www.claimpromo.colusmen.com Open in urlscan Pro
173.236.9.28 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.claimpromo.colusmen.com/
Submission: On August 30 via automatic, source certstream-suspicious (August 30th 2021, 1:53:02 pm UTC)

Summary HTTP 46 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 13 domains to perform 46 HTTP transactions. The main IP is 173.236.9.28, located in United States and belongs to SINGLEHOP-LLC, US. The main domain is www.claimpromo.colusmen.com.
TLS certificate: Issued by R3 on August 30th 2021. Valid for: 3 months.

This is the only time www.claimpromo.colusmen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	173.236.9.28 173.236.9.28	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1 1	185.199.108.153 185.199.108.153	54113 (FASTLY) (FASTLY)
1	185.199.109.153 185.199.109.153	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	23.111.9.57 23.111.9.57	33438 (HIGHWINDS2) (HIGHWINDS2)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
46	16

28 173.236.9.28 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: en08-phx.stablehost.com

www.claimpromo.colusmen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.199.108.153 (United States) 1 redirects

ASN54113 (FASTLY, US)
PTR: cdn-185-199-108-153.github.com

afeld.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.199.109.153 (San Francisco, United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-109-153.github.com

emoji-css.afeld.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.57 (United States)

ASN33438 (HIGHWINDS2, US)

twemoji.maxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	colusmen.com www.claimpromo.colusmen.com	2 MB
3	facebook.com www.facebook.com	403 B
3	google.com 1 redirects www.google.com	88 B
2	google.de www.google.de	172 B
2	doubleclick.net 1 redirects googleads.g.doubleclick.net	1 KB
2	googleadservices.com www.googleadservices.com	15 KB
2	facebook.net connect.facebook.net	113 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	30 KB
1	gstatic.com fonts.gstatic.com	46 KB
1	maxcdn.com twemoji.maxcdn.com	1 KB
1	googletagmanager.com www.googletagmanager.com	36 KB
1	afeld.me emoji-css.afeld.me	34 KB
1	github.io 1 redirects afeld.github.io	179 B
46	13

	Domain	Requested by
28	www.claimpromo.colusmen.com	www.claimpromo.colusmen.com
3	www.facebook.com	www.claimpromo.colusmen.com
3	www.google.com	1 redirects www.claimpromo.colusmen.com
2	www.google.de	www.claimpromo.colusmen.com
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	connect.facebook.net	www.claimpromo.colusmen.com connect.facebook.net
1	fonts.gstatic.com	fonts.googleapis.com
1	twemoji.maxcdn.com	emoji-css.afeld.me
1	www.googletagmanager.com	www.claimpromo.colusmen.com
1	ajax.googleapis.com	www.claimpromo.colusmen.com
1	emoji-css.afeld.me	www.claimpromo.colusmen.com
1	afeld.github.io	1 redirects
1	fonts.googleapis.com	www.claimpromo.colusmen.com
46	14

This site contains no links.

Subject Issuer	Validity	Valid
claimpromo.colusmen.com R3	`2021-08-30` - `2021-11-28`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
emoji-css.afeld.me R3	`2021-07-19` - `2021-10-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
twemoji.maxcdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-10-09` - `2021-11-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.claimpromo.colusmen.com/
Frame ID: 8F9C63D4461F5E779EF9A50B871DB573
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Page Statistics

46
Requests

100 %
HTTPS

71 %
IPv6

13
Domains

14
Subdomains

16
IPs

2
Countries

2522 kB
Transfer

4352 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://afeld.github.io/emoji-css/emoji.css HTTP 301
https://emoji-css.afeld.me/emoji.css

Request Chain 46

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/937216292/?random=1701440898&cv=9&fst=1630331564912&num=1&value=350000&currency_code=idr&label=kdUpCOyBpHMQpJLzvgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.claimpromo.colusmen.com%2F&tiba=Colus%20Men%20Facial%20Treatment%20-%20Cream%20Wajah%20Untuk%20Pria%20Pertama%20Di%20Indonesia&auid=1087646679.1630331565&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=rOIsYbPOOcblgQfQ0ZboAw&sscte=1&crd=&eitems=ChEI8IOyiQYQiJqDxIm85_7aARIdAGVqYgcOjmVKXCnJN_6WJ53tEZT4rm8Nlf034_4 HTTP 302
https://www.google.com/pagead/1p-conversion/937216292/?random=1701440898&cv=9&fst=1630331564912&num=1&value=350000&currency_code=idr&label=kdUpCOyBpHMQpJLzvgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.claimpromo.colusmen.com%2F&tiba=Colus%20Men%20Facial%20Treatment%20-%20Cream%20Wajah%20Untuk%20Pria%20Pertama%20Di%20Indonesia&auid=1087646679.1630331565&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rOIsYbPOOcblgQfQ0ZboAw&cid=CAQSKQCNIrLM9x4ty1p4LXy_u4OF3ya-COpBXtAiCnlNVfV6sh0_sAq1yBEL&eitems=ChEI8IOyiQYQiJqDxIm85_7aARIdAGVqYgcm3-tVXjKXLNsj10RVW9Zjxzj20KKGM2E&random=3194090851&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/937216292/?random=1701440898&cv=9&fst=1630331564912&num=1&value=350000&currency_code=idr&label=kdUpCOyBpHMQpJLzvgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.claimpromo.colusmen.com%2F&tiba=Colus%20Men%20Facial%20Treatment%20-%20Cream%20Wajah%20Untuk%20Pria%20Pertama%20Di%20Indonesia&auid=1087646679.1630331565&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rOIsYbPOOcblgQfQ0ZboAw&cid=CAQSKQCNIrLM9x4ty1p4LXy_u4OF3ya-COpBXtAiCnlNVfV6sh0_sAq1yBEL&eitems=ChEI8IOyiQYQiJqDxIm85_7aARIdAGVqYgcm3-tVXjKXLNsj10RVW9Zjxzj20KKGM2E&random=3194090851&resp=GooglemKTybQhCsO&ipr=y

46 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.claimpromo.colusmen.com/ 13 KB
4 KB 537ms
166ms Document
text/html 173.236.9.28
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claimpromo.colusmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.236.9.28 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en08-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 6b566d7c18edc87c4d83740f5cd6db51eb00f089fdd277bb1f7bd3fa279a3fcb

Request headers

:method: GET
:authority: www.claimpromo.colusmen.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Mon, 30 Aug 2021 13:52:43 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

GET
H2 200 css
fonts.googleapis.com/ 5 KB
680 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:400,300,600

Requested by

Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c790a6188551550a1397e109c897001131058aeeb303f21bcf4692fbee3055c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 13:49:49 GMT
server: ESF
date: Mon, 30 Aug 2021 13:52:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 30 Aug 2021 13:52:44 GMT

GET
H2 200 normalize.css
www.claimpromo.colusmen.com/ColisV5/skeleton/css/ 8 KB
2 KB 469ms
166ms Stylesheet
text/css 173.236.9.28
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claimpromo.colusmen.com/ColisV5/skeleton/css/normalize.css
Requested by: Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.236.9.28 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en08-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: f4d7e8250f8f124f8b7d087e5e260766a34b079fddc43e7b20d8c18ca1e92e51

Request headers

:path: /ColisV5/skeleton/css/normalize.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.claimpromo.colusmen.com
referer: https://www.claimpromo.colusmen.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:52:44 GMT
content-encoding: br
last-modified: Wed, 02 Sep 2020 17:19:09 GMT
server: LiteSpeed
etag: "1e75-5f4fd40d-535cbe16caa75d2c;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2368
expires: Mon, 06 Sep 2021 13:52:44 GMT

GET
H2 200 skeleton.css
www.claimpromo.colusmen.com/ColisV5/skeleton/css/ 11 KB
3 KB 471ms
169ms Stylesheet
text/css 173.236.9.28
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claimpromo.colusmen.com/ColisV5/skeleton/css/skeleton.css
Requested by: Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.236.9.28 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en08-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 36d129255cf069d36a50079521e3fb0a2a37b4cd343e6b94bbf0b9a5006aff5d

Request headers

:path: /ColisV5/skeleton/css/skeleton.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.claimpromo.colusmen.com
referer: https://www.claimpromo.colusmen.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:52:44 GMT
content-encoding: br
last-modified: Wed, 02 Sep 2020 17:19:09 GMT
server: LiteSpeed
etag: "2d47-5f4fd40d-5de7ec9c8dcb4fe3;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2546
expires: Mon, 06 Sep 2021 13:52:44 GMT

GET
H2 200 custom.css
www.claimpromo.colusmen.com/ColisV5/css/ 7 KB
2 KB 473ms
171ms Stylesheet
text/css 173.236.9.28
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claimpromo.colusmen.com/ColisV5/css/custom.css
Requested by: Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.236.9.28 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en08-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 7103a09f04a9c4bb9e428f947f7de3d95093788a0c439125820840371eac3be8

Request headers

:path: /ColisV5/css/custom.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.claimpromo.colusmen.com
referer: https://www.claimpromo.colusmen.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:52:44 GMT
content-encoding: br
last-modified: Wed, 02 Sep 2020 17:19:09 GMT
server: LiteSpeed
etag: "1ba6-5f4fd40d-3534fac2ba31f7ad;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1478
expires: Mon, 06 Sep 2021 13:52:44 GMT

GET
H2

200

emoji.css
emoji-css.afeld.me/
Redirect Chain

https://afeld.github.io/emoji-css/emoji.css
https://emoji-css.afeld.me/emoji.css

402 KB
34 KB

91ms
23ms

Stylesheet
text/css

185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://emoji-css.afeld.me/emoji.css
Requested by: Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: 6b85f667ca7a1be5ca7fd71c0586158f5f20a87a0a595d0939345d0b3b018638

Request headers

Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-fastly-request-id: 2b2216785d337ad18194aee53f5dc4a516874b39
date: Mon, 30 Aug 2021 13:52:44 GMT
content-encoding: gzip
age: 57
x-cache: HIT
content-length: 34216
x-served-by: cache-cdg20733-CDG
access-control-allow-origin: *
last-modified: Thu, 01 Oct 2020 11:41:42 GMT
server: GitHub.com
x-github-request-id: C0D2:0F59:64409A:678967:611DDD0C
x-timer: S1630331564.251243,VS0,VE0
etag: W/"5f75c076-646c4"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Thu, 19 Aug 2021 04:11:05 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: HIT
x-cache-hits: 3

Redirect headers

x-fastly-request-id: 23d2f36f7ff42a6f9787fbd898231c72b1dada23
date: Mon, 30 Aug 2021 13:52:44 GMT
via: 1.1 varnish
age: 1148
x-cache: HIT
content-length: 162
x-served-by: cache-cdg20725-CDG
server: GitHub.com
x-github-request-id: C46A:CE3F:206E7FF:2194683:612CDE30
x-timer: S1630331564.153991,VS0,VE1
vary: Accept-Encoding
content-type: text/html
location: https://emoji-css.afeld.me/emoji.css
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 82 KB
29 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 21:15:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 405459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 21:15:05 GMT

GET
H2 200 header2.jpg
www.claimpromo.colusmen.com/ColisV5/images/ 181 KB
181 KB 466ms
165ms Image
image/jpeg 173.236.9.28
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimpromo.colusmen.com/ColisV5/images/header2.jpg
Requested by: Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.236.9.28 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en08-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: cb18100cecd972c28687f1320d16587e28c717e3ff67117aa46984b585298403

Request headers

:path: /ColisV5/images/header2.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimpromo.colusmen.com
referer: https://www.claimpromo.colusmen.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:52:44 GMT
last-modified: Wed, 02 Sep 2020 17:19:09 GMT
server: LiteSpeed
etag: "2d35c-5f4fd40d-2851645e3962ed94;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 185180
expires: Mon, 06 Sep 2021 13:52:44 GMT

GET
H2 200 2.jpg
www.claimpromo.colusmen.com/ColisV5/images/endorse/ 62 KB
62 KB 759ms
458ms Image
image/jpeg 173.236.9.28
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimpromo.colusmen.com/ColisV5/images/endorse/2.jpg
Requested by: Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.236.9.28 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en08-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: f1c1622eb7897eff161ac2f9ab7dc61ae19fda4f566244816b63fe642a937a74

Request headers

:path: /ColisV5/images/endorse/2.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimpromo.colusmen.com
referer: https://www.claimpromo.colusmen.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:52:44 GMT
last-modified: Wed, 02 Sep 2020 17:19:09 GMT
server: LiteSpeed
etag: "f7e2-5f4fd40d-79a5f4ce080a66de;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 63458
expires: Mon, 06 Sep 2021 13:52:44 GMT

GET
H2 200 1.jpg
www.claimpromo.colusmen.com/ColisV5/images/endorse/ 78 KB
78 KB 751ms
448ms Image
image/jpeg 173.236.9.28
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimpromo.colusmen.com/ColisV5/images/endorse/1.jpg
Requested by: Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.236.9.28 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en08-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 7ec485a61c99bacefb6aecceb50c525b5d5cb185e94dec58040b06a4c1028661

Request headers

:path: /ColisV5/images/endorse/1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimpromo.colusmen.com
referer: https://www.claimpromo.colusmen.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:52:44 GMT
last-modified: Wed, 02 Sep 2020 17:19:09 GMT
server: LiteSpeed
etag: "137a2-5f4fd40d-aed19a6f36e9f007;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 79778
expires: Mon, 06 Sep 2021 13:52:44 GMT

GET
H2 200 129217.jpg
www.claimpromo.colusmen.com/ColisV5/images/ 52 KB
52 KB 1458ms
1155ms Image
image/jpeg 173.236.9.28
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimpromo.colusmen.com/ColisV5/images/129217.jpg
Requested by: Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.236.9.28 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en08-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 6e439df825ccde5885228fedd6252e8be5076b99ed16de276934b08db3fead66

Request headers

:path: /ColisV5/images/129217.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimpromo.colusmen.com
referer: https://www.claimpromo.colusmen.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:52:45 GMT
last-modified: Wed, 02 Sep 2020 17:19:09 GMT
server: LiteSpeed
etag: "ce0c-5f4fd40d-670ad27b49810936;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 52748
expires: Mon, 06 Sep 2021 13:52:45 GMT

GET
H2 200 129218.jpg
www.claimpromo.colusmen.com/ColisV5/images/ 74 KB
74 KB 1459ms
1156ms Image
image/jpeg 173.236.9.28
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimpromo.colusmen.com/ColisV5/images/129218.jpg
Requested by: Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.236.9.28 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en08-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 1b02ff6c780e10b1527405a851e33a1b83d6629e8c049004c16eb43b1679123b

Request headers

:path: /ColisV5/images/129218.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimpromo.colusmen.com
referer: https://www.claimpromo.colusmen.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:52:45 GMT
last-modified: Wed, 02 Sep 2020 17:19:09 GMT
server: LiteSpeed
etag: "128ce-5f4fd40d-f49aba632ee3be83;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 75982
expires: Mon, 06 Sep 2021 13:52:45 GMT

GET
H2 200 40135.jpg
www.claimpromo.colusmen.com/ColisV5/images/testi/ 122 KB
123 KB 1461ms
1158ms Image
image/jpeg 173.236.9.28
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimpromo.colusmen.com/ColisV5/images/testi/40135.jpg
Requested by: Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.236.9.28 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en08-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 58bc8f50af9f007766f20d056e23f3026e5bd064b409d67f974df35771f2dee1

Request headers

:path: /ColisV5/images/testi/40135.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimpromo.colusmen.com
referer: https://www.claimpromo.colusmen.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:52:45 GMT
last-modified: Wed, 02 Sep 2020 17:19:09 GMT
server: LiteSpeed
etag: "1e9ff-5f4fd40d-1c76a6967eca76e7;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 125439
expires: Mon, 06 Sep 2021 13:52:45 GMT

GET
H2 200 40139.jpg
www.claimpromo.colusmen.com/ColisV5/images/testi/ 132 KB
132 KB 1463ms
1160ms Image
image/jpeg 173.236.9.28
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimpromo.colusmen.com/ColisV5/images/testi/40139.jpg
Requested by: Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.236.9.28 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en08-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: ab758bcc55399e4c74d640d8ea94b4a230a290ef974b9d0a521fb8076097acd5

Request headers

:path: /ColisV5/images/testi/40139.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimpromo.colusmen.com
referer: https://www.claimpromo.colusmen.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:52:45 GMT
last-modified: Wed, 02 Sep 2020 17:19:09 GMT
server: LiteSpeed
etag: "20e27-5f4fd40d-e11319772b0718c5;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 134695
expires: Mon, 06 Sep 2021 13:52:45 GMT

GET
H2 200 40138.jpg
www.claimpromo.colusmen.com/ColisV5/images/testi/ 115 KB
115 KB 1465ms
1162ms Image
image/jpeg 173.236.9.28
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimpromo.colusmen.com/ColisV5/images/testi/40138.jpg
Requested by: Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.236.9.28 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en08-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: dc209f18e6ad46831abd7bed625728230870efcedbe64f09e1906aafc70cce55

Request headers

:path: /ColisV5/images/testi/40138.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimpromo.colusmen.com
referer: https://www.claimpromo.colusmen.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:52:45 GMT
last-modified: Wed, 02 Sep 2020 17:19:09 GMT
server: LiteSpeed
etag: "1cd59-5f4fd40d-2fe9d34ec0e4b49;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 118105
expires: Mon, 06 Sep 2021 13:52:45 GMT

GET
H2 200 40136.jpg
www.claimpromo.colusmen.com/ColisV5/images/testi/ 124 KB
124 KB 1467ms
1164ms Image
image/jpeg 173.236.9.28
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimpromo.colusmen.com/ColisV5/images/testi/40136.jpg
Requested by: Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.236.9.28 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en08-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 370d5f511ab8864aeaa16a83299ebb0b9f80e8070fe55b671a08ae15065798d5

Request headers

:path: /ColisV5/images/testi/40136.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimpromo.colusmen.com
referer: https://www.claimpromo.colusmen.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:52:45 GMT
last-modified: Wed, 02 Sep 2020 17:19:09 GMT
server: LiteSpeed
etag: "1ee1d-5f4fd40d-a4275ab7ab2bb6fb;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 126493
expires: Mon, 06 Sep 2021 13:52:45 GMT

GET
H2 200 bpom.png
www.claimpromo.colusmen.com/ 89 KB
89 KB 1469ms
1166ms Image
image/png 173.236.9.28
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimpromo.colusmen.com/bpom.png
Requested by: Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.236.9.28 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en08-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 35572c949f734defa89beb69fcf172bb03eb97f96efd7e31fcc00cf0d9760db0

Request headers

:path: /bpom.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimpromo.colusmen.com
referer: https://www.claimpromo.colusmen.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:52:45 GMT
last-modified: Wed, 02 Sep 2020 17:19:09 GMT
server: LiteSpeed
etag: "1639c-5f4fd40d-4b47a229ae3ae1f4;;;"
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 91036
expires: Mon, 06 Sep 2021 13:52:45 GMT

GET
H2 200 tes2.png
www.claimpromo.colusmen.com/ColisV5/images/ 358 KB
359 KB 1471ms
1168ms Image
image/png 173.236.9.28
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimpromo.colusmen.com/ColisV5/images/tes2.png
Requested by: Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.236.9.28 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en08-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: cd65323019e64ecddf1ccf12c8c71b1023d40f0308d655a07bc4f1fec630ea65

Request headers

:path: /ColisV5/images/tes2.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimpromo.colusmen.com
referer: https://www.claimpromo.colusmen.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:52:45 GMT
last-modified: Wed, 02 Sep 2020 17:19:09 GMT
server: LiteSpeed
etag: "5997d-5f4fd40d-c48b74715bca9a06;;;"
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 366973
expires: Mon, 06 Sep 2021 13:52:45 GMT

GET
H2 200 tes.png
www.claimpromo.colusmen.com/ColisV5/images/ 208 KB
209 KB 1471ms
1168ms Image
image/png 173.236.9.28
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimpromo.colusmen.com/ColisV5/images/tes.png
Requested by: Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.236.9.28 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en08-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 2380e2bb0b6442a8989877a3dabc2166a699d697311476ae61e4e3b7340eab4c

Request headers

:path: /ColisV5/images/tes.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimpromo.colusmen.com
referer: https://www.claimpromo.colusmen.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:52:45 GMT
last-modified: Wed, 02 Sep 2020 17:19:09 GMT
server: LiteSpeed
etag: "34170-5f4fd40d-7080522bb724999;;;"
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 213360
expires: Mon, 06 Sep 2021 13:52:45 GMT

GET
H2 200 colusfacial.png
www.claimpromo.colusmen.com/ColisV5/images/ 308 KB
308 KB 1596ms
1294ms Image
image/png 173.236.9.28
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimpromo.colusmen.com/ColisV5/images/colusfacial.png
Requested by: Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.236.9.28 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en08-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 6ddd1e66331614fde0c315a4087d587a9e664e19f469a6c1467d7832a53f29fe

Request headers

:path: /ColisV5/images/colusfacial.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimpromo.colusmen.com
referer: https://www.claimpromo.colusmen.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:52:45 GMT
last-modified: Wed, 02 Sep 2020 17:19:09 GMT
server: LiteSpeed
etag: "4cf98-5f4fd40d-45c457dd69135704;;;"
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 315288
expires: Mon, 06 Sep 2021 13:52:45 GMT

GET
H2 200 colusdaycream.jpg
www.claimpromo.colusmen.com/ColisV5/images/ 83 KB
83 KB 1596ms
1294ms Image
image/jpeg 173.236.9.28
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimpromo.colusmen.com/ColisV5/images/colusdaycream.jpg
Requested by: Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.236.9.28 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en08-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: e702ec4bea914531e5ddd784a716883c6aa581ca4568363372a0e34068c6ff6c

Request headers

:path: /ColisV5/images/colusdaycream.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimpromo.colusmen.com
referer: https://www.claimpromo.colusmen.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:52:45 GMT
last-modified: Wed, 02 Sep 2020 17:19:09 GMT
server: LiteSpeed
etag: "14c43-5f4fd40d-564e4a75c03f1a;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 85059
expires: Mon, 06 Sep 2021 13:52:45 GMT

GET
H2 200 colusnightcream.jpg
www.claimpromo.colusmen.com/ColisV5/images/ 94 KB
94 KB 1597ms
1295ms Image
image/jpeg 173.236.9.28
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimpromo.colusmen.com/ColisV5/images/colusnightcream.jpg
Requested by: Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.236.9.28 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en08-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 2d3741d1f0d14518d44e52528dfcff7617ffc64f478081eff0ff1be41e701914

Request headers

:path: /ColisV5/images/colusnightcream.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimpromo.colusmen.com
referer: https://www.claimpromo.colusmen.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:52:45 GMT
last-modified: Wed, 02 Sep 2020 17:19:09 GMT
server: LiteSpeed
etag: "1792b-5f4fd40d-cb1c476ff54b98d9;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 96555
expires: Mon, 06 Sep 2021 13:52:45 GMT

GET
H2 200 model1.jpg
www.claimpromo.colusmen.com/ 134 KB
135 KB 1599ms
1297ms Image
image/jpeg 173.236.9.28
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimpromo.colusmen.com/model1.jpg
Requested by: Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.236.9.28 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en08-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 5a562eb45ce9c9ca305bcb6f83104796e67a8eb27de7533be2761789926d01c6

Request headers

:path: /model1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimpromo.colusmen.com
referer: https://www.claimpromo.colusmen.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:52:45 GMT
last-modified: Wed, 02 Sep 2020 17:19:09 GMT
server: LiteSpeed
etag: "219eb-5f4fd40d-68cc525f5bd2f780;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 137707
expires: Mon, 06 Sep 2021 13:52:45 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 91 KB
36 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PKTK8DW

Requested by

Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c99918f4dc25f95ec7dcd5c08eeb5fa33f57baca048f92df99b70035085a2fbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:52:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36546
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 Aug 2021 13:52:44 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e90840ba8e99975dc53b26b16c56c117f267379efe7207981ec3c63fe991efba

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25996
x-xss-protection: 0
pragma: public
x-fb-debug: G/3crTuO50ocP/7CQzOiA57osFZQHfehwDnrvo3yySaShejCEbMRCmaDFJm1jmkFgVZGFfVrU/Gtt5Ah3uFJKA==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 30 Aug 2021 13:52:44 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 whatsapp.png
www.claimpromo.colusmen.com/ColisV5/images/ 17 KB
17 KB 745ms
444ms Image
image/png 173.236.9.28
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimpromo.colusmen.com/ColisV5/images/whatsapp.png
Requested by: Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/ColisV5/css/custom.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.236.9.28 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en08-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 52f632737acf54c1c8c52423e9b20c06deae80c72552063e5b47457162340de8

Request headers

:path: /ColisV5/images/whatsapp.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimpromo.colusmen.com
referer: https://www.claimpromo.colusmen.com/ColisV5/css/custom.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.claimpromo.colusmen.com/ColisV5/css/custom.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:52:44 GMT
last-modified: Wed, 02 Sep 2020 17:19:09 GMT
server: LiteSpeed
etag: "4470-5f4fd40d-5ae7d16e07c2c423;;;"
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 17520
expires: Mon, 06 Sep 2021 13:52:44 GMT

GET
H2 200 1f60a.png
twemoji.maxcdn.com/2/72x72/ 796 B
1 KB 72ms
23ms Image
image/png 23.111.9.57
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twemoji.maxcdn.com/2/72x72/1f60a.png
Requested by: Host: emoji-css.afeld.me
URL: https://emoji-css.afeld.me/emoji.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.57 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 5dc76062acc5a80d95fdd823db908640d52dac05ad1a4899ab9e723bfa0bbbfb

Request headers

Referer: https://emoji-css.afeld.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-fastly-request-id: f1800a6a6f4a70c796d861bc17a585254ff967c5
date: Mon, 30 Aug 2021 13:52:44 GMT
x-cache: HIT
powered-by: MaxCDN
content-length: 796
last-modified: Tue, 01 Jun 2021 07:52:51 GMT
server: NetDNA-cache/2.2
x-github-request-id: 4880:1B67:436AF3:4BACDB:61254425
etag: "60b5e753-31c"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
expires: Wed, 29 Sep 2021 13:52:44 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/ 46 KB
46 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,300,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.claimpromo.colusmen.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 01:34:40 GMT
x-content-type-options: nosniff
age: 303484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:40:30 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Aug 2022 01:34:40 GMT

GET
H2 206 6842.Mp4
www.claimpromo.colusmen.com/ 128 KB
0 1488ms
1187ms Media
video/mp4 173.236.9.28
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claimpromo.colusmen.com/6842.Mp4
Requested by: Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.236.9.28 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en08-phx.stablehost.com
Software: LiteSpeed /
Resource Hash

Request headers

:path: /6842.Mp4
pragma: no-cache
accept-encoding: identity;q=1, *;q=0
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: video
:authority: www.claimpromo.colusmen.com
referer: https://www.claimpromo.colusmen.com/
:scheme: https
sec-fetch-site: same-origin
range: bytes=0-
:method: GET
Referer: https://www.claimpromo.colusmen.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 30 Aug 2021 13:52:45 GMT
last-modified: Wed, 02 Sep 2020 17:19:09 GMT
server: LiteSpeed
etag: "b49e1f-5f4fd40d-ac103aa426515f20;;;"
vary: User-Agent
content-type: video/mp4
Content-Range: bytes 0-11836958/11836959
Content-Length: 11836959

GET
H2 206 Galeri%20Iklan.mp4
www.claimpromo.colusmen.com/ 128 KB
0 1488ms
1187ms Media
video/mp4 173.236.9.28
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claimpromo.colusmen.com/Galeri%20Iklan.mp4
Requested by: Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.236.9.28 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en08-phx.stablehost.com
Software: LiteSpeed /
Resource Hash

Request headers

:path: /Galeri%20Iklan.mp4
pragma: no-cache
accept-encoding: identity;q=1, *;q=0
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: video
:authority: www.claimpromo.colusmen.com
referer: https://www.claimpromo.colusmen.com/
:scheme: https
sec-fetch-site: same-origin
range: bytes=0-
:method: GET
Referer: https://www.claimpromo.colusmen.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 30 Aug 2021 13:52:45 GMT
last-modified: Wed, 02 Sep 2020 17:19:10 GMT
server: LiteSpeed
etag: "341b1d-5f4fd40e-aa4dd7ac5ac47f79;;;"
vary: User-Agent
content-type: video/mp4
Content-Range: bytes 0-3414812/3414813
Content-Length: 3414813

GET
H2 206 syarif%20cki.MP4
www.claimpromo.colusmen.com/ 128 KB
0 1488ms
1187ms Media
video/mp4 173.236.9.28
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claimpromo.colusmen.com/syarif%20cki.MP4
Requested by: Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.236.9.28 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en08-phx.stablehost.com
Software: LiteSpeed /
Resource Hash

Request headers

:path: /syarif%20cki.MP4
pragma: no-cache
accept-encoding: identity;q=1, *;q=0
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: video
:authority: www.claimpromo.colusmen.com
referer: https://www.claimpromo.colusmen.com/
:scheme: https
sec-fetch-site: same-origin
range: bytes=0-
:method: GET
Referer: https://www.claimpromo.colusmen.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 30 Aug 2021 13:52:45 GMT
last-modified: Wed, 02 Sep 2020 17:19:10 GMT
server: LiteSpeed
etag: "2a1daa-5f4fd40e-dd218fc73a90bcf6;;;"
vary: User-Agent
content-type: video/mp4
Content-Range: bytes 0-2760105/2760106
Content-Length: 2760106

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 1553933531457023 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 180ms
180ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1553933531457023?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

600f6e4357944402272dc6f55c92c32aefd3c155c4eea2db039c87fe58224029

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: bmdyzZTPtmTxrXItMtMWCVbcQaEYgz2uJQuZmrOhXmHscReVpZmAIJx3WVbJUzse65L4IjPa2U3DLKPWcKmf9Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 30 Aug 2021 13:52:44 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 124ms
51ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKTK8DW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

15906e6d782942494450b5474366c4098c542e8ebfbf2aabb9b824b451971970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14053
x-xss-protection: 0
server: cafe
etag: 9441931574288766250
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 13:52:44 GMT

GET
H3-29 200 / Show response
www.googleadservices.com/pagead/conversion/937216292/ 2 KB
1 KB 51ms
49ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/937216292/?random=1630331564912&cv=9&fst=1630331564912&num=1&value=350000&currency_code=idr&label=kdUpCOyBpHMQpJLzvgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.claimpromo.colusmen.com%2F&tiba=Colus%20Men%20Facial%20Treatment%20-%20Cream%20Wajah%20Untuk%20Pria%20Pertama%20Di%20Indonesia&auid=1087646679.1630331565&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ba6be8d45f4b4955b01bb371bb580c608e45273cdf5f557c7685f7baf38e648c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1263
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/privacysandbox/conversion/937216292/ 0
0 17ms
16ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/pagead/privacysandbox/conversion/937216292/?random=1630331564912&cv=9&fst=1630331564912&num=1&fmt=3&value=350000&currency_code=idr&label=kdUpCOyBpHMQpJLzvgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.claimpromo.colusmen.com%2F&tiba=Colus%20Men%20Facial%20Treatment%20-%20Cream%20Wajah%20Untuk%20Pria%20Pertama%20Di%20Indonesia&auid=1087646679.1630331565&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1
Requested by: Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/937216292/ 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/937216292/?random=1630331564920&cv=9&fst=1630331564920&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.claimpromo.colusmen.com%2F&tiba=Colus%20Men%20Facial%20Treatment%20-%20Cream%20Wajah%20Untuk%20Pria%20Pertama%20Di%20Indonesia&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16fe4897a13303ae1b872cef811292448f60133f448e6155f4894ff9ef184a0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1048
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/937216292/ 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/937216292/?random=1630331564920&cv=9&fst=1630328400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&frm=0&url=https%3A%2F%2Fwww.claimpromo.colusmen.com%2F&tiba=Colus%20Men%20Facial%20Treatment%20-%20Cream%20Wajah%20Untuk%20Pria%20Pertama%20Di%20Indonesia&async=1&fmt=3&is_vtc=1&random=1443537985&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:52:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/937216292/ 42 B
108 B 17ms
17ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/937216292/?random=1630331564920&cv=9&fst=1630328400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&frm=0&url=https%3A%2F%2Fwww.claimpromo.colusmen.com%2F&tiba=Colus%20Men%20Facial%20Treatment%20-%20Cream%20Wajah%20Untuk%20Pria%20Pertama%20Di%20Indonesia&async=1&fmt=3&is_vtc=1&random=1443537985&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:52:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
149 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1553933531457023&ev=PageView&dl=https%3A%2F%2Fwww.claimpromo.colusmen.com%2F&rl=&if=false&ts=1630331564977&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1630331564974.929144651&it=1630331564768&coo=false&rqm=GET

Requested by

Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:52:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 30 Aug 2021 13:52:44 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
103 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1553933531457023&ev=ViewContent&dl=https%3A%2F%2Fwww.claimpromo.colusmen.com%2F&rl=&if=false&ts=1630331564980&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1630331564974.929144651&it=1630331564768&coo=false&rqm=GET

Requested by

Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:52:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 30 Aug 2021 13:52:44 GMT

GET
H3-29

200

/
www.google.de/pagead/1p-conversion/937216292/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/937216292/?random=1701440898&cv=9&fst=1630331564912&num=1&value=350000&currency_code=idr&label=kdUpCOyBpHMQpJLzvgM&guid=ON&resp=Goog...
https://www.google.com/pagead/1p-conversion/937216292/?random=1701440898&cv=9&fst=1630331564912&num=1&value=350000&currency_code=idr&label=kdUpCOyBpHMQpJLzvgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200...
https://www.google.de/pagead/1p-conversion/937216292/?random=1701440898&cv=9&fst=1630331564912&num=1&value=350000&currency_code=idr&label=kdUpCOyBpHMQpJLzvgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&...

42 B
64 B

33ms
30ms

Image
image/gif

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/937216292/?random=1701440898&cv=9&fst=1630331564912&num=1&value=350000&currency_code=idr&label=kdUpCOyBpHMQpJLzvgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.claimpromo.colusmen.com%2F&tiba=Colus%20Men%20Facial%20Treatment%20-%20Cream%20Wajah%20Untuk%20Pria%20Pertama%20Di%20Indonesia&auid=1087646679.1630331565&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rOIsYbPOOcblgQfQ0ZboAw&cid=CAQSKQCNIrLM9x4ty1p4LXy_u4OF3ya-COpBXtAiCnlNVfV6sh0_sAq1yBEL&eitems=ChEI8IOyiQYQiJqDxIm85_7aARIdAGVqYgcm3-tVXjKXLNsj10RVW9Zjxzj20KKGM2E&random=3194090851&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:52:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:52:45 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/937216292/?random=1701440898&cv=9&fst=1630331564912&num=1&value=350000&currency_code=idr&label=kdUpCOyBpHMQpJLzvgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.claimpromo.colusmen.com%2F&tiba=Colus%20Men%20Facial%20Treatment%20-%20Cream%20Wajah%20Untuk%20Pria%20Pertama%20Di%20Indonesia&auid=1087646679.1630331565&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rOIsYbPOOcblgQfQ0ZboAw&cid=CAQSKQCNIrLM9x4ty1p4LXy_u4OF3ya-COpBXtAiCnlNVfV6sh0_sAq1yBEL&eitems=ChEI8IOyiQYQiJqDxIm85_7aARIdAGVqYgcm3-tVXjKXLNsj10RVW9Zjxzj20KKGM2E&random=3194090851&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
151 B 10ms
9ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1553933531457023&ev=Microdata&dl=https%3A%2F%2Fwww.claimpromo.colusmen.com%2F&rl=&if=false&ts=1630331566489&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Colus%20Men%20Facial%20Treatment%20-%20%20Cream%20Wajah%20Untuk%20Pria%20Pertama%20Di%20Indonesia%22%2C%22meta%3Adescription%22%3A%22Kolagen%20untuk%20pria%20!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=2&o=30&fbp=fb.1.1630331566481.193425060&it=1630331564768&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.claimpromo.colusmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:52:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 30 Aug 2021 13:52:46 GMT

GET
H2 206 6842.Mp4
www.claimpromo.colusmen.com/ 208 KB
0 268ms
261ms Media
video/mp4 173.236.9.28
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claimpromo.colusmen.com/6842.Mp4
Requested by: Host: www.claimpromo.colusmen.com
URL: https://www.claimpromo.colusmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.236.9.28 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en08-phx.stablehost.com
Software: LiteSpeed /
Resource Hash

Request headers

:path: /6842.Mp4
pragma: no-cache
accept-encoding: identity;q=1, *;q=0
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: video
:authority: www.claimpromo.colusmen.com
referer: https://www.claimpromo.colusmen.com/
:scheme: https
sec-fetch-site: same-origin
range: bytes=131072-
:method: GET
Referer: https://www.claimpromo.colusmen.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range: bytes=131072-

Response headers

date: Mon, 30 Aug 2021 13:52:46 GMT
last-modified: Wed, 02 Sep 2020 17:19:09 GMT
server: LiteSpeed
etag: "b49e1f-5f4fd40d-ac103aa426515f20;;;"
vary: User-Agent
content-type: video/mp4
Content-Range: bytes 131072-11836958/11836959
Content-Length: 11705887

GET
H2 206 6842.Mp4
www.claimpromo.colusmen.com/ 128 KB
0 314ms
314ms Media
video/mp4 173.236.9.28
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claimpromo.colusmen.com/6842.Mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.236.9.28 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en08-phx.stablehost.com
Software: LiteSpeed /
Resource Hash

Request headers

:path: /6842.Mp4
pragma: no-cache
accept-encoding: identity;q=1, *;q=0
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: video
:authority: www.claimpromo.colusmen.com
referer: https://www.claimpromo.colusmen.com/
:scheme: https
sec-fetch-site: same-origin
range: bytes=327680-
:method: GET
Referer: https://www.claimpromo.colusmen.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range: bytes=327680-

Response headers

date: Mon, 30 Aug 2021 13:52:47 GMT
last-modified: Wed, 02 Sep 2020 17:19:09 GMT
server: LiteSpeed
etag: "b49e1f-5f4fd40d-ac103aa426515f20;;;"
vary: User-Agent
content-type: video/mp4
Content-Range: bytes 327680-11836958/11836959
Content-Length: 11509279

GET
H2 206 6842.Mp4
www.claimpromo.colusmen.com/ 224 KB
0 237ms
237ms Media
video/mp4 173.236.9.28
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claimpromo.colusmen.com/6842.Mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.236.9.28 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en08-phx.stablehost.com
Software: LiteSpeed /
Resource Hash

Request headers

:path: /6842.Mp4
pragma: no-cache
accept-encoding: identity;q=1, *;q=0
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: video
:authority: www.claimpromo.colusmen.com
referer: https://www.claimpromo.colusmen.com/
:scheme: https
sec-fetch-site: same-origin
range: bytes=458752-
:method: GET
Referer: https://www.claimpromo.colusmen.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range: bytes=458752-

Response headers

date: Mon, 30 Aug 2021 13:52:47 GMT
last-modified: Wed, 02 Sep 2020 17:19:09 GMT
server: LiteSpeed
etag: "b49e1f-5f4fd40d-ac103aa426515f20;;;"
vary: User-Agent
content-type: video/mp4
Content-Range: bytes 458752-11836958/11836959
Content-Length: 11378207

GET
H2 206 6842.Mp4
www.claimpromo.colusmen.com/ 64 KB
0 272ms
272ms Media
video/mp4 173.236.9.28
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claimpromo.colusmen.com/6842.Mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.236.9.28 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: en08-phx.stablehost.com
Software: LiteSpeed /
Resource Hash

Request headers

:path: /6842.Mp4
pragma: no-cache
accept-encoding: identity;q=1, *;q=0
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: video
:authority: www.claimpromo.colusmen.com
referer: https://www.claimpromo.colusmen.com/
:scheme: https
sec-fetch-site: same-origin
range: bytes=655360-
:method: GET
Referer: https://www.claimpromo.colusmen.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range: bytes=655360-

Response headers

date: Mon, 30 Aug 2021 13:52:47 GMT
last-modified: Wed, 02 Sep 2020 17:19:09 GMT
server: LiteSpeed
etag: "b49e1f-5f4fd40d-ac103aa426515f20;;;"
vary: User-Agent
content-type: video/mp4
Content-Range: bytes 655360-11836958/11836959
Content-Length: 11181599

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afeld.github.io
ajax.googleapis.com
connect.facebook.net
emoji-css.afeld.me
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
twemoji.maxcdn.com
www.claimpromo.colusmen.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
142.250.186.66
173.236.9.28
185.199.108.153
185.199.109.153
23.111.9.57
2a00:1450:4001:801::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2008
2a00:1450:4001:811::200a
2a00:1450:4001:812::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
15906e6d782942494450b5474366c4098c542e8ebfbf2aabb9b824b451971970
16fe4897a13303ae1b872cef811292448f60133f448e6155f4894ff9ef184a0b
1b02ff6c780e10b1527405a851e33a1b83d6629e8c049004c16eb43b1679123b
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
2380e2bb0b6442a8989877a3dabc2166a699d697311476ae61e4e3b7340eab4c
2d3741d1f0d14518d44e52528dfcff7617ffc64f478081eff0ff1be41e701914
35572c949f734defa89beb69fcf172bb03eb97f96efd7e31fcc00cf0d9760db0
36d129255cf069d36a50079521e3fb0a2a37b4cd343e6b94bbf0b9a5006aff5d
370d5f511ab8864aeaa16a83299ebb0b9f80e8070fe55b671a08ae15065798d5
52f632737acf54c1c8c52423e9b20c06deae80c72552063e5b47457162340de8
58bc8f50af9f007766f20d056e23f3026e5bd064b409d67f974df35771f2dee1
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a562eb45ce9c9ca305bcb6f83104796e67a8eb27de7533be2761789926d01c6
5dc76062acc5a80d95fdd823db908640d52dac05ad1a4899ab9e723bfa0bbbfb
600f6e4357944402272dc6f55c92c32aefd3c155c4eea2db039c87fe58224029
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
6b566d7c18edc87c4d83740f5cd6db51eb00f089fdd277bb1f7bd3fa279a3fcb
6b85f667ca7a1be5ca7fd71c0586158f5f20a87a0a595d0939345d0b3b018638
6ddd1e66331614fde0c315a4087d587a9e664e19f469a6c1467d7832a53f29fe
6e439df825ccde5885228fedd6252e8be5076b99ed16de276934b08db3fead66
7103a09f04a9c4bb9e428f947f7de3d95093788a0c439125820840371eac3be8
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7ec485a61c99bacefb6aecceb50c525b5d5cb185e94dec58040b06a4c1028661
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
ab758bcc55399e4c74d640d8ea94b4a230a290ef974b9d0a521fb8076097acd5
ba6be8d45f4b4955b01bb371bb580c608e45273cdf5f557c7685f7baf38e648c
c790a6188551550a1397e109c897001131058aeeb303f21bcf4692fbee3055c2
c99918f4dc25f95ec7dcd5c08eeb5fa33f57baca048f92df99b70035085a2fbe
cb18100cecd972c28687f1320d16587e28c717e3ff67117aa46984b585298403
cd65323019e64ecddf1ccf12c8c71b1023d40f0308d655a07bc4f1fec630ea65
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
dc209f18e6ad46831abd7bed625728230870efcedbe64f09e1906aafc70cce55
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e702ec4bea914531e5ddd784a716883c6aa581ca4568363372a0e34068c6ff6c
e90840ba8e99975dc53b26b16c56c117f267379efe7207981ec3c63fe991efba
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c1622eb7897eff161ac2f9ab7dc61ae19fda4f566244816b63fe642a937a74
f4d7e8250f8f124f8b7d087e5e260766a34b079fddc43e7b20d8c18ca1e92e51

www.claimpromo.colusmen.com Open in urlscan Pro 173.236.9.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

46 Requests

100 %HTTPS

71 %IPv6

13 Domains

14 Subdomains

16 IPs

2 Countries

2522 kBTransfer

4352 kBSize

0 Cookies

0 Outgoing links

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.claimpromo.colusmen.com Open in urlscan Pro
173.236.9.28 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

100 %
HTTPS

71 %
IPv6

13
Domains

14
Subdomains

16
IPs

2
Countries

2522 kB
Transfer

4352 kB
Size

0
Cookies

46 HTTP transactions
7 data transactions