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Webserver /

Resource Hash

3a13842a583e6e6a0fc3032fb9ca288322effc1a96dc1dfbec4698bd67b49c39

Security Headers

Name	Value
Content-Security-Policy	default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Security-Policy	default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://wearepromo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-content-security-policy: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-security-policy: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
x-content-type-options: nosniff
date: Mon, 19 Feb 2024 05:46:04 GMT
x-original-content-length: 1329
content-encoding: gzip
x-amz-cf-pop: FRA56-P2
x-cache-status: MISS
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-via: lb01
age: 349919
cross-origin-resource-policy: cross-origin
content-length: 487
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 21 Feb 2020 16:01:37 GMT
server: Webserver
etag: W/"5e4ffee1-531"
expect-ct: max-age=0, report-uri="https://xcdn.report-uri.com/r/d/ct/reportOnly"
x-frame-options: SAMEORIGIN
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://xcdn.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800, public
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), usb=(), interest-cohort=()
vary: Accept-Encoding
x-webkit-csp: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
x-amz-cf-id: giu5D6mPewxzC46wEieY_43T11KPc7B6u4_LOWfrgI1kMF_qbOCRbw==
expires: Mon, 26 Feb 2024 05:46:04 GMT

GET
H2 200 fitty.min.js Show response
cdn.xilo.net/xv3/js/ 4 KB
3 KB 232ms
55ms Script
application/javascript 2600:9000:223c:a200:a:7956:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.xilo.net/xv3/js/fitty.min.js

Requested by

Host: wearepromo.net
URL: http://wearepromo.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:a200:a:7956:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Webserver /

Resource Hash

81076ec47d61ce34dc82f348c7b33edc81abd325380ea3b6431182ab16b26100

Security Headers

Name	Value
Content-Security-Policy	default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Security-Policy	default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://wearepromo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-content-security-policy: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-security-policy: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
x-content-type-options: nosniff
date: Sun, 25 Feb 2024 18:46:44 GMT
x-original-content-length: 3854
content-encoding: gzip
x-amz-cf-pop: FRA56-P2
x-cache-status: STALE
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-via: lb01
age: 320033
cross-origin-resource-policy: cross-origin
content-length: 1504
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: Webserver
etag: W/"PSA-aj-xuu7rqpKbD"
expect-ct: max-age=0, report-uri="https://xcdn.report-uri.com/r/d/ct/reportOnly"
x-frame-options: SAMEORIGIN
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://xcdn.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=350512, public
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), usb=(), interest-cohort=()
vary: Accept-Encoding
x-webkit-csp: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
x-amz-cf-id: QRSqzxHE6IIGSP-7BXtl8iUv5pTt3tn9ddZyIOqIE_MM4MoqpGVT6w==
expires: Sun, 25 Feb 2024 12:01:45 GMT

GET
H2 200 script.js Show response
stat.xilo.net/js/ 1 KB
1 KB 471ms
49ms Script
application/javascript 95.215.174.141
A4N Network Services

General

Check archive.org

Show headers Download Go to

Full URL

https://stat.xilo.net/js/script.js

Requested by

Host: wearepromo.net
URL: http://wearepromo.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.215.174.141 , United Kingdom, ASN44574 (A4N Network Services, GB),

Reverse DNS

stat.custserv.net

Software

nginx /

Resource Hash

021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://wearepromo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 11:40:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff, nosniff, nosniff
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
alternate-protocol: 443:npn-spdy/3,443:npn-spdy/2, 443:npn-spdy/3,443:npn-spdy/2

GET
H2 200 xilo-logo.svg
cdn.xilo.net/xv3/images/ 5 KB
3 KB 171ms
167ms Image
image/svg+xml 2600:9000:223c:a200:a:7956:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.xilo.net/xv3/images/xilo-logo.svg

Requested by

Host: cdn.xilo.net
URL: https://cdn.xilo.net/xv3/css/main.m.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:a200:a:7956:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Webserver /

Resource Hash

076f188d6707d832f4f2a9b974cd000c9ca480d4b32b361823e883fe2fa605be

Security Headers

Name	Value
Content-Security-Policy	default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Security-Policy	default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.xilo.net/xv3/css/main.m.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-content-security-policy: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-security-policy: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
x-content-type-options: nosniff
date: Thu, 29 Feb 2024 11:40:37 GMT
content-encoding: br
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache-status: HIT
x-cache: RefreshHit from cloudfront
x-via: lb01
cross-origin-resource-policy: cross-origin
alternate-protocol: 443:npn-spdy/3,443:npn-spdy/2
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 22 Feb 2020 01:28:46 GMT
server: Webserver
etag: W/"5e5083ce-144f"
expect-ct: max-age=0, report-uri="https://xcdn.report-uri.com/r/d/ct/reportOnly"
x-frame-options: SAMEORIGIN
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://xcdn.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800, public, s-maxage=10
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), usb=(), interest-cohort=()
vary: Accept-Encoding
x-webkit-csp: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
x-amz-cf-id: 4unEHkoAg9WBquBM5rCOlfTMSGEIbrAbb0ueO-i2dWuLDS9tg8U__Q==
expires: Thu, 07 Mar 2024 11:40:37 GMT

GET
H2 200 BrandonText-Regular.woff2
cdn.xilo.net/xv3/fonts/ 24 KB
25 KB 268ms
160ms Font
application/octet-stream 2600:9000:223c:a200:a:7956:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.xilo.net/xv3/fonts/BrandonText-Regular.woff2

Requested by

Host: cdn.xilo.net
URL: https://cdn.xilo.net/xv3/css/main.m.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:a200:a:7956:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Webserver /

Resource Hash

4dfb99872b53d5095e167e40092c1fa40fa263986c7cd6d9823de699863be86e

Security Headers

Name	Value
Content-Security-Policy	default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Security-Policy	default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.xilo.net/xv3/css/main.m.css
Origin: http://wearepromo.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-content-security-policy: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-security-policy: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
x-content-type-options: nosniff
date: Thu, 29 Feb 2024 11:40:37 GMT
via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache-status: HIT
x-cache: RefreshHit from cloudfront
x-via: lb01
cross-origin-resource-policy: cross-origin
content-length: 24460
alternate-protocol: 443:npn-spdy/3,443:npn-spdy/2
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 27 Dec 2019 05:05:51 GMT
server: Webserver
etag: "5e05912f-5f8c"
expect-ct: max-age=0, report-uri="https://xcdn.report-uri.com/r/d/ct/reportOnly"
x-frame-options: SAMEORIGIN
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://xcdn.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=604800, public, s-maxage=10
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), usb=(), interest-cohort=()
vary: Accept-Encoding
accept-ranges: bytes
x-webkit-csp: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
x-amz-cf-id: PymsSp2c8cIr-ASMZpAqJRxRynR4SRBF24yQ99JISir2dSIYfoHapw==
expires: Thu, 07 Mar 2024 11:40:37 GMT

GET
H2 200 BrandonText-Black.woff2
cdn.xilo.net/xv3/fonts/ 24 KB
25 KB 282ms
175ms Font
application/octet-stream 2600:9000:223c:a200:a:7956:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.xilo.net/xv3/fonts/BrandonText-Black.woff2

Requested by

Host: cdn.xilo.net
URL: https://cdn.xilo.net/xv3/css/main.m.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:a200:a:7956:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Webserver /

Resource Hash

d9107df6b6a2af8e68c66f8f304ddb3037ed68a0f955df86224359ab05708540

Security Headers

Name	Value
Content-Security-Policy	default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Security-Policy	default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.xilo.net/xv3/css/main.m.css
Origin: http://wearepromo.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-content-security-policy: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-security-policy: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
x-content-type-options: nosniff
date: Thu, 29 Feb 2024 11:40:37 GMT
via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache-status: HIT
x-cache: RefreshHit from cloudfront
x-via: lb01
cross-origin-resource-policy: cross-origin
content-length: 24844
alternate-protocol: 443:npn-spdy/3,443:npn-spdy/2
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 27 Dec 2019 05:05:50 GMT
server: Webserver
etag: "5e05912e-610c"
expect-ct: max-age=0, report-uri="https://xcdn.report-uri.com/r/d/ct/reportOnly"
x-frame-options: SAMEORIGIN
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://xcdn.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=604800, public, s-maxage=10
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), usb=(), interest-cohort=()
vary: Accept-Encoding
accept-ranges: bytes
x-webkit-csp: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
x-amz-cf-id: P35QW3bJ5XAUxIdIFjkmRioXnHDfGUsDRbFgRM7nDvD8ZxdkTWnpRQ==
expires: Thu, 07 Mar 2024 11:40:37 GMT

GET
H2 200 BrandonText-Medium.woff2
cdn.xilo.net/xv3/fonts/ 25 KB
26 KB 221ms
113ms Font
application/octet-stream 2600:9000:223c:a200:a:7956:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.xilo.net/xv3/fonts/BrandonText-Medium.woff2

Requested by

Host: cdn.xilo.net
URL: https://cdn.xilo.net/xv3/css/main.m.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:a200:a:7956:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Webserver /

Resource Hash

f06b8111929406c5f4e774baa7422f19bc22ee90790975b785898a08012ed0b0

Security Headers

Name	Value
Content-Security-Policy	default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Security-Policy	default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.xilo.net/xv3/css/main.m.css
Origin: http://wearepromo.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-content-security-policy: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-security-policy: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
x-content-type-options: nosniff
date: Thu, 29 Feb 2024 11:40:37 GMT
via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache-status: HIT
x-cache: RefreshHit from cloudfront
x-via: lb01
cross-origin-resource-policy: cross-origin
content-length: 25396
alternate-protocol: 443:npn-spdy/3,443:npn-spdy/2
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 27 Dec 2019 05:05:51 GMT
server: Webserver
etag: "5e05912f-6334"
expect-ct: max-age=0, report-uri="https://xcdn.report-uri.com/r/d/ct/reportOnly"
x-frame-options: SAMEORIGIN
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://xcdn.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=604800, public, s-maxage=10
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), usb=(), interest-cohort=()
vary: Accept-Encoding
accept-ranges: bytes
x-webkit-csp: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
x-amz-cf-id: mA8huBPRz_4pemiLA3KxsC-rPSlTtYVNnrgBp9ofbFtlEzDRVLW4iQ==
expires: Thu, 07 Mar 2024 11:40:37 GMT

GET
H2 200 m.js Show response
stats.xilo.net/ 132 KB
40 KB 460ms
44ms Script
application/javascript 95.215.174.140
A4N Network Services

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.xilo.net/m.js

Requested by

Host: wearepromo.net
URL: http://wearepromo.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.215.174.140 , United Kingdom, ASN44574 (A4N Network Services, GB),

Reverse DNS

stats.custserv.net

Software

nginx /

Resource Hash

55400b5d269a14668058d4f1895bb63ef34df261359e0eb545f4c646c9f48de5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://wearepromo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 11:40:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 06 Feb 2024 11:24:26 GMT
server: nginx
content-encoding: gzip
etag: W/"65c216ea-20f4a"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
alternate-protocol: 443:npn-spdy/3,443:npn-spdy/2
expires: Sat, 30 Mar 2024 11:40:38 GMT

POST
H2 202 event Show response
stat.xilo.net/api/ 2 B
219 B 641ms
248ms XHR
text/plain 95.215.174.141
A4N Network Services

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.xilo.net/api/event
Requested by: Host: stat.xilo.net
URL: https://stat.xilo.net/js/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.215.174.141 , United Kingdom, ASN44574 (A4N Network Services, GB),
Reverse DNS: stat.custserv.net
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: http://wearepromo.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 29 Feb 2024 11:40:38 GMT
server: nginx
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 2
x-request-id: F7hSkE1v_bzTRfMBiW0h

POST
H2 204 m.php
stats.xilo.net/ 0
340 B 478ms
477ms Ping
text/plain 95.215.174.140
A4N Network Services

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.xilo.net/m.php?send_image=0&action_name=Holding%20Page%20-%20wearepromo.net&idsite=glojqojDke&rec=1&r=560337&h=11&m=40&s=38&url=http%3A%2F%2Fwearepromo.net%2F&_id=2353fd5f3b1579d4&_idn=1&&_refts=0&pv_id=bx3YDA&pf_net=70&pf_srv=550&pf_tfr=1&pf_dm1=330&uadata=%7B%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200

Requested by

Host: stats.xilo.net
URL: https://stats.xilo.net/m.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.215.174.140 , United Kingdom, ASN44574 (A4N Network Services, GB),

Reverse DNS

stats.custserv.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://wearepromo.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Thu, 29 Feb 2024 11:40:38 GMT
content-encoding: none
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
server: nginx
referrer-policy: strict-origin-when-cross-origin
vary: Origin
x-frame-options: SAMEORIGIN
access-control-allow-origin: http://wearepromo.net
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alternate-protocol: 443:npn-spdy/3,443:npn-spdy/2

GET
H2 200 configs.php Show response
stats.xilo.net/plugins/HSR/ 125 B
431 B 126ms
125ms Script
application/javascript 95.215.174.140
A4N Network Services

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.xilo.net/plugins/HSR/configs.php?idsite=glojqojDke&trackerid=cIgu3k&url=http%3A%2F%2Fwearepromo.net%2F

Requested by

Host: stats.xilo.net
URL: https://stats.xilo.net/m.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.215.174.140 , United Kingdom, ASN44574 (A4N Network Services, GB),

Reverse DNS

stats.custserv.net

Software

nginx /

Resource Hash

a8ca4b921b91f51fdf3f27954aa258c246e239d21b506a3b08458414ed8aa18d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://wearepromo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 11:40:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cross-origin-resource-policy: cross-origin
alternate-protocol: 443:npn-spdy/3,443:npn-spdy/2

GET
H2 200 main.m.css Show response
cdn.xilo.net/xv3/css/ 718 KB
68 KB 59ms
59ms XHR
text/css 2600:9000:223c:a200:a:7956:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.xilo.net/xv3/css/main.m.css

Requested by

Host: stats.xilo.net
URL: https://stats.xilo.net/m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:a200:a:7956:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Webserver /

Resource Hash

6f6e7cf8b78e6f8320ae40d5800551d77b8120a0b9b88c65cc8780a86dd2c5c9

Security Headers

Name	Value
Content-Security-Policy	default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Security-Policy	default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://wearepromo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-content-security-policy: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-security-policy: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
x-content-type-options: nosniff
date: Mon, 26 Feb 2024 07:33:04 GMT
x-original-content-length: 738091
content-encoding: gzip
x-amz-cf-pop: FRA56-P2
x-cache-status: STALE
via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-via: lb01
age: 274054
cross-origin-resource-policy: cross-origin
content-length: 68131
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: Webserver
etag: W/"PSA-aj-tVBFsauLnn"
expect-ct: max-age=0, report-uri="https://xcdn.report-uri.com/r/d/ct/reportOnly"
x-frame-options: SAMEORIGIN
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://xcdn.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=602084, public
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), usb=(), interest-cohort=()
vary: Accept-Encoding
x-webkit-csp: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
x-amz-cf-id: 7Bp59N8qDrkuGtjoLDv8RGcdcP6HJ0tfs_DUDUceBMJW_gXOMt8taA==
expires: Mon, 04 Mar 2024 06:47:49 GMT

GET
H2 200 animate.m.css Show response
cdn.xilo.net/xv3/css/ 60 KB
5 KB 82ms
82ms XHR
text/css 2600:9000:223c:a200:a:7956:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.xilo.net/xv3/css/animate.m.css

Requested by

Host: stats.xilo.net
URL: https://stats.xilo.net/m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:a200:a:7956:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Webserver /

Resource Hash

c56c1b88de91b214568b7bb434bd528dc458b5efa864a8b229173f5388f2066e

Security Headers

Name	Value
Content-Security-Policy	default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Security-Policy	default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://wearepromo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-content-security-policy: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-security-policy: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
x-content-type-options: nosniff
date: Mon, 26 Feb 2024 04:06:26 GMT
x-original-content-length: 61274
content-encoding: gzip
x-amz-cf-pop: FRA56-P2
x-cache-status: STALE
via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-via: lb01
age: 286452
cross-origin-resource-policy: cross-origin
content-length: 4028
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: Webserver
etag: W/"PSA-aj-FD6EFYlTC8"
expect-ct: max-age=0, report-uri="https://xcdn.report-uri.com/r/d/ct/reportOnly"
x-frame-options: SAMEORIGIN
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://xcdn.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=599191, public
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), usb=(), interest-cohort=()
vary: Accept-Encoding
x-webkit-csp: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
x-amz-cf-id: CrYJPRtuixIwUUpQHoVpOx0h4t00H6Vi_0NM9igS8hq4C46TtJVWng==
expires: Mon, 04 Mar 2024 02:32:58 GMT

GET
H2 200 slick.m.css Show response
cdn.xilo.net/xv3/css/ 1 KB
2 KB 83ms
83ms XHR
text/css 2600:9000:223c:a200:a:7956:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.xilo.net/xv3/css/slick.m.css

Requested by

Host: stats.xilo.net
URL: https://stats.xilo.net/m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:a200:a:7956:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Webserver /

Resource Hash

3a13842a583e6e6a0fc3032fb9ca288322effc1a96dc1dfbec4698bd67b49c39

Security Headers

Name	Value
Content-Security-Policy	default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Security-Policy	default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://wearepromo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-content-security-policy: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-security-policy: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
x-content-type-options: nosniff
date: Mon, 19 Feb 2024 05:46:04 GMT
x-original-content-length: 1329
content-encoding: gzip
x-amz-cf-pop: FRA56-P2
x-cache-status: MISS
via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-via: lb01
age: 349920
cross-origin-resource-policy: cross-origin
content-length: 487
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 21 Feb 2020 16:01:37 GMT
server: Webserver
etag: W/"5e4ffee1-531"
expect-ct: max-age=0, report-uri="https://xcdn.report-uri.com/r/d/ct/reportOnly"
x-frame-options: SAMEORIGIN
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://xcdn.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800, public
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), usb=(), interest-cohort=()
vary: Accept-Encoding
x-webkit-csp: default-src *; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
x-amz-cf-id: Hn7l5AbS7UsNtI4U9-Ay2L6GU_OHry8wxmTYq-f5M98yDuf53oCDhg==
expires: Mon, 26 Feb 2024 05:46:04 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			wearepromo.net/	1970-01-21 04:12:42	Name: _pk_id.glojqojDke.4d80 Value: 2353fd5f3b1579d4.1709206838.
			wearepromo.net/	1970-01-20 18:46:48	Name: _pk_ses.glojqojDke.4d80 Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security	error	URL: http://wearepromo.net/ Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
other	error	URL: http://wearepromo.net/ Message: The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.xilo.net; object-src 'none'; style-src 'self' data: 'unsafe-inline' https://.xilo.net; img-src 'self' blob: data: https://.xilo.net; media-src 'self' data: https://.xilo.net; frame-src ; font-src ; form-action 'self' https://.xilo.net; connect-src 'self' https://.xilo.net; prefetch-src 'self' https://.xilo.net; manifest-src 'self' https://.xilo.net; frame-ancestors 'self'; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
X-Content-Security-Policy	default-src 'none'; base-uri 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.xilo.net; object-src 'none'; style-src 'self' data: 'unsafe-inline' https://.xilo.net; img-src 'self' blob: data: https://.xilo.net; media-src 'self' data: https://.xilo.net; frame-src ; font-src ; form-action 'self' https://.xilo.net; connect-src 'self' https://.xilo.net; prefetch-src 'self' https://.xilo.net; manifest-src 'self' https://.xilo.net; frame-ancestors 'self'; report-uri https://xcdn.report-uri.com/r/d/csp/enforce
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.xilo.net
stat.xilo.net
stats.xilo.net
wearepromo.net
2600:9000:223c:a200:a:7956:6e80:93a1
91.199.78.231
95.215.174.140
95.215.174.141
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
076f188d6707d832f4f2a9b974cd000c9ca480d4b32b361823e883fe2fa605be
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3a13842a583e6e6a0fc3032fb9ca288322effc1a96dc1dfbec4698bd67b49c39
4dfb99872b53d5095e167e40092c1fa40fa263986c7cd6d9823de699863be86e
55400b5d269a14668058d4f1895bb63ef34df261359e0eb545f4c646c9f48de5
6f6e7cf8b78e6f8320ae40d5800551d77b8120a0b9b88c65cc8780a86dd2c5c9
81076ec47d61ce34dc82f348c7b33edc81abd325380ea3b6431182ab16b26100
a8ca4b921b91f51fdf3f27954aa258c246e239d21b506a3b08458414ed8aa18d
c56c1b88de91b214568b7bb434bd528dc458b5efa864a8b229173f5388f2066e
d9107df6b6a2af8e68c66f8f304ddb3037ed68a0f955df86224359ab05708540
e356dfc84595fe09edde725c1606ed13189b4b35be71b0bfa535a70377448200
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f06b8111929406c5f4e774baa7422f19bc22ee90790975b785898a08012ed0b0

wearepromo.net Open in urlscan Pro 91.199.78.231 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

17 Requests

94 %HTTPS

25 %IPv6

2 Domains

4 Subdomains

4 IPs

2 Countries

278 kBTransfer

1777 kBSize

2 Cookies

5 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

2 Cookies

3 Console Messages

Security Headers

Indicators

wearepromo.net Open in urlscan Pro
91.199.78.231 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

94 %
HTTPS

25 %
IPv6

2
Domains

4
Subdomains

4
IPs

2
Countries

278 kB
Transfer

1777 kB
Size

2
Cookies

17 HTTP transactions
0 data transactions