rl-promos.com Open in urlscan Pro
95.181.157.84 Public Scan

URL:
https://rl-promos.com/
Submission: On August 08 via manual (August 8th 2021, 12:01:37 pm UTC) from DE

Summary HTTP 21 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 21 HTTP transactions. The main IP is 95.181.157.84, located in Russian Federation and belongs to MSKHOST, RU. The main domain is rl-promos.com.
TLS certificate: Issued by R3 on August 8th 2021. Valid for: 3 months.

This is the only time rl-promos.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 11	95.181.157.84 95.181.157.84	211390 (MSKHOST) (MSKHOST)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
5	2.16.107.25 2.16.107.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:ab00:110... 2a00:ab00:1103:7::7	49505 (SELECTEL) (SELECTEL)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:47a6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.79.145.15 23.79.145.15	16625 (AKAMAI-AS) (AKAMAI-AS)
21	8

11 95.181.157.84 (Russian Federation) 2 redirects

ASN211390 (MSKHOST, RU)
PTR: reverse.proxy

rl-promos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.16.107.25 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-25.deploy.static.akamaitechnologies.com

cdn.akamai.steamstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:ab00:1103:7::7 (Russian Federation)

ASN49505 (SELECTEL, RU)

kikimoraki.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:47a6 (United States)

ASN13335 (CLOUDFLARENET, US)

img.rl.insider.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.79.145.15 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-145-15.deploy.static.akamaitechnologies.com

steamcommunity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	rl-promos.com 2 redirects rl-promos.com	942 KB
5	steamstatic.com cdn.akamai.steamstatic.com	54 KB
2	gstatic.com fonts.gstatic.com	34 KB
2	googleapis.com fonts.googleapis.com	1 KB
1	steamcommunity.com steamcommunity.com	38 KB
1	insider.gg img.rl.insider.gg	5 KB
1	kikimoraki.ru kikimoraki.ru	50 KB
21	7

	Domain	Requested by
11	rl-promos.com	2 redirects rl-promos.com
5	cdn.akamai.steamstatic.com	rl-promos.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	rl-promos.com
1	steamcommunity.com	rl-promos.com
1	img.rl.insider.gg	rl-promos.com
1	kikimoraki.ru	rl-promos.com
21	7

This site contains links to these domains. Also see Links.

Domain
steamcommunity.com

Subject Issuer	Validity	Valid
rl-promos.com R3	`2021-08-08` - `2021-11-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
cdn.akamai.steamstatic.com R3	`2021-07-01` - `2021-09-29`	3 months	crt.sh
kikimoraki.ru Sectigo RSA Domain Validation Secure Server CA	`2019-11-02` - `2021-11-02`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
insider.gg Cloudflare Inc ECC CA-3	`2020-09-16` - `2021-09-16`	a year	crt.sh
store.steampowered.com DigiCert SHA2 Extended Validation Server CA	`2021-04-29` - `2022-04-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://rl-promos.com/
Frame ID: 982029E8DA90FF74B3B3B570F1E489DA
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://rl-promos.com/ HTTP 307
https://rl-promos.com/ Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

21
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

8
IPs

3
Countries

1125 kB
Transfer

2482 kB
Size

3
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://steamcommunity.com/profiles/76561198148569723
Title: phaepich

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/id/hxysh/
Title: heysh

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/id/uc40/
Title: UC40

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/id/Ertrut10/
Title: Ertrut10

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/profiles/76561198337338246
Title: -Lew1s

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://rl-promos.com/ HTTP 307
https://rl-promos.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://rl-promos.com/analytics HTTP 307
https://rl-promos.com/analytics

21 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
rl-promos.com/
Redirect Chain

https://rl-promos.com/
https://rl-promos.com/

1 MB
823 KB

264ms
148ms

Document
text/html

95.181.157.84
MSKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://rl-promos.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.181.157.84 , Russian Federation, ASN211390 (MSKHOST, RU),
Reverse DNS: reverse.proxy
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 54afbef48c5322ca7ae70fa99971d91bc9e9a7bbf57e813ed9b7b79bdc26fb37

Request headers

Host: rl-promos.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _tdg=fc4798f3352a47def015b3a8c9e373f3; _TDG=fc4798f3352a47def015b3a8c9e373f3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-cache, private
Date: Sun, 08 Aug 2021 12:01:19 GMT
Set-Cookie: lumen_session=4LfDtXSCF0TvUsj7IWgLxXQMHenyMigucxxZ0z7G; expires=Wed, 11-Aug-2021 12:01:19 GMT; Max-Age=259200; path=/; httponly
Content-Encoding: gzip

Redirect headers

Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 08 Aug 2021 12:01:18 GMT
Content-Type: text/html
Content-Length: 180
Connection: close
Set-Cookie: _tdg=fc4798f3352a47def015b3a8c9e373f3; path=/; SameSite=Strict _TDG=fc4798f3352a47def015b3a8c9e373f3;Path=/
Location: https://rl-promos.com/

GET
H2 200 css2
fonts.googleapis.com/ 764 B
871 B 34ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Black+Ops+One&display=swap

Requested by

Host: rl-promos.com
URL: https://rl-promos.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3a2be86ba5162cda7d9daf092f311337373a32a8ab8e7a0df1ea8c7e1b4ea3c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rl-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 08 Aug 2021 11:54:40 GMT
server: ESF
date: Sun, 08 Aug 2021 12:01:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Aug 2021 12:01:19 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
490 B 41ms
21ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Cairo&display=swap

Requested by

Host: rl-promos.com
URL: https://rl-promos.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9761e420af3328d27d24e7ea50ebe0b50d23f5c64d4ebd2dbadb07e809961e22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rl-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 08 Aug 2021 11:40:42 GMT
server: ESF
date: Sun, 08 Aug 2021 12:01:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Aug 2021 12:01:19 GMT

GET
H/1.1 200
OK Cookie set auth.js Show response
rl-promos.com/api/js/ 12 KB
4 KB 237ms
52ms Script
application/javascript 95.181.157.84
MSKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://rl-promos.com/api/js/auth.js?id=e4ad1ff
Requested by: Host: rl-promos.com
URL: https://rl-promos.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.181.157.84 , Russian Federation, ASN211390 (MSKHOST, RU),
Reverse DNS: reverse.proxy
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: bd2caae5ed69b0225831ec6ab1a27240635cc4eca47b9427ec7711bf763558d1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: rl-promos.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://rl-promos.com/
Cookie: _tdg=fc4798f3352a47def015b3a8c9e373f3; _TDG=fc4798f3352a47def015b3a8c9e373f3; lumen_session=4LfDtXSCF0TvUsj7IWgLxXQMHenyMigucxxZ0z7G
Connection: keep-alive
Referer: https://rl-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 08 Aug 2021 12:01:19 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Aug 2021 02:18:56 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"610c9c10-2eb5"
Transfer-Encoding: chunked
Connection: close
Content-Type: application/javascript
Cache-Control: max-age=3600
Set-Cookie: _TDG=fc4798f3352a47def015b3a8c9e373f3;Path=/
Expires: Sun, 08 Aug 2021 13:01:19 GMT

GET
DATA 200
OK truncated
/ 566 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82e6ce3a249eb26188b2c27fc1646f4f9f9e1da178479d05e81a44dca73a2b0c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H/1.1 200
OK 9d6e419a41c764f216503cbfd793a1dca85003ef_full.jpg
cdn.akamai.steamstatic.com/steamcommunity/public/images/avatars/9d/ 13 KB
13 KB 199ms
65ms Image
image/jpeg 2.16.107.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.akamai.steamstatic.com/steamcommunity/public/images/avatars/9d/9d6e419a41c764f216503cbfd793a1dca85003ef_full.jpg
Requested by: Host: rl-promos.com
URL: https://rl-promos.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-25.deploy.static.akamaitechnologies.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 6cf14f810cfcce11a07fd8ef540e4c1fb98920ed230326f32d3a5b71735e7ed0

Request headers

Referer: https://rl-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 08 Aug 2021 12:01:19 GMT
Last-Modified: Sat, 05 Dec 2020 20:14:10 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5fcbea12-3482"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=305900942
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13442
Expires: Sat, 19 Apr 2031 00:30:21 GMT

GET
H/1.1 200
OK unnamed.jpg
kikimoraki.ru/wp-content/uploads/2020/08/ 50 KB
50 KB 239ms
95ms Image
image/jpeg 2a00:ab00:1103:7::7
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kikimoraki.ru/wp-content/uploads/2020/08/unnamed.jpg

Requested by

Host: rl-promos.com
URL: https://rl-promos.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:ab00:1103:7::7 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

0f138218479efaa6dd5187190a436c850de803d372505c07226ec0a5bd8acb42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://rl-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 08 Aug 2021 12:01:19 GMT
Last-Modified: Wed, 05 Aug 2020 14:17:02 GMT
Server: nginx/1.18.0
ETag: "5f2abf5e-c85d"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51293
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 2477a47ccd6acd638c9ffaf3cfc000914620303a_full.jpg
cdn.akamai.steamstatic.com/steamcommunity/public/images/avatars/24/ 17 KB
18 KB 198ms
64ms Image
image/jpeg 2.16.107.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.akamai.steamstatic.com/steamcommunity/public/images/avatars/24/2477a47ccd6acd638c9ffaf3cfc000914620303a_full.jpg
Requested by: Host: rl-promos.com
URL: https://rl-promos.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-25.deploy.static.akamaitechnologies.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 2e44ff5b38c2a866dadfd93a141e5673270e3f487e59dd2fd48c1a7d85521943

Request headers

Referer: https://rl-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 08 Aug 2021 12:01:19 GMT
Last-Modified: Sun, 28 Mar 2021 21:10:31 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "6060f0c7-45fc"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=303989176
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17916
Expires: Thu, 27 Mar 2031 21:27:35 GMT

GET
DATA 200
OK truncated
/ 27 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3dd9d5a6cc9749989558dd8c4041c6efc7f73e281399dc72230f1dca9b5d7207

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f80860fcf9b84db072ad3e4483f7c268728aef2172492048fbdbb42c463cdd3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H/1.1 200
OK 9a3fc051c2441abfe94ed67bc2c57ab2b69583e2_full.jpg
cdn.akamai.steamstatic.com/steamcommunity/public/images/avatars/9a/ 6 KB
7 KB 204ms
65ms Image
image/jpeg 2.16.107.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.akamai.steamstatic.com/steamcommunity/public/images/avatars/9a/9a3fc051c2441abfe94ed67bc2c57ab2b69583e2_full.jpg
Requested by: Host: rl-promos.com
URL: https://rl-promos.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-25.deploy.static.akamaitechnologies.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 22216b96805f132f356206738cb51c94ec92dade305228e3af1de4cf4a120e10

Request headers

Referer: https://rl-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 08 Aug 2021 12:01:19 GMT
Last-Modified: Tue, 23 Mar 2021 21:48:06 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "605a6216-193a"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=310106920
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6458
Expires: Fri, 06 Jun 2031 16:49:59 GMT

GET
H2 200 SLXGc1nY6HkvalIhTps.woff2
fonts.gstatic.com/s/cairo/v10/ 20 KB
20 KB 30ms
10ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v10/SLXGc1nY6HkvalIhTps.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Cairo&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33b5e84734e6c2f41286376d3c9ee3da94da179f4e3b20c7e3a20e1a21c2b665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://rl-promos.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 19:08:24 GMT
x-content-type-options: nosniff
age: 492775
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20672
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 17:47:07 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 19:08:24 GMT

GET
H2 200 qWcsB6-ypo7xBdr6Xshe96H3aDvbtw.woff2
fonts.gstatic.com/s/blackopsone/v12/ 14 KB
14 KB 26ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/blackopsone/v12/qWcsB6-ypo7xBdr6Xshe96H3aDvbtw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Black+Ops+One&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

835148f1434f9f8a36f20c8ebdb0217c6b7e23d5ce11c7bf5497916bd0764296

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://rl-promos.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 08:51:25 GMT
x-content-type-options: nosniff
age: 443394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13824
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 03:51:11 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 08:51:25 GMT

GET
DATA 200
OK truncated
/ 39 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: baed6517fbda1d1f11aed1229f0fe5cd55ee043d14cc35238129d7a6f1b66bed

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 6855fa3050c4d903e57cd29b4b45233f0501749d_full.jpg
cdn.akamai.steamstatic.com/steamcommunity/public/images/avatars/68/ 9 KB
10 KB 190ms
68ms Image
image/jpeg 2.16.107.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.akamai.steamstatic.com/steamcommunity/public/images/avatars/68/6855fa3050c4d903e57cd29b4b45233f0501749d_full.jpg
Requested by: Host: rl-promos.com
URL: https://rl-promos.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-25.deploy.static.akamaitechnologies.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: efb6deb68a7c30910282fb0cd7f18c60042b537daabaa8fc3e029fd2cc1b5933

Request headers

Referer: https://rl-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 08 Aug 2021 12:01:19 GMT
Last-Modified: Sun, 12 Jul 2020 00:49:42 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5f0a5e26-2574"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=311741440
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9588
Expires: Wed, 25 Jun 2031 14:51:59 GMT

GET
H/1.1 200
OK 812e0a5598d501351aa1467098cb61fd9c87ddbd_full.jpg
cdn.akamai.steamstatic.com/steamcommunity/public/images/avatars/81/ 6 KB
6 KB 188ms
65ms Image
image/jpeg 2.16.107.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.akamai.steamstatic.com/steamcommunity/public/images/avatars/81/812e0a5598d501351aa1467098cb61fd9c87ddbd_full.jpg
Requested by: Host: rl-promos.com
URL: https://rl-promos.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-25.deploy.static.akamaitechnologies.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 4077a82a927c6818aef9134b2ee600bdb893121e1cee00b212b151687863ecc1

Request headers

Referer: https://rl-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 08 Aug 2021 12:01:19 GMT
Last-Modified: Sun, 14 Feb 2021 22:11:06 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "60299ffa-1840"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=310705319
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6208
Expires: Fri, 13 Jun 2031 15:03:18 GMT

GET
H2 200 dingo.white.43db.jpg
img.rl.insider.gg/itemPics/large/ 5 KB
5 KB 45ms
16ms Image
image/webp 2606:4700:20::ac43:47a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.rl.insider.gg/itemPics/large/dingo.white.43db.jpg

Requested by

Host: rl-promos.com
URL: https://rl-promos.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.19

Resource Hash

692620ca20060f01a68de5f2cc42fff13d978ec04cb6cdf3119db76f590d1208

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://rl-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 12:01:19 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1815
x-powered-by: PHP/7.3.19
content-disposition: inline; filename="dingo.webp"
content-length: 4718
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IG89LNYHMcY49MDMFSektZrOdzPVnNr5c%2FyIUzw%2F8AZrQ6%2Ft%2Fq1fL1vsiwRi1RMQw99ElxOcDK13f5k5bArRIfkHgLJTZVFKPqkxi2xIZz01Nm4kDyWi5dRfPycPNxNnTbtXmUpUTAa5cgx%2FRxUv"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=86400
cf-polished: qual=85, origFmt=jpeg, origSize=7661
accept-ranges: bytes
cf-ray: 67b896e24af4430f-FRA

GET
H/1.1 200
OK Cookie set e1afcf68e40684418c755c5b7ec1e9c4.js Show response
rl-promos.com/f05a83365d92eb68cbd7161906db0622/ 87 KB
31 KB 209ms
93ms Script
application/javascript 95.181.157.84
MSKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://rl-promos.com/f05a83365d92eb68cbd7161906db0622/e1afcf68e40684418c755c5b7ec1e9c4.js
Requested by: Host: rl-promos.com
URL: https://rl-promos.com/api/js/auth.js?id=e4ad1ff
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.181.157.84 , Russian Federation, ASN211390 (MSKHOST, RU),
Reverse DNS: reverse.proxy
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: rl-promos.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://rl-promos.com/
Cookie: _tdg=fc4798f3352a47def015b3a8c9e373f3; _TDG=fc4798f3352a47def015b3a8c9e373f3; lumen_session=4LfDtXSCF0TvUsj7IWgLxXQMHenyMigucxxZ0z7G
Connection: keep-alive
Referer: https://rl-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 08 Aug 2021 12:01:19 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Jul 2021 19:01:41 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"60f1d795-15d84"
Transfer-Encoding: chunked
Connection: close
Content-Type: application/javascript
Cache-Control: max-age=3600
Set-Cookie: _TDG=fc4798f3352a47def015b3a8c9e373f3;Path=/
Expires: Sun, 08 Aug 2021 13:01:19 GMT

GET
H/1.1 200
OK Cookie set f6255796b2980d9403f02498c32f5e78.js Show response
rl-promos.com/f05a83365d92eb68cbd7161906db0622/ 21 KB
5 KB 179ms
64ms Script
application/javascript 95.181.157.84
MSKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://rl-promos.com/f05a83365d92eb68cbd7161906db0622/f6255796b2980d9403f02498c32f5e78.js
Requested by: Host: rl-promos.com
URL: https://rl-promos.com/api/js/auth.js?id=e4ad1ff
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.181.157.84 , Russian Federation, ASN211390 (MSKHOST, RU),
Reverse DNS: reverse.proxy
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: fce224082565923a5cc7ca12b35e15508a1a67e4d7d44bc3792141d178ae2e42

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: rl-promos.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://rl-promos.com/
Cookie: _tdg=fc4798f3352a47def015b3a8c9e373f3; _TDG=fc4798f3352a47def015b3a8c9e373f3; lumen_session=4LfDtXSCF0TvUsj7IWgLxXQMHenyMigucxxZ0z7G
Connection: keep-alive
Referer: https://rl-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 08 Aug 2021 12:01:19 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Jul 2021 19:01:41 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"60f1d795-537a"
Transfer-Encoding: chunked
Connection: close
Content-Type: application/javascript
Cache-Control: max-age=3600
Set-Cookie: _TDG=fc4798f3352a47def015b3a8c9e373f3;Path=/
Expires: Sun, 08 Aug 2021 13:01:19 GMT

GET
H/1.1 200
OK Cookie set 703be1832828875be929495c6e1bb310.js Show response
rl-promos.com/f05a83365d92eb68cbd7161906db0622/ 248 KB
68 KB 230ms
111ms Script
application/javascript 95.181.157.84
MSKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://rl-promos.com/f05a83365d92eb68cbd7161906db0622/703be1832828875be929495c6e1bb310.js
Requested by: Host: rl-promos.com
URL: https://rl-promos.com/api/js/auth.js?id=e4ad1ff
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.181.157.84 , Russian Federation, ASN211390 (MSKHOST, RU),
Reverse DNS: reverse.proxy
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: rl-promos.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://rl-promos.com/
Cookie: _tdg=fc4798f3352a47def015b3a8c9e373f3; _TDG=fc4798f3352a47def015b3a8c9e373f3; lumen_session=4LfDtXSCF0TvUsj7IWgLxXQMHenyMigucxxZ0z7G
Connection: keep-alive
Referer: https://rl-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 08 Aug 2021 12:01:19 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Jul 2021 19:01:41 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"60f1d795-3dee5"
Transfer-Encoding: chunked
Connection: close
Content-Type: application/javascript
Cache-Control: max-age=3600
Set-Cookie: _TDG=fc4798f3352a47def015b3a8c9e373f3;Path=/
Expires: Sun, 08 Aug 2021 13:01:19 GMT

GET
H/1.1 200
OK Cookie set 2ba131b3bdaf4606933d9489e9b19678.css
rl-promos.com/f05a83365d92eb68cbd7161906db0622/ 6 KB
2 KB 163ms
57ms Stylesheet
text/css 95.181.157.84
MSKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://rl-promos.com/f05a83365d92eb68cbd7161906db0622/2ba131b3bdaf4606933d9489e9b19678.css
Requested by: Host: rl-promos.com
URL: https://rl-promos.com/api/js/auth.js?id=e4ad1ff
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.181.157.84 , Russian Federation, ASN211390 (MSKHOST, RU),
Reverse DNS: reverse.proxy
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 971e6f73475a64ef49015b44bffac0dbe85571d75469c73008e408d72e08986e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: rl-promos.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://rl-promos.com/
Cookie: _tdg=fc4798f3352a47def015b3a8c9e373f3; _TDG=fc4798f3352a47def015b3a8c9e373f3; lumen_session=4LfDtXSCF0TvUsj7IWgLxXQMHenyMigucxxZ0z7G
Connection: keep-alive
Referer: https://rl-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 08 Aug 2021 12:01:19 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Jul 2021 19:01:41 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"60f1d795-19da"
Transfer-Encoding: chunked
Connection: close
Content-Type: text/css
Cache-Control: max-age=3600
Set-Cookie: _TDG=fc4798f3352a47def015b3a8c9e373f3;Path=/
Expires: Sun, 08 Aug 2021 13:01:19 GMT

GET
H/1.1 200
OK Cookie set 73705f5d97f5f8641567f92d29d24a1f.css
rl-promos.com/f05a83365d92eb68cbd7161906db0622/ 10 KB
3 KB 165ms
58ms Stylesheet
text/css 95.181.157.84
MSKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://rl-promos.com/f05a83365d92eb68cbd7161906db0622/73705f5d97f5f8641567f92d29d24a1f.css
Requested by: Host: rl-promos.com
URL: https://rl-promos.com/api/js/auth.js?id=e4ad1ff
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.181.157.84 , Russian Federation, ASN211390 (MSKHOST, RU),
Reverse DNS: reverse.proxy
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5d16cdafd428a4515388b2e6ad66cc6c83a23125acf97762d14ecab413e75366

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: rl-promos.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://rl-promos.com/
Cookie: _tdg=fc4798f3352a47def015b3a8c9e373f3; _TDG=fc4798f3352a47def015b3a8c9e373f3; lumen_session=4LfDtXSCF0TvUsj7IWgLxXQMHenyMigucxxZ0z7G
Connection: keep-alive
Referer: https://rl-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 08 Aug 2021 12:01:19 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Jul 2021 19:01:41 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"60f1d795-2966"
Transfer-Encoding: chunked
Connection: close
Content-Type: text/css
Cache-Control: max-age=3600
Set-Cookie: _TDG=fc4798f3352a47def015b3a8c9e373f3;Path=/
Expires: Sun, 08 Aug 2021 13:01:19 GMT

GET
H/1.1 200
OK Cookie set thisisnotjquery.min.css
rl-promos.com/f05a83365d92eb68cbd7161906db0622/ 16 KB
4 KB 166ms
56ms Stylesheet
text/css 95.181.157.84
MSKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://rl-promos.com/f05a83365d92eb68cbd7161906db0622/thisisnotjquery.min.css
Requested by: Host: rl-promos.com
URL: https://rl-promos.com/api/js/auth.js?id=e4ad1ff
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.181.157.84 , Russian Federation, ASN211390 (MSKHOST, RU),
Reverse DNS: reverse.proxy
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2c26c308e6570e5fdf8a8e67f271f6bb06fc7eeda51aed7e65b8505f0f4320bb

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: rl-promos.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://rl-promos.com/
Cookie: _tdg=fc4798f3352a47def015b3a8c9e373f3; _TDG=fc4798f3352a47def015b3a8c9e373f3; lumen_session=4LfDtXSCF0TvUsj7IWgLxXQMHenyMigucxxZ0z7G
Connection: keep-alive
Referer: https://rl-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 08 Aug 2021 12:01:19 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Jul 2021 19:01:41 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"60f1d795-41fc"
Transfer-Encoding: chunked
Connection: close
Content-Type: text/css
Cache-Control: max-age=3600
Set-Cookie: _TDG=fc4798f3352a47def015b3a8c9e373f3;Path=/
Expires: Sun, 08 Aug 2021 13:01:19 GMT

GET
H/1.1 200
OK favicon.ico
steamcommunity.com/ 38 KB
38 KB 286ms
106ms Image
image/x-icon 23.79.145.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steamcommunity.com/favicon.ico
Requested by: Host: rl-promos.com
URL: https://rl-promos.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.145.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-145-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9f890a9debcdfccc339149a7943be9aff9e4c9203c2fa37d5671a5b2c88503ad

Request headers

Referer: https://rl-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 08 Aug 2021 12:01:19 GMT
Last-Modified: Tue, 18 Sep 2018 23:32:59 GMT
Server: nginx
Content-Type: image/x-icon
Cache-Control: public,max-age=86400
Connection: keep-alive
Content-Length: 38554
Expires: Tue, 06 Jul 2021 07:29:10 GMT

POST
H/1.1

500
Internal Server Error

Cookie set analytics Show response
rl-promos.com/
Redirect Chain

https://rl-promos.com/analytics
https://rl-promos.com/analytics

831 B
1 KB

247ms
128ms

XHR
text/html

95.181.157.84
MSKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://rl-promos.com/analytics
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.181.157.84 , Russian Federation, ASN211390 (MSKHOST, RU),
Reverse DNS: reverse.proxy
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f1d7dc82616bea86e20962da8a09b76d334cf78e5d45f6837543a34439a0587f

Request headers

Sec-Fetch-Mode: cors
Origin: https://rl-promos.com
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Sec-Fetch-Dest: empty
Cookie: _tdg=fc4798f3352a47def015b3a8c9e373f3; _TDG=fc4798f3352a47def015b3a8c9e373f3
Connection: keep-alive
Content-Length: 136
Pragma: no-cache
Host: rl-promos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryGYLfN2pmKYNilN2o
Accept: */*
Cache-Control: no-cache
Referer: https://rl-promos.com/
Sec-Fetch-Site: same-origin
Referer: https://rl-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 08 Aug 2021 12:01:29 GMT
Cache-Control: no-cache, private
Server: nginx/1.18.0 (Ubuntu)
Set-Cookie: lumen_session=SzNSAeWYNbOtePOl69GcRfbmpDdd1l5WsrO3gLab; expires=Wed, 11-Aug-2021 12:01:29 GMT; Max-Age=259200; path=/; httponly
Transfer-Encoding: chunked
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Location: https://rl-promos.com/analytics
Date: Sun, 08 Aug 2021 12:01:29 GMT
Connection: close
Server: nginx/1.18.0 (Ubuntu)
Set-Cookie: _tdg=fc4798f3352a47def015b3a8c9e373f3; path=/; SameSite=Strict _TDG=fc4798f3352a47def015b3a8c9e373f3;Path=/
Content-Length: 180
Content-Type: text/html

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rl-promos.com/	1969-12-31 23:59:59	Name: _TDG Value: fc4798f3352a47def015b3a8c9e373f3
rl-promos.com/	1970-01-19 20:24:43	Name: lumen_session Value: 4LfDtXSCF0TvUsj7IWgLxXQMHenyMigucxxZ0z7G
rl-promos.com/	1969-12-31 23:59:59	Name: _tdg Value: fc4798f3352a47def015b3a8c9e373f3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.akamai.steamstatic.com
fonts.googleapis.com
fonts.gstatic.com
img.rl.insider.gg
kikimoraki.ru
rl-promos.com
steamcommunity.com
2.16.107.25
23.79.145.15
2606:4700:20::ac43:47a6
2a00:1450:4001:800::2003
2a00:1450:4001:831::200a
2a00:ab00:1103:7::7
95.181.157.84
0f138218479efaa6dd5187190a436c850de803d372505c07226ec0a5bd8acb42
22216b96805f132f356206738cb51c94ec92dade305228e3af1de4cf4a120e10
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
2c26c308e6570e5fdf8a8e67f271f6bb06fc7eeda51aed7e65b8505f0f4320bb
2e44ff5b38c2a866dadfd93a141e5673270e3f487e59dd2fd48c1a7d85521943
33b5e84734e6c2f41286376d3c9ee3da94da179f4e3b20c7e3a20e1a21c2b665
3a2be86ba5162cda7d9daf092f311337373a32a8ab8e7a0df1ea8c7e1b4ea3c7
3dd9d5a6cc9749989558dd8c4041c6efc7f73e281399dc72230f1dca9b5d7207
4077a82a927c6818aef9134b2ee600bdb893121e1cee00b212b151687863ecc1
54afbef48c5322ca7ae70fa99971d91bc9e9a7bbf57e813ed9b7b79bdc26fb37
5d16cdafd428a4515388b2e6ad66cc6c83a23125acf97762d14ecab413e75366
692620ca20060f01a68de5f2cc42fff13d978ec04cb6cdf3119db76f590d1208
6cf14f810cfcce11a07fd8ef540e4c1fb98920ed230326f32d3a5b71735e7ed0
82e6ce3a249eb26188b2c27fc1646f4f9f9e1da178479d05e81a44dca73a2b0c
835148f1434f9f8a36f20c8ebdb0217c6b7e23d5ce11c7bf5497916bd0764296
8f80860fcf9b84db072ad3e4483f7c268728aef2172492048fbdbb42c463cdd3
971e6f73475a64ef49015b44bffac0dbe85571d75469c73008e408d72e08986e
9761e420af3328d27d24e7ea50ebe0b50d23f5c64d4ebd2dbadb07e809961e22
9f890a9debcdfccc339149a7943be9aff9e4c9203c2fa37d5671a5b2c88503ad
baed6517fbda1d1f11aed1229f0fe5cd55ee043d14cc35238129d7a6f1b66bed
bd2caae5ed69b0225831ec6ab1a27240635cc4eca47b9427ec7711bf763558d1
efb6deb68a7c30910282fb0cd7f18c60042b537daabaa8fc3e029fd2cc1b5933
f1d7dc82616bea86e20962da8a09b76d334cf78e5d45f6837543a34439a0587f
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fce224082565923a5cc7ca12b35e15508a1a67e4d7d44bc3792141d178ae2e42

rl-promos.com Open in urlscan Pro 95.181.157.84 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

57 %IPv6

7 Domains

7 Subdomains

8 IPs

3 Countries

1125 kBTransfer

2482 kBSize

3 Cookies

5 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

3 Cookies

Indicators

rl-promos.com Open in urlscan Pro
95.181.157.84 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

8
IPs

3
Countries

1125 kB
Transfer

2482 kB
Size

3
Cookies

21 HTTP transactions
4 data transactions