urlscan.io logo urlscan.io
SecurityTrails logo

freshpromocode.warmupguy.com Open in urlscan Pro
104.200.73.33  Public Scan

Go To Rescan Add Verdict Report
URL: https://freshpromocode.warmupguy.com/
Submission: On November 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 19 HTTP transactions. The main IP is 104.200.73.33, located in United States and belongs to ASN-QUADRANET-GLOBAL, US. The main domain is freshpromocode.warmupguy.com.
TLS certificate: Issued by R11 on November 29th 2024. Valid for: 3 months.
This is the only time freshpromocode.warmupguy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.200.73.33 8100 (ASN-QUADR...)
12 2600:9000:20a... 16509 (AMAZON-02)
2 3.160.150.112 16509 (AMAZON-02)
2 216.58.206.35 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 142.250.186.100 15169 (GOOGLE)
19 6
1    104.200.73.33 (United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)
freshpromocode.warmupguy.com
12    2600:9000:20ae:bc00:d:ada1:a280:93a1 (United States)

ASN16509 (AMAZON-02, US)
framerusercontent.com
2    3.160.150.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-112.fra60.r.cloudfront.net
events.framer.com
2    216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f3.1e100.net
fonts.gstatic.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.google.com
2    142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
12 framerusercontent.com
framerusercontent.com — Cisco Umbrella Rank: 25787
446 KB
4 google.com
maps.google.com — Cisco Umbrella Rank: 2863
www.google.com — Cisco Umbrella Rank: 3
268 B
2 gstatic.com
fonts.gstatic.com
31 KB
2 framer.com
events.framer.com — Cisco Umbrella Rank: 40059
7 KB
1 warmupguy.com
freshpromocode.warmupguy.com
13 KB
19 5
Domain Requested by
12 framerusercontent.com freshpromocode.warmupguy.com
2 www.google.com freshpromocode.warmupguy.com
2 maps.google.com 2 redirects
2 fonts.gstatic.com freshpromocode.warmupguy.com
2 events.framer.com freshpromocode.warmupguy.com
events.framer.com
1 freshpromocode.warmupguy.com
19 6

This site contains no links.

Subject Issuer Validity Valid
freshpromocode.warmupguy.com
R11		 2024-11-29 -
2025-02-27		 3 months crt.sh
framerusercontent.com
Amazon RSA 2048 M03		 2024-11-16 -
2025-12-14		 a year crt.sh
events.framer.com
Amazon RSA 2048 M03		 2024-04-09 -
2025-05-07		 a year crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://freshpromocode.warmupguy.com/
Frame ID: BA770556F709B3F0E12C29CAF90820B2
Requests: 24 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1s37.7749,122.4194!6i18
Frame ID: 5A347CE983E0F609D2A9C0B9CF4FF368
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1s37.7749,122.4194!6i18
Frame ID: C076E0EA1B285E3E46FDD20C55BFB901
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Coupons & Promo Codes

Page Statistics

19
Requests

100 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

497 kB
Transfer

1110 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://maps.google.com/maps?q=37.7749,122.4194&z=18&output=embed HTTP 301
  • https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1s37.7749,122.4194!6i18
Request Chain 11
  • https://maps.google.com/maps?q=37.7749,122.4194&z=18&output=embed HTTP 301
  • https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1s37.7749,122.4194!6i18

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
freshpromocode.warmupguy.com/ 		109 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://freshpromocode.warmupguy.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.200.73.33 , United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software
Apache/2.4.59 (Debian) /
Resource Hash
138d61cc8e0a2586da6564b23aea5fba5723b445e7cd811ea02cd0bea37df421

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
12636
Content-Type
text/html; charset=UTF-8
Date
Fri, 29 Nov 2024 16:28:24 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.59 (Debian)
Vary
Accept-Encoding
chunk-ZKF2QIGM.mjs
framerusercontent.com/sites/54gkxpKs2NviobRz54wLJ8/ 		644 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/54gkxpKs2NviobRz54wLJ8/chunk-ZKF2QIGM.mjs
Requested by
Host: freshpromocode.warmupguy.com
URL: https://freshpromocode.warmupguy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:bc00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
a6c00d803f2ae1d51fcbc775a1c0b0cf0fc783601d8130525e6707a17b72b1d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://freshpromocode.warmupguy.com
Referer
https://freshpromocode.warmupguy.com/

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"dbda816a1e74d9c0fef225211e5b1b40"
x-amz-version-id
RhqeE3T5E7RVURESqe1xEL0T4BmMXPGK
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
696MShdFPzPyPnIHsOtqDK_8L-7xJBsci0mPBxdWnQGi5ZzgxJNsVg==
date
Fri, 29 Nov 2024 16:28:26 GMT
content-type
text/javascript
last-modified
Thu, 28 Nov 2024 09:48:43 GMT
vary
Accept-Encoding,Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-upstream-layer;desc="REC",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=274,cdn-upstream-fbl;dur=499,cdn-cache-miss,cdn-pop;desc="MUC50-P5",cdn-rid;desc="696MShdFPzPyPnIHsOtqDK_8L-7xJBsci0mPBxdWnQGi5ZzgxJNsVg==",cdn-downstream-fbl;dur=542
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 f9e9a2e2a630392daf40b42b49debe88.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-JR5VT52U.mjs
framerusercontent.com/sites/54gkxpKs2NviobRz54wLJ8/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/54gkxpKs2NviobRz54wLJ8/chunk-JR5VT52U.mjs
Requested by
Host: freshpromocode.warmupguy.com
URL: https://freshpromocode.warmupguy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:bc00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
8b91ee4af78a9558d2bbbc889b190d7c47647405fabc8ae5be1c014d6c938228
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://freshpromocode.warmupguy.com
Referer
https://freshpromocode.warmupguy.com/

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"8dc2caa5dfa40c0964a44a081b0b17d9"
x-amz-version-id
1iR0YZ2ck4JYmIXPmz99BhBprlC6UYNA
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
_8xMFES7yrhxiO42zxHUPAqO24POUgMFRnSK8SIe1R3BnO8oWAz3IA==
date
Fri, 29 Nov 2024 16:28:26 GMT
content-type
text/javascript
last-modified
Thu, 28 Nov 2024 09:48:43 GMT
vary
Accept-Encoding,Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-upstream-layer;desc="REC",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=278,cdn-upstream-fbl;dur=445,cdn-cache-miss,cdn-pop;desc="MUC50-P5",cdn-rid;desc="_8xMFES7yrhxiO42zxHUPAqO24POUgMFRnSK8SIe1R3BnO8oWAz3IA==",cdn-downstream-fbl;dur=481
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 f9e9a2e2a630392daf40b42b49debe88.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-RIUMFBNJ.mjs
framerusercontent.com/sites/54gkxpKs2NviobRz54wLJ8/ 		447 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/54gkxpKs2NviobRz54wLJ8/chunk-RIUMFBNJ.mjs
Requested by
Host: freshpromocode.warmupguy.com
URL: https://freshpromocode.warmupguy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:bc00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
a9428e5e5f6c5ede3339114a8be6230e2cc39a2190d03f1092ae93bdaf556891
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://freshpromocode.warmupguy.com
Referer
https://freshpromocode.warmupguy.com/

Response headers

access-control-max-age
0
etag
"30ed32fa3444df726bb60d89113cf478"
x-amz-version-id
2L6CqIv7cKZWqGLeeo1Cqhh1khLtQ2h6
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
Bj95_w_sjzRjWgUW9przsp9mUUrNBFbKp8soslmKXGkwWO_fTb6euA==
date
Fri, 29 Nov 2024 16:28:26 GMT
content-type
text/javascript
last-modified
Thu, 28 Nov 2024 09:48:43 GMT
vary
Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-upstream-layer;desc="REC",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=272,cdn-upstream-fbl;dur=408,cdn-cache-miss,cdn-pop;desc="MUC50-P5",cdn-rid;desc="Bj95_w_sjzRjWgUW9przsp9mUUrNBFbKp8soslmKXGkwWO_fTb6euA==",cdn-downstream-fbl;dur=441
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 f9e9a2e2a630392daf40b42b49debe88.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
447
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
W_s_F4Wrj4r5Ro13Qli_X-mdm_MpJJs0R49jb7MKfEA.32QGIUL4.mjs
framerusercontent.com/sites/54gkxpKs2NviobRz54wLJ8/ 		57 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/54gkxpKs2NviobRz54wLJ8/W_s_F4Wrj4r5Ro13Qli_X-mdm_MpJJs0R49jb7MKfEA.32QGIUL4.mjs
Requested by
Host: freshpromocode.warmupguy.com
URL: https://freshpromocode.warmupguy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:bc00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
83be79a390deac89bc28b0b9f8450ea3b6ab94e54fe49a55777ca7c7070dcc94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://freshpromocode.warmupguy.com
Referer
https://freshpromocode.warmupguy.com/

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"89a9d7e9e8605e056cf410fdc765cc7a"
x-amz-version-id
uLSsORwXzXLlAco20ccZA1SKA5fBx_ue
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
2Ny4bP_C3jjGIXXjM0oS85jKSv2ZahPKYMTlKp49ibgOnniyp4YcOQ==
date
Fri, 29 Nov 2024 16:28:26 GMT
content-type
text/javascript
last-modified
Thu, 28 Nov 2024 09:48:43 GMT
vary
Accept-Encoding,Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-upstream-layer;desc="REC",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=273,cdn-upstream-fbl;dur=428,cdn-cache-miss,cdn-pop;desc="MUC50-P5",cdn-rid;desc="2Ny4bP_C3jjGIXXjM0oS85jKSv2ZahPKYMTlKp49ibgOnniyp4YcOQ==",cdn-downstream-fbl;dur=461
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 f9e9a2e2a630392daf40b42b49debe88.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-EU5OMVJT.mjs
framerusercontent.com/sites/54gkxpKs2NviobRz54wLJ8/ 		754 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/54gkxpKs2NviobRz54wLJ8/chunk-EU5OMVJT.mjs
Requested by
Host: freshpromocode.warmupguy.com
URL: https://freshpromocode.warmupguy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:bc00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
c33cb220fbdfcc5ce863c6020e52979c4b05975daf5ac5d213aca2323dbc0e01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://freshpromocode.warmupguy.com
Referer
https://freshpromocode.warmupguy.com/

Response headers

access-control-max-age
0
etag
"12ee7d2d331f5f2dc15e5c7801521738"
x-amz-version-id
BM6iZWShzjVPjwIohqG8XS.MSPdFWyOn
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
PeeMsoVZdO_Bl8_2mYUbx4QtXul5VczoxZFi2drQyiSQ6HjQ0D5LhQ==
date
Fri, 29 Nov 2024 16:28:26 GMT
content-type
text/javascript
last-modified
Thu, 28 Nov 2024 09:48:43 GMT
vary
Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-upstream-layer;desc="REC",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=276,cdn-upstream-fbl;dur=434,cdn-cache-miss,cdn-pop;desc="MUC50-P5",cdn-rid;desc="PeeMsoVZdO_Bl8_2mYUbx4QtXul5VczoxZFi2drQyiSQ6HjQ0D5LhQ==",cdn-downstream-fbl;dur=460
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 f9e9a2e2a630392daf40b42b49debe88.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
754
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-42U43NKG.mjs
framerusercontent.com/sites/54gkxpKs2NviobRz54wLJ8/ 		44 B
1004 B 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/54gkxpKs2NviobRz54wLJ8/chunk-42U43NKG.mjs
Requested by
Host: freshpromocode.warmupguy.com
URL: https://freshpromocode.warmupguy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:bc00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
7b2faec4335de81abbf1ebf794f91a4f2b870b317093448b84082b5f411c741c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://freshpromocode.warmupguy.com
Referer
https://freshpromocode.warmupguy.com/

Response headers

access-control-max-age
0
etag
"f5fe0cab78140e0e5aa29f68ce8c2888"
x-amz-version-id
dtaq8fqk8rzFGaN2xSRgTlxsQQm8wNBz
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
UxK81zXDZ2dvgTUh8TKPJ4JM3dvxM7Mql9S73MotGKlR4BlZqtqtvQ==
date
Fri, 29 Nov 2024 16:28:26 GMT
content-type
text/javascript
last-modified
Thu, 28 Nov 2024 09:48:43 GMT
vary
Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-upstream-layer;desc="REC",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=274,cdn-upstream-fbl;dur=392,cdn-cache-miss,cdn-pop;desc="MUC50-P5",cdn-rid;desc="UxK81zXDZ2dvgTUh8TKPJ4JM3dvxM7Mql9S73MotGKlR4BlZqtqtvQ==",cdn-downstream-fbl;dur=428
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 f9e9a2e2a630392daf40b42b49debe88.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
44
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
script_main.EUWGV7NU.mjs
framerusercontent.com/sites/54gkxpKs2NviobRz54wLJ8/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/54gkxpKs2NviobRz54wLJ8/script_main.EUWGV7NU.mjs
Requested by
Host: freshpromocode.warmupguy.com
URL: https://freshpromocode.warmupguy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:bc00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
d7eaaa2eb82195c7a15e081ffe8b2e2d76c9a649f8a8ec806a9ff48303e8828c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://freshpromocode.warmupguy.com
Referer
https://freshpromocode.warmupguy.com/

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"713b909fc006accfaa4750113bb140f3"
x-amz-version-id
DX9ET7RRNXXpu.2z3M_i1ehF8lDQBHUd
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
AAe6lcTvTOE9_B8WFNK8Yt0jIplrYV4DnnmepnudQFs257tSnst35w==
date
Fri, 29 Nov 2024 16:28:26 GMT
content-type
text/javascript
last-modified
Thu, 28 Nov 2024 09:48:43 GMT
vary
Accept-Encoding,Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-upstream-layer;desc="REC",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=277,cdn-upstream-fbl;dur=452,cdn-cache-miss,cdn-pop;desc="MUC50-P5",cdn-rid;desc="AAe6lcTvTOE9_B8WFNK8Yt0jIplrYV4DnnmepnudQFs257tSnst35w==",cdn-downstream-fbl;dur=479
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 f9e9a2e2a630392daf40b42b49debe88.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
script
events.framer.com/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/script
Requested by
Host: freshpromocode.warmupguy.com
URL: https://freshpromocode.warmupguy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-112.fra60.r.cloudfront.net
Software
/
Resource Hash
89e61318afc569842f98ccd196ff7cfbb36ec69bad3af935dd5c7149b494fde4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freshpromocode.warmupguy.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amzn-remapped-content-length
18177
timestamp
Fri, 29 Nov 2024 16:28:17 GMT
content-encoding
gzip
x-amz-apigw-id
CBHChH9EoAMELmg=
x-amzn-trace-id
Root=1-6749eba9-50225d8646b3225233477c8e
x-amzn-requestid
27044cfd-ca0f-4179-85d5-b95472ba0ebb
via
1.1 fa6ccc8f7e7d948277c6904aeb2ae7a2.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
6204
x-amz-cf-id
niQcDzX68SJH8RS6nBSa3v3LIJKs8i3sASu5AK4cmHMau6C0JcHHaw==
date
Fri, 29 Nov 2024 16:28:25 GMT
content-type
text/javascript
x-amz-cf-pop
FRA60-P7
2V08KIcADoYhV6w87xrTKjs4CYElh_VS9YA4TlTnQzaVMIE6j15dYY1qu_6RBb8.woff2
fonts.gstatic.com/s/martianmono/v3/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/martianmono/v3/2V08KIcADoYhV6w87xrTKjs4CYElh_VS9YA4TlTnQzaVMIE6j15dYY1qu_6RBb8.woff2
Requested by
Host: freshpromocode.warmupguy.com
URL: https://freshpromocode.warmupguy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f3.1e100.net
Software
sffe /
Resource Hash
2cc6314007f35ea2cbcb833562cc7fa453713900990e53809db542f3cdbef915
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://freshpromocode.warmupguy.com
Referer
https://freshpromocode.warmupguy.com/

Response headers

age
170036
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 27 Nov 2025 17:14:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 17:14:29 GMT
last-modified
Thu, 23 Feb 2023 18:17:16 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
9100
x-xss-protection
0
server
sffe
XLYkIZL7aopJVbZJHDuoOulH.woff2
fonts.gstatic.com/s/limelight/v19/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/limelight/v19/XLYkIZL7aopJVbZJHDuoOulH.woff2
Requested by
Host: freshpromocode.warmupguy.com
URL: https://freshpromocode.warmupguy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f3.1e100.net
Software
sffe /
Resource Hash
ba3e86ecc0e1ce145784f4eb7fb593af683e88568336ea2ae9c26a486ffe0dfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://freshpromocode.warmupguy.com
Referer
https://freshpromocode.warmupguy.com/

Response headers

age
323473
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 25 Nov 2025 22:37:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 22:37:12 GMT
last-modified
Thu, 24 Aug 2023 20:56:34 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23080
x-xss-protection
0
server
sffe
embed
www.google.com/maps/ Frame 5A34
Redirect Chain
  • https://maps.google.com/maps?q=37.7749,122.4194&z=18&output=embed
  • https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1s37.7749,122.4194!6i18
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1s37.7749,122.4194!6i18
Requested by
Host: freshpromocode.warmupguy.com
URL: https://freshpromocode.warmupguy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-UddCo4kgaFsqTdBdpBzaEw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://freshpromocode.warmupguy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
907
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-UddCo4kgaFsqTdBdpBzaEw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type
text/html; charset=UTF-8
date
Fri, 29 Nov 2024 16:28:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
scaffolding on HTTPServer2
vary
Accept-Language Origin X-Origin Referer
x-content-type-options
nosniff
x-robots-tag
noindex,nofollow
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 29 Nov 2024 16:28:25 GMT
location
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1s37.7749,122.4194!6i18
server
scaffolding on HTTPServer2
vary
Origin X-Origin Referer
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
embed
www.google.com/maps/ Frame C076
Redirect Chain
  • https://maps.google.com/maps?q=37.7749,122.4194&z=18&output=embed
  • https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1s37.7749,122.4194!6i18
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1s37.7749,122.4194!6i18
Requested by
Host: freshpromocode.warmupguy.com
URL: https://freshpromocode.warmupguy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-8FYBsgMxd3xWiuLEZXrkAQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://freshpromocode.warmupguy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
908
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-8FYBsgMxd3xWiuLEZXrkAQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type
text/html; charset=UTF-8
date
Fri, 29 Nov 2024 16:28:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
scaffolding on HTTPServer2
vary
Accept-Language Origin X-Origin Referer
x-content-type-options
nosniff
x-robots-tag
noindex,nofollow
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 29 Nov 2024 16:28:25 GMT
location
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1s37.7749,122.4194!6i18
server
scaffolding on HTTPServer2
vary
Origin X-Origin Referer
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GwNRdWKo1mqpoZjCM8gNp0aKD5w.jpg
framerusercontent.com/images/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/GwNRdWKo1mqpoZjCM8gNp0aKD5w.jpg?scale-down-to=1024
Requested by
Host: freshpromocode.warmupguy.com
URL: https://freshpromocode.warmupguy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:bc00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5a357eea5e0c4038b208e4dd3f361defc13875bc3049566873e1c37dcfebd1a8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freshpromocode.warmupguy.com/

Response headers

etag
"9f29666882475e7b567dceb66ea12c70"
age
1667266
x-content-type-options
nosniff
x-amzn-requestid
79ba81a6-6f20-4e99-b419-cc60db2644bc
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
WsvhG0r2b5J2sptLrVBEfhzGCgje7Yg_Xj1k3FgrzUuxeMwnDsiX6Q==
date
Sun, 10 Nov 2024 09:20:39 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="WsvhG0r2b5J2sptLrVBEfhzGCgje7Yg_Xj1k3FgrzUuxeMwnDsiX6Q==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=10
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-67307ae3-3d15946370959469498318ab;Parent=13e6e8fac71b66ef;Sampled=0;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 e3d75b6784ddc24c20248c83cdbce544.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
STAaD6YusWIkS3PQpeRJmO2ERGc.jpg
framerusercontent.com/images/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/STAaD6YusWIkS3PQpeRJmO2ERGc.jpg?scale-down-to=1024
Requested by
Host: freshpromocode.warmupguy.com
URL: https://freshpromocode.warmupguy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:bc00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
76e0ab24aecb9244a546d9b20e5846b72c77676c99fe8ba49dd989924860a9d7
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freshpromocode.warmupguy.com/

Response headers

etag
"eb2a888b65e10106f4a2699d9c49415b"
age
1349538
x-content-type-options
nosniff
x-amzn-requestid
078fa2ba-37d8-4a11-b501-dac2be1a0e83
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
3KJ9al0BETx0-f337iQ_fkhj6D_pyvV8HM4UG7vFntfzd6kAXL7PIg==
date
Thu, 14 Nov 2024 01:36:07 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="3KJ9al0BETx0-f337iQ_fkhj6D_pyvV8HM4UG7vFntfzd6kAXL7PIg==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=11
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-67355405-1da3a16b25e4ddb57fa56190;Sampled=1;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 e3d75b6784ddc24c20248c83cdbce544.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
XmIbQkPM27qGNUoGz1Fz9jmou2M.jpg
framerusercontent.com/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/XmIbQkPM27qGNUoGz1Fz9jmou2M.jpg?scale-down-to=1024
Requested by
Host: freshpromocode.warmupguy.com
URL: https://freshpromocode.warmupguy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:bc00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
00cf586e2ddb1525c60b81b217262d08b8b86f14fa73cdaa63487a6b429f6b61
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freshpromocode.warmupguy.com/

Response headers

etag
"a58931ae46d5c677cb76db86cf131496"
age
551684
x-content-type-options
nosniff
x-amzn-requestid
8c647de7-e38d-4df2-ae3a-699ce7c11da3
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
pX1OplJ82OltHX6NeLudnXY-IDNGTX6_nMexpP0bgQcBWcmT0ssvKg==
date
Sat, 23 Nov 2024 07:13:41 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="pX1OplJ82OltHX6NeLudnXY-IDNGTX6_nMexpP0bgQcBWcmT0ssvKg==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=24
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-674180a0-029650c94ea118620b66bd4d;Sampled=1;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 e3d75b6784ddc24c20248c83cdbce544.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
iDmUzjlGerMVwLRBJjN9gk3XvVg.jpg
framerusercontent.com/images/ 		124 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/iDmUzjlGerMVwLRBJjN9gk3XvVg.jpg?scale-down-to=1024
Requested by
Host: freshpromocode.warmupguy.com
URL: https://freshpromocode.warmupguy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:bc00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
dcb49db23b57f6a76474a681dd39df68b94614e0539aea748600c3d961679619
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freshpromocode.warmupguy.com/

Response headers

etag
"3adccc4ac3a03cc3c9402967342d1a08"
age
6546565
x-content-type-options
nosniff
x-amzn-requestid
622273aa-f26e-403e-8051-26a788c503a2
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
lgY5sp6KsjAzaSyucJH6kCy53GvidmOtQS7QXErrLs9zYeYIF-btVg==
date
Sat, 14 Sep 2024 21:59:00 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="lgY5sp6KsjAzaSyucJH6kCy53GvidmOtQS7QXErrLs9zYeYIF-btVg==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=10
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
root=1-66e60721-03f7ac0954bb0c5522c9ed87;sampled=1;lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 e3d75b6784ddc24c20248c83cdbce544.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
truncated
/ 		270 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
acbc491377a38e07a5b9312ab3fbbcc02b309cffe17e36ed6ed5f2a8c1b71005

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		270 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
610ab1489329f431142a85e72930e87269e2bbf782146091e5dc081dfb06bec3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		270 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63cdc7bc6bc3d6894243a7b671f8843d38981c8ce827e49201239cb0d6792988

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		859 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d46dee71447b6be359c351c8f5e5b8ab05f8293f4ee9d7d18b369386e4ce633

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		801 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6ea10bbb49abeb8e7002e013e52642400c226fe000dbc131990d1dc97c49e76

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ebdaf6a33f0f5d6e5e0eed37d9842a8ac6051918c591af4197ae2a5dd8c44b1c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		712 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f06cca639c011b63f8fdea96200702a1bf1a495a46112a9fed5c52d8de1d34b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
anonymous
events.framer.com/ 		0
378 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/anonymous
Requested by
Host: events.framer.com
URL: https://events.framer.com/script
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-112.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://freshpromocode.warmupguy.com/

Response headers

x-amz-apigw-id
CBHCiEPboAMEmWQ=
x-amzn-trace-id
Root=1-6749eba9-3400b78d4a2f73950d3c0bde;Parent=233eed0c19191a27;Sampled=0;Lineage=1:c457ad49:0
x-amzn-requestid
f3c2c075-4d19-44d1-9ca2-8b46883a0258
via
1.1 fa6ccc8f7e7d948277c6904aeb2ae7a2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
Tw2LwVnT6M7gHnYA5rWO3ye6MBFudWeq1Kr63d8CB-jrI-_npsHIfQ==
date
Fri, 29 Nov 2024 16:28:25 GMT
content-type
application/json
x-amz-cf-pop
FRA60-P7
default-favicon-light.v1.png
framerusercontent.com/sites/icons/ 		223 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/icons/default-favicon-light.v1.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:bc00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
a8c604f5780004055234eb042141127c52abe99560f73a8f68395bff99c38ec4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freshpromocode.warmupguy.com/

Response headers

etag
"810193ede98443698ba6b54575e9cf3c"
x-amz-version-id
dgbvKJ9XpmzIkVgas8SCOAM0nMV709at
age
6130695
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
4hzi_N_mTz-_0CSFXo-6_oNLMpVI_R08CIRqoYgLMBtAWprPmNa4HQ==
date
Thu, 19 Sep 2024 17:30:12 GMT
content-type
image/png
last-modified
Mon, 09 Sep 2024 13:55:53 GMT
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="4hzi_N_mTz-_0CSFXo-6_oNLMpVI_R08CIRqoYgLMBtAWprPmNa4HQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 e3d75b6784ddc24c20248c83cdbce544.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
223
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| __framer_onRewriteBreakpoints function| __send_framer_event object| __framer_events

3 Cookies

Domain/Path Name / Value
freshpromocode.warmupguy.com/ Name: PHPSESSID
Value: 8serusp5hctavmeut7fks4oftb
.freshpromocode.warmupguy.com/ Name: _subid
Value: 32q3qalig63
.freshpromocode.warmupguy.com/ Name: 3d444
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wiY2FtcGFpZ25zXCI6e1wiNzEyXCI6MTczMjg5NzcwNX0sXCJ0aW1lXCI6MTczMjg5NzcwNX0ifQ.eiIjSaxY_NwSXESi6HCC4KBJHQg6dh8TNg8KZjKaHmo

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

events.framer.com
fonts.gstatic.com
framerusercontent.com
freshpromocode.warmupguy.com
maps.google.com
www.google.com
104.200.73.33
142.250.186.100
216.58.206.35
2600:9000:20ae:bc00:d:ada1:a280:93a1
2a00:1450:4001:831::200e
3.160.150.112
00cf586e2ddb1525c60b81b217262d08b8b86f14fa73cdaa63487a6b429f6b61
138d61cc8e0a2586da6564b23aea5fba5723b445e7cd811ea02cd0bea37df421
2cc6314007f35ea2cbcb833562cc7fa453713900990e53809db542f3cdbef915
2d46dee71447b6be359c351c8f5e5b8ab05f8293f4ee9d7d18b369386e4ce633
5a357eea5e0c4038b208e4dd3f361defc13875bc3049566873e1c37dcfebd1a8
610ab1489329f431142a85e72930e87269e2bbf782146091e5dc081dfb06bec3
63cdc7bc6bc3d6894243a7b671f8843d38981c8ce827e49201239cb0d6792988
76e0ab24aecb9244a546d9b20e5846b72c77676c99fe8ba49dd989924860a9d7
7b2faec4335de81abbf1ebf794f91a4f2b870b317093448b84082b5f411c741c
83be79a390deac89bc28b0b9f8450ea3b6ab94e54fe49a55777ca7c7070dcc94
89e61318afc569842f98ccd196ff7cfbb36ec69bad3af935dd5c7149b494fde4
8b91ee4af78a9558d2bbbc889b190d7c47647405fabc8ae5be1c014d6c938228
a6c00d803f2ae1d51fcbc775a1c0b0cf0fc783601d8130525e6707a17b72b1d1
a8c604f5780004055234eb042141127c52abe99560f73a8f68395bff99c38ec4
a9428e5e5f6c5ede3339114a8be6230e2cc39a2190d03f1092ae93bdaf556891
acbc491377a38e07a5b9312ab3fbbcc02b309cffe17e36ed6ed5f2a8c1b71005
ba3e86ecc0e1ce145784f4eb7fb593af683e88568336ea2ae9c26a486ffe0dfc
c33cb220fbdfcc5ce863c6020e52979c4b05975daf5ac5d213aca2323dbc0e01
c6ea10bbb49abeb8e7002e013e52642400c226fe000dbc131990d1dc97c49e76
d7eaaa2eb82195c7a15e081ffe8b2e2d76c9a649f8a8ec806a9ff48303e8828c
dcb49db23b57f6a76474a681dd39df68b94614e0539aea748600c3d961679619
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebdaf6a33f0f5d6e5e0eed37d9842a8ac6051918c591af4197ae2a5dd8c44b1c
f06cca639c011b63f8fdea96200702a1bf1a495a46112a9fed5c52d8de1d34b4