urlscan.io logo urlscan.io
SecurityTrails logo

promo.com Open in urlscan Pro
104.18.29.133  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.promo.com//for//real/-estate/-videos/%C2%AC
Effective URL: https://promo.com/for/real/-estate/-videos/%C2%AC
Submission: On September 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 4 countries across 14 domains to perform 58 HTTP transactions. The main IP is 104.18.29.133, located in and belongs to CLOUDFLARENET, US. The main domain is promo.com.
TLS certificate: Issued by E5 on September 1st 2024. Valid for: 3 months.
This is the only time promo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.64.149.202 13335 (CLOUDFLAR...)
1 5 104.18.29.133 13335 (CLOUDFLAR...)
15 172.64.148.114 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.35.58.119 16509 (AMAZON-02)
1 2600:1901:0:4... 15169 (GOOGLE)
4 157.240.252.13 32934 (FACEBOOK)
1 199.232.188.157 54113 (FASTLY)
1 151.101.65.44 54113 (FASTLY)
2 2a04:4e42::84 54113 (FASTLY)
1 13.224.189.39 16509 (AMAZON-02)
10 2a02:6ea0:c70... 60068 (CDN77 _)
3 2600:1f14:5db... 16509 (AMAZON-02)
1 151.101.193.44 54113 (FASTLY)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 13.224.189.49 16509 (AMAZON-02)
2 18.244.18.24 16509 (AMAZON-02)
1 54.81.238.62 14618 (AMAZON-AES)
2 34.197.151.153 14618 (AMAZON-AES)
4 141.226.228.48 200478 (TABOOLA-AS)
58 20
1    172.64.149.202 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
www.promo.com
5    104.18.29.133 (None, )

ASN13335 (CLOUDFLARENET, US)
promo.com
15    172.64.148.114 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
ak02-promo-cdn.slidely.com
ak03-cdn.slidely.com
ak03-promo-cdn.slidely.com
1    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    13.35.58.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-119.fra60.r.cloudfront.net
lift-ai-js.marketlinc.com
1    2600:1901:0:498c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
cdn.mxpnl.com
4    157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net
1    199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    151.101.65.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
2    2a04:4e42::84 (United States)

ASN54113 (FASTLY, US)
s.pinimg.com
1    13.224.189.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-39.fra2.r.cloudfront.net
js.iterable.com
10    2a02:6ea0:c700::21 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
cdn.userway.org
3    2600:1f14:5db:eb11:da15:eb93:ee4c:a991 (Boardman, United States)

ASN16509 (AMAZON-02, US)
api.userway.org
1    151.101.193.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
psb.taboola.com
1    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    13.224.189.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-49.fra2.r.cloudfront.net
widget.intercom.io
2    18.244.18.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-24.fra56.r.cloudfront.net
js.intercomcdn.com
1    54.81.238.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-238-62.compute-1.amazonaws.com
api-iam.intercom.io
2    34.197.151.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-151-153.compute-1.amazonaws.com
visitor-scoring-new.marketlinc.com
4    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
Apex Domain
Subdomains		 Transfer
15 slidely.com
ak02-promo-cdn.slidely.com
ak03-cdn.slidely.com
ak03-promo-cdn.slidely.com
619 KB
13 userway.org
cdn.userway.org — Cisco Umbrella Rank: 3232
api.userway.org — Cisco Umbrella Rank: 3140
259 KB
6 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 894
psb.taboola.com — Cisco Umbrella Rank: 6108
trc-events.taboola.com — Cisco Umbrella Rank: 2788
23 KB
6 promo.com
www.promo.com
promo.com
5 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 178
158 KB
4 marketlinc.com
lift-ai-js.marketlinc.com — Cisco Umbrella Rank: 52700
visitor-scoring-new.marketlinc.com — Cisco Umbrella Rank: 55491
11 KB
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2984
284 KB
2 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 2157
api-iam.intercom.io — Cisco Umbrella Rank: 2617
6 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 1018
25 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
1 iterable.com
js.iterable.com — Cisco Umbrella Rank: 94073
3 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 875
15 KB
1 mxpnl.com
cdn.mxpnl.com — Cisco Umbrella Rank: 3500
19 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
99 KB
58 14
Domain Requested by
11 ak02-promo-cdn.slidely.com promo.com
ak02-promo-cdn.slidely.com
10 cdn.userway.org ak03-promo-cdn.slidely.com
cdn.userway.org
5 promo.com 1 redirects ak02-promo-cdn.slidely.com
4 trc-events.taboola.com cdn.taboola.com
4 connect.facebook.net ak03-promo-cdn.slidely.com
connect.facebook.net
3 api.userway.org cdn.userway.org
2 visitor-scoring-new.marketlinc.com lift-ai-js.marketlinc.com
2 js.intercomcdn.com widget.intercom.io
2 s.pinimg.com ak03-promo-cdn.slidely.com
s.pinimg.com
2 lift-ai-js.marketlinc.com ak03-promo-cdn.slidely.com
lift-ai-js.marketlinc.com
2 ak03-promo-cdn.slidely.com ak02-promo-cdn.slidely.com
2 ak03-cdn.slidely.com ak02-promo-cdn.slidely.com
1 api-iam.intercom.io js.intercomcdn.com
1 widget.intercom.io ak03-promo-cdn.slidely.com
1 www.facebook.com connect.facebook.net
1 psb.taboola.com cdn.taboola.com
1 js.iterable.com ak03-promo-cdn.slidely.com
1 cdn.taboola.com ak03-promo-cdn.slidely.com
1 static.ads-twitter.com ak03-promo-cdn.slidely.com
1 cdn.mxpnl.com ak03-promo-cdn.slidely.com
1 www.googletagmanager.com ak03-promo-cdn.slidely.com
1 www.promo.com 1 redirects
58 22

This site contains no links.

Subject Issuer Validity Valid
promo.com
E5		 2024-09-01 -
2024-11-30		 3 months crt.sh
ak02-promo-cdn.slidely.com
WE1		 2024-08-21 -
2024-11-19		 3 months crt.sh
ak03-cdn.slidely.com
WE1		 2024-08-19 -
2024-11-17		 3 months crt.sh
ak03-promo-cdn.slidely.com
WE1		 2024-08-21 -
2024-11-19		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.marketlinc.com
Amazon RSA 2048 M03		 2024-01-05 -
2025-02-02		 a year crt.sh
*.mxpnl.com
GeoTrust TLS RSA CA G1		 2024-07-15 -
2025-07-29		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-26 -
2024-09-24		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-25 -
2025-06-24		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2024-12-31		 5 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-08-05 -
2025-08-07		 a year crt.sh
iterable.com
Amazon RSA 2048 M03		 2024-03-23 -
2025-04-20		 a year crt.sh
1667503734.rsc.cdn77.org
E5		 2024-07-16 -
2024-10-14		 3 months crt.sh
api.userway.org
Amazon RSA 2048 M02		 2024-08-02 -
2025-08-31		 a year crt.sh
*.intercom.com
Amazon RSA 2048 M03		 2024-01-15 -
2025-02-11		 a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02		 2023-12-01 -
2024-12-29		 a year crt.sh

This page contains 2 frames:

Primary Page: https://promo.com/for/real/-estate/-videos/%C2%AC
Frame ID: 8194C2F429D8F99FADD9C9F0A827B285
Requests: 52 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.e1c621b6.js
Frame ID: F8FE24C5A260348B24EE5DC7CACA7A89
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ERROR 404 | Promo.com | Visual Content Creation Platform

Page URL History Show full URLs

  1. http://www.promo.com//for//real/-estate/-videos/%C2%AC HTTP 307
    https://www.promo.com//for//real/-estate/-videos/%C2%AC HTTP 301
    https://promo.com//for//real/-estate/-videos/%C2%AC HTTP 308
    https://promo.com/for/real/-estate/-videos/%C2%AC Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js

Page Statistics

58
Requests

98 %
HTTPS

30 %
IPv6

14
Domains

22
Subdomains

20
IPs

4
Countries

1525 kB
Transfer

6096 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.promo.com//for//real/-estate/-videos/%C2%AC HTTP 307
    https://www.promo.com//for//real/-estate/-videos/%C2%AC HTTP 301
    https://promo.com//for//real/-estate/-videos/%C2%AC HTTP 308
    https://promo.com/for/real/-estate/-videos/%C2%AC Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request %C2%AC
promo.com/for/real/-estate/-videos/
Redirect Chain
  • http://www.promo.com//for//real/-estate/-videos/%C2%AC
  • https://www.promo.com//for//real/-estate/-videos/%C2%AC
  • https://promo.com//for//real/-estate/-videos/%C2%AC
  • https://promo.com/for/real/-estate/-videos/%C2%AC
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://promo.com/for/real/-estate/-videos/%C2%AC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.29.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1d150d6538f0bd92bb8085a57c3afef20752314846f8efdd1949867c86aa454

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c44a5505c6c380d-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 16 Sep 2024 23:30:41 GMT
etag
"zivx3t93c3uj"
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c44a54dcacd380d-FRA
date
Mon, 16 Sep 2024 23:30:41 GMT
location
/for/real/-estate/-videos/%C2%AC
refresh
0;url=/for/real/-estate/-videos/%C2%AC
server
cloudflare
x-content-type-options
nosniff
x-xss-protection
1; mode=block
e2c2d60a9440a724.css
ak02-promo-cdn.slidely.com/next/_next/static/css/ 		165 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ak02-promo-cdn.slidely.com/next/_next/static/css/e2c2d60a9440a724.css
Requested by
Host: promo.com
URL: https://promo.com/for/real/-estate/-videos/%C2%AC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.114 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a41afc46f00ec0bf713a08761131cc5f76d23fb234839d674b2f219127041ab
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 23:30:41 GMT
content-encoding
br
cf-cache-status
HIT
age
1795475
cf-polished
origSize=169165
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 02 Jul 2024 09:29:35 GMT
server
cloudflare
etag
W/"294cd-19072c73323"
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
8c44a5532ac765ad-FRA
expires
Tue, 16 Sep 2025 23:30:41 GMT
webpack-ca00b7b2c91dfb56.js
ak02-promo-cdn.slidely.com/next/_next/static/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak02-promo-cdn.slidely.com/next/_next/static/chunks/webpack-ca00b7b2c91dfb56.js
Requested by
Host: promo.com
URL: https://promo.com/for/real/-estate/-videos/%C2%AC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.114 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9eba3f818f8db829259816e9ecd47d3e050f44091cfeed806f36b47e8804c7c
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 23:30:41 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 02 Jul 2024 09:29:39 GMT
server
cloudflare
age
1877245
etag
W/"f1d-19072c74124"
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
8c44a5532ac865ad-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 16 Sep 2025 23:30:41 GMT
framework-2ea8c17f7ea07c81.js
ak02-promo-cdn.slidely.com/next/_next/static/chunks/ 		127 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak02-promo-cdn.slidely.com/next/_next/static/chunks/framework-2ea8c17f7ea07c81.js
Requested by
Host: promo.com
URL: https://promo.com/for/real/-estate/-videos/%C2%AC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.114 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc0c14a6c8467399237154429caac8d441dc477480c63e146a6b35d565dbf3ad
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 23:30:41 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 10 Apr 2024 10:45:50 GMT
server
cloudflare
age
6487137
etag
W/"1fbbc-18ec79d2b32"
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
8c44a5532aca65ad-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 16 Sep 2025 23:30:41 GMT
main-6c4874ab5076bb95.js
ak02-promo-cdn.slidely.com/next/_next/static/chunks/ 		107 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak02-promo-cdn.slidely.com/next/_next/static/chunks/main-6c4874ab5076bb95.js
Requested by
Host: promo.com
URL: https://promo.com/for/real/-estate/-videos/%C2%AC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.114 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36cb0fb86ee18accbd96345ec80e87b81c498b122a859f15de01d79035bb0dbf
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 23:30:41 GMT
content-encoding
br
cf-cache-status
HIT
age
1795475
cf-polished
origSize=109314
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 03 Jul 2024 09:12:47 GMT
server
cloudflare
etag
W/"1ab02-19077de2bd3"
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
8c44a5532acb65ad-FRA
expires
Tue, 16 Sep 2025 23:30:41 GMT
_app-144f0a682074f54f.js
ak02-promo-cdn.slidely.com/next/_next/static/chunks/pages/ 		257 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak02-promo-cdn.slidely.com/next/_next/static/chunks/pages/_app-144f0a682074f54f.js
Requested by
Host: promo.com
URL: https://promo.com/for/real/-estate/-videos/%C2%AC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.114 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
445824de9dcd16539938dbe00fb348cd63fdb55d1ea356a200c1708cb5a3a697
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 23:30:41 GMT
content-encoding
br
cf-cache-status
HIT
age
1246702
cf-polished
origSize=262898
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 02 Sep 2024 13:00:03 GMT
server
cloudflare
etag
W/"402f2-191b2d22bd3"
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
8c44a5532acc65ad-FRA
expires
Tue, 16 Sep 2025 23:30:41 GMT
8550-7a481bb88e3036c7.js
ak02-promo-cdn.slidely.com/next/_next/static/chunks/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak02-promo-cdn.slidely.com/next/_next/static/chunks/8550-7a481bb88e3036c7.js
Requested by
Host: promo.com
URL: https://promo.com/for/real/-estate/-videos/%C2%AC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.114 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d4173e23f518fc25e7c2569cec6c0e90f126443dba9a04ca92a7ccea732b6fa
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 23:30:41 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 06 Jun 2024 10:20:15 GMT
server
cloudflare
age
8859844
etag
W/"45da-18fed103cc3"
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
8c44a5532ace65ad-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 16 Sep 2025 23:30:41 GMT
404-c34b24b6f3731f21.js
ak02-promo-cdn.slidely.com/next/_next/static/chunks/pages/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak02-promo-cdn.slidely.com/next/_next/static/chunks/pages/404-c34b24b6f3731f21.js
Requested by
Host: promo.com
URL: https://promo.com/for/real/-estate/-videos/%C2%AC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.114 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18d748c25596b11a9387a7c65a6227b77471bf7f1255487eb0e0db8b0a842cd6
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 23:30:41 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 22 Aug 2024 10:26:24 GMT
server
cloudflare
age
216221
etag
W/"16f1-191799f8bf8"
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
8c44a5537af265ad-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 16 Sep 2025 23:30:41 GMT
_buildManifest.js
ak02-promo-cdn.slidely.com/next/_next/static/e346364c2dfa9a7e608e075005aaea13209e4b61/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak02-promo-cdn.slidely.com/next/_next/static/e346364c2dfa9a7e608e075005aaea13209e4b61/_buildManifest.js
Requested by
Host: promo.com
URL: https://promo.com/for/real/-estate/-videos/%C2%AC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.114 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6fbec159585e6f71c896d76e39baeacd0878707a8a487afafe45fdeb7ea7373
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 23:30:41 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 12 Sep 2024 10:05:04 GMT
server
cloudflare
age
393403
etag
W/"f92-191e5b18d30"
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
8c44a5537af365ad-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 16 Sep 2025 23:30:41 GMT
_ssgManifest.js
ak02-promo-cdn.slidely.com/next/_next/static/e346364c2dfa9a7e608e075005aaea13209e4b61/ 		77 B
290 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ak02-promo-cdn.slidely.com/next/_next/static/e346364c2dfa9a7e608e075005aaea13209e4b61/_ssgManifest.js
Requested by
Host: promo.com
URL: https://promo.com/for/real/-estate/-videos/%C2%AC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.114 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 23:30:41 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 12 Sep 2024 10:05:07 GMT
server
cloudflare
age
393582
etag
W/"4d-191e5b19bf3"
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
8c44a5537af465ad-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 16 Sep 2025 23:30:41 GMT
error-page-background.jpg
ak03-cdn.slidely.com/static/promo-composite-components/assets/img/icons/error-page/ 		157 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ak03-cdn.slidely.com/static/promo-composite-components/assets/img/icons/error-page/error-page-background.jpg?ver=1.3
Requested by
Host: ak02-promo-cdn.slidely.com
URL: https://ak02-promo-cdn.slidely.com/next/_next/static/css/e2c2d60a9440a724.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.114 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a912e2c86fc108ec9db865d2408cfad215421995edab4d1869a7de4cd9b8b13b

Request headers

Referer
https://ak02-promo-cdn.slidely.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 23:30:42 GMT
cf-cache-status
REVALIDATED
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
160600
last-modified
Wed, 10 Apr 2024 19:26:50 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"a51bfec84744537dda9a30cefbf58179"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8c44a5541851d38e-FRA
expires
Tue, 16 Sep 2025 23:30:42 GMT
promo-logo.svg
ak03-cdn.slidely.com/static/promo-composite-components/assets/img/icons/error-page/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ak03-cdn.slidely.com/static/promo-composite-components/assets/img/icons/error-page/promo-logo.svg?ver=1.3
Requested by
Host: ak02-promo-cdn.slidely.com
URL: https://ak02-promo-cdn.slidely.com/next/_next/static/css/e2c2d60a9440a724.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.114 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ffa85a1841c4e11f0dd6a0a2c3f94739dc117fe7b6dd0dbad8a2040700e5566

Request headers

Referer
https://ak02-promo-cdn.slidely.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 23:30:42 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 10 Apr 2024 19:26:50 GMT
server
cloudflare
etag
W/"5cd7557bb92360b817384b0f826b6025"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
8c44a554184ed38e-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 16 Sep 2025 23:30:42 GMT
Black-Foundry-Wes-FY-Bold.ttf
ak02-promo-cdn.slidely.com/next/static/promo-js/fonts/wes-fy/ 		81 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ak02-promo-cdn.slidely.com/next/static/promo-js/fonts/wes-fy/Black-Foundry-Wes-FY-Bold.ttf
Requested by
Host: ak02-promo-cdn.slidely.com
URL: https://ak02-promo-cdn.slidely.com/next/_next/static/css/e2c2d60a9440a724.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.114 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
443e0a429443e5f77a0bd31cfd8339a08bdcd932d9c376c7dd423c32cb697887
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
https://ak02-promo-cdn.slidely.com/next/_next/static/css/e2c2d60a9440a724.css
Origin
https://promo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 23:30:41 GMT
content-encoding
gzip
cf-cache-status
HIT
age
16176785
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 22 Nov 2023 15:56:09 GMT
server
cloudflare
etag
W/"145e8-18bf7bef5a8"
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=29994728
cf-ray
8c44a553fc585d6b-FRA
expires
Sat, 30 Aug 2025 03:22:49 GMT
Black-Foundry-Wes-FY-Medium.ttf
ak02-promo-cdn.slidely.com/next/static/promo-js/fonts/wes-fy/ 		0
0
get-promo-next-page-config
promo.com/promoVideos/config/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://promo.com/promoVideos/config/get-promo-next-page-config
Requested by
Host: ak02-promo-cdn.slidely.com
URL: https://ak02-promo-cdn.slidely.com/next/_next/static/chunks/pages/_app-144f0a682074f54f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3af4a093f10b50543a21652544233a1bc7b2c10fc103327fc7ede892961ea7bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://promo.com/for/real/-estate/-videos/%C2%AC
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-trace-id
pragma
no-cache
date
Mon, 16 Sep 2024 23:30:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
sameorigin
content-type
application/json
p3p
CP="CAO PSA OUR"
cache-control
no-store, no-cache, must-revalidate
cf-ray
8c44a55449fd35fe-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
expires
Thu, 19 Nov 1981 08:52:00 GMT
Black-Foundry-Wes-FY-Medium.ttf
ak03-promo-cdn.slidely.com/static/promo-videos/fonts/wes-fy/ 		87 KB
87 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ak03-promo-cdn.slidely.com/static/promo-videos/fonts/wes-fy/Black-Foundry-Wes-FY-Medium.ttf
Requested by
Host: ak02-promo-cdn.slidely.com
URL: https://ak02-promo-cdn.slidely.com/next/_next/static/css/e2c2d60a9440a724.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.114 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f7cef2df37f752a57f1d883c342d300ccbb3d5dfe758c5ae7f13d9dd7d19457

Request headers

Referer
https://ak02-promo-cdn.slidely.com/
Origin
https://promo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 23:30:42 GMT
cf-cache-status
HIT
age
712
alt-svc
h3=":443"; ma=86400
content-length
89028
last-modified
Wed, 10 Apr 2024 19:27:16 GMT
server
cloudflare
etag
"e537340bc3d8aa58c3f6dcf5423b6d95"
vary
Accept-Encoding
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8c44a5557a00d2de-FRA
expires
Tue, 16 Sep 2025 23:30:42 GMT
sdk.bundle.js
ak02-promo-cdn.slidely.com/1726495388/dist/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak02-promo-cdn.slidely.com/1726495388/dist/sdk.bundle.js
Requested by
Host: ak02-promo-cdn.slidely.com
URL: https://ak02-promo-cdn.slidely.com/next/_next/static/chunks/pages/_app-144f0a682074f54f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.114 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c49da562b3db6e12f415e89d90e83b3133e25c1a5516a44361d83feae21dd457
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 23:30:42 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 16 Sep 2024 12:13:14 GMT
server
cloudflare
age
33939
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
cf-ray
8c44a5556c0365ad-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 17 Sep 2025 05:30:42 GMT
promoAnalytics.bundle.js
ak03-promo-cdn.slidely.com/1726495388/dist/pa/ 		544 KB
157 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak03-promo-cdn.slidely.com/1726495388/dist/pa/promoAnalytics.bundle.js
Requested by
Host: ak02-promo-cdn.slidely.com
URL: https://ak02-promo-cdn.slidely.com/next/_next/static/chunks/pages/_app-144f0a682074f54f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.114 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c6563b6fadcf3be4d1ab9191985e661b81c148b9f115fdfb95f82df4d1db49a
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 23:30:42 GMT
content-encoding
br
cf-cache-status
HIT
age
33924
cf-polished
origSize=557293
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 16 Sep 2024 12:13:30 GMT
server
cloudflare
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
cf-ray
8c44a555ae829f2f-FRA
expires
Wed, 17 Sep 2025 05:30:42 GMT
js
www.googletagmanager.com/gtag/ 		299 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-115YEV4FHZ
Requested by
Host: ak03-promo-cdn.slidely.com
URL: https://ak03-promo-cdn.slidely.com/1726495388/dist/pa/promoAnalytics.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b90fa49612a49bc666a8675b304805566cda98cb902443056ecdca631fac166d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 23:30:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100537
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 16 Sep 2024 23:30:42 GMT
deployment.js
lift-ai-js.marketlinc.com/promo.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lift-ai-js.marketlinc.com/promo.com/deployment.js?383701187
Requested by
Host: ak03-promo-cdn.slidely.com
URL: https://ak03-promo-cdn.slidely.com/1726495388/dist/pa/promoAnalytics.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-119.fra60.r.cloudfront.net
Software
Apache/2.4.62 () OpenSSL/1.0.2k-fips /
Resource Hash
f15d1c4495c186c09e76dbf26453039b8a2a133ad591d7ca066cf773eea34d94

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 23:30:41 GMT
content-encoding
gzip
via
1.1 3de687dde9ccf524586562826ee53358.cloudfront.net (CloudFront)
server
Apache/2.4.62 () OpenSSL/1.0.2k-fips
x-amz-cf-pop
FRA60-P10
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
no-cache="set-cookie"
content-length
1188
x-amz-cf-id
RjL_HVx6hutZBnz3ELFZVHMicP8OiQwPfhP2WpYJA86zeqy0MLtKUw==
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: ak03-promo-cdn.slidely.com
URL: https://ak03-promo-cdn.slidely.com/1726495388/dist/pa/promoAnalytics.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:498c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5357d3283ddf27fc4156d8c48f95dadf544139b198c43db3162c8cf18b3de996

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 23:23:29 GMT
content-encoding
gzip
age
433
x-guploader-uploadid
AD-8ljtLpViTFFobAEYwo5U_KgzDx9DGIm6tTAVjmLJEUv8l0IJpv_2yknK_Qm1rc7jHBPaZAWg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19057
last-modified
Tue, 27 Aug 2024 18:10:17 GMT
server
UploadServer
etag
"032ee7cfb9a87a2c861ff18815754842"
vary
Accept-Encoding
x-goog-generation
1724782217794014
x-goog-hash
crc32c=rciEWw==, md5=Ay7nz7moeiyGH/GIFXVIQg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=600
x-goog-stored-content-length
19057
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 16 Sep 2024 23:33:29 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: ak03-promo-cdn.slidely.com
URL: https://ak03-promo-cdn.slidely.com/1726495388/dist/pa/promoAnalytics.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
a1ec7275142b4808268985b4e010a3807a245bdbcfae96b5529fdff10e0f9865
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 16 Sep 2024 23:30:42 GMT
content-md5
Zp8IIETvg+qomu5ZJavMww==
document-policy
force-load-at-top
x-fb-server-load
35
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1689
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=32702, tp=33, tpl=0, uplat=2, ullat=-1
x-fb-debug
LJX7ATvUidaYujSVONKKVfUgcaeJXIIBYCyBytTS8O1nAkd4evgh+mBdU94ln2Y88Wk/XctFvsI55VVJ4B5mLw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
bde1d5a9d0fde7d1a221a433fec0f3d7
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"9e95954af3038ca8c272987c8cb71fcf"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Mon, 16 Sep 2024 23:34:20 GMT
fbevents.js
connect.facebook.net/en_US/ 		225 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ak03-promo-cdn.slidely.com
URL: https://ak03-promo-cdn.slidely.com/1726495388/dist/pa/promoAnalytics.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 16 Sep 2024 23:30:42 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58953
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4462, tp=10, tpl=0, uplat=2, ullat=-1
pragma
public
x-fb-debug
jdTU28CsviTnf2YRFUsmOaQSumqXfYHDaBZjtvFajH9hqZJ+ul8U05mRjrpdsdGi3AB7RNb8/Pgd+/j3lXeBqg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
session
promo.com/data/user/ 		136 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://promo.com/data/user/session
Requested by
Host: ak02-promo-cdn.slidely.com
URL: https://ak02-promo-cdn.slidely.com/1726495388/dist/sdk.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32d5197fecf0a39a77142a7adf2a1d1eca1162095fb61b9b0492bcb3d4a79138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://promo.com/for/real/-estate/-videos/%C2%AC
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-trace-id
pragma
no-cache
date
Mon, 16 Sep 2024 23:30:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
sameorigin
content-type
application/json
p3p
CP="CAO PSA OUR"
cache-control
no-store, no-cache, must-revalidate
cf-ray
8c44a5566b7c35fe-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
expires
Thu, 19 Nov 1981 08:52:00 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: ak03-promo-cdn.slidely.com
URL: https://ak03-promo-cdn.slidely.com/1726495388/dist/pa/promoAnalytics.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 23:30:42 GMT
content-encoding
gzip
last-modified
Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption
AES256
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15412
x-served-by
cache-iad-kiad7000168-IAD, cache-muc13958-MUC
tfa.js
cdn.taboola.com/libtrc/unip/1169464/ 		71 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1169464/tfa.js
Requested by
Host: ak03-promo-cdn.slidely.com
URL: https://ak03-promo-cdn.slidely.com/1726495388/dist/pa/promoAnalytics.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0c6b2a716f796f9b68f10ccce4afac642bb1c4f27b2b50ef16970e9e9248d8f1

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
49DK_gcM1cmflETcFmuHaZedbhPRor__
content-encoding
gzip
via
1.1 varnish
date
Mon, 16 Sep 2024 23:30:42 GMT
x-amz-request-id
26HJMESNJ963PZVR
age
22
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
21873
x-amz-id-2
Knk19EhGQbsej2HVRz2Cfruge13pJ9KH/s1p/XKqj/kVf/pYJyUbspQrfvezJx75L5Xpai+OlPo=
x-served-by
cache-mad22056-MAD
last-modified
Sun, 08 Sep 2024 11:11:13 GMT
server
AmazonS3
x-timer
S1726529442.406914,VS0,VE1
etag
"cf11379131f9aa3d823fa103479cf485"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
43
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
core.js
s.pinimg.com/ct/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: ak03-promo-cdn.slidely.com
URL: https://ak03-promo-cdn.slidely.com/1726495388/dist/pa/promoAnalytics.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
919293e56b6a814a84a579b014f63a2423b0419c418494da7baa7c0c5893cde1

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 23:30:42 GMT
content-encoding
br
x-cdn
fastly
etag
"b37f6fea55e9029c9c9d413c47f69cb7"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=7200
alt-svc
h3=":443";ma=600
content-length
1878
analytics.js
js.iterable.com/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.iterable.com/analytics.js
Requested by
Host: ak03-promo-cdn.slidely.com
URL: https://ak03-promo-cdn.slidely.com/1726495388/dist/pa/promoAnalytics.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-39.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b07ff9cb3ee66f1f0e4c708320ea5d9d6487d1b15e022416d914e214df163aa

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 16 Sep 2024 14:01:45 GMT
Via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
Last-Modified
Fri, 18 Dec 2015 02:22:54 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C1
Age
34138
ETag
"92ec746618875057f06112a34d2770a9"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2281
X-Amz-Cf-Id
g1MSixPpJHNn6iH7YqZVNtrSDWo9EKmsK-X2xpNFC8q7433qYN65oA==
widget.js
cdn.userway.org/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widget.js
Requested by
Host: ak03-promo-cdn.slidely.com
URL: https://ak03-promo-cdn.slidely.com/1726495388/dist/pa/promoAnalytics.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
03dce1db4de3e8ca9359a6a90fab5f2aeb40a06b2137286bf59139a2e73ba98d

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 16 Sep 2024 23:30:42 GMT
via
1.1 47bf742fc3975367a1788e300150d028.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
363
x-amz-server-side-encryption
AES256
x-accel-date-max
1725875190
x-77-cache
HIT
x-cache
HIT
x-age
2109
x-accel-date
1726527333
x-77-nzt
EgwB1GY4sQH3PQgAAAwBJRPCMQG3AwAAAA
x-accel-expires
@1726530933
x-77-age
2109
last-modified
Mon, 09 Sep 2024 09:44:52 GMT
server
CDN77-Turbo
etag
W/"aa6d498b8b1946bfdbe8287c13607a58"
x-77-nzt-ray
1cb09c0ee38995a6a2bfe8666e762e14
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=3600, public
vary
Accept-Encoding
x-amz-cf-id
eI9TOgoy567xajyX1fJT0SIlcy5vReE_5ri3qF7iQB8xWfpFxcitfQ==
widget_app_base_1725874918757.js
cdn.userway.org/widgetapp/2024-09-09-09-41-58/ 		156 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2024-09-09-09-41-58/widget_app_base_1725874918757.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ce76c8cab5e2836062b24e92e0cd2c45e8ab2386ba65d9648bfe3837bf22e141

Request headers

Referer
https://promo.com/
Origin
https://promo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 16 Sep 2024 23:30:42 GMT
via
1.1 fd6dc3eaf39d0b931b4b1369a7e91ac0.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
362
x-amz-server-side-encryption
AES256
x-accel-date-max
1725875191
x-77-cache
HIT
x-cache
HIT
x-age
653886
x-accel-date
1725875556
x-77-nzt
EgwB1GY4sQH3PvoJAAwBnJIhJwG3BAAAAA
x-accel-expires
@1751795552
x-77-age
653886
last-modified
Mon, 09 Sep 2024 09:44:39 GMT
server
CDN77-Turbo
etag
W/"b592aa0211d152fd2bd11548e2007911"
x-77-nzt-ray
1cb09c0e8c7962a7a2bfe86652c45e16
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
Visr9e1huEVVCUgX0nF-Mqf5xu0uq7BHgfJWBRbCBInY4SpDphV6UQ==
sdk.js
connect.facebook.net/en_US/ 		300 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=8ef4fcb6ff7d51641bdf09221ffdfde7
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
f106b0c7f62fd796c1f1409c00a5e84f89fc85f2ee4847b4c97962ef6de4f96f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://promo.com/
Origin
https://promo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 16 Sep 2024 23:30:42 GMT
content-md5
ykcsxwgGecnOpdxXYs3ftg==
document-policy
force-load-at-top
x-fb-server-load
44
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87760
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=23, mss=1232, tbw=4411, tp=9, tpl=0, uplat=2, ullat=-1
x-fb-debug
CwjDOxRRnG4PMd31xnAkNbr+wxCMBWgew9T5f4LhPyMXAPXCdaeyuSOAwDzOH33NGPnQMm28havponeMJvWasA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
9a3ac8cffc61ef5719b960064de1d519
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"8f7ce0293f354bb7214bd05e811eb9de"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Tue, 16 Sep 2025 22:47:43 GMT
712371922135655
connect.facebook.net/signals/config/ 		66 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/712371922135655?v=2.9.167&r=stable&domain=promo.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
75d1361b9a98e44fd627231837b1cb9ed5917a95030990a820f740efc3d03322
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 16 Sep 2024 23:30:42 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=66, mss=1232, tbw=69318, tp=67, tpl=0, uplat=95, ullat=0
pragma
public
x-fb-debug
trhddFJx3rjT9wp/ifb1fuQVMPPffsBHZQHx7DkwT/b3UN+9LcUpSHalYUzKZUELnP8xaB5pm8393rtS36Zg/A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
zFP2NX1OXE
api.userway.org/api/tunings/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/tunings/zFP2NX1OXE
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-09-09-09-41-58/widget_app_base_1725874918757.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb11:da15:eb93:ee4c:a991 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9ebc620f60e0dcac2bf210c561d101d9133b00f05a550eca84d52dbb37a28ba0

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 16 Sep 2024 23:30:42 GMT
etag
W/"7c6-0+ohacGNCth7kpjBi0Cn0BHznQ4"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-service-request-id
usr2e1e728c01b644e
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
1990
x-service-version
uw-pr
topics_api
psb.taboola.com/ 		65 B
279 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psb.taboola.com/topics_api
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1169464/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 16 Sep 2024 23:30:42 GMT
via
1.1 varnish
server
Varnish
observe-browsing-topics
?1
x-timer
S1726529443.597177,VS0,VE0
x-cache
HIT
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=2592000
accept-ranges
bytes
content-length
65
retry-after
0
x-served-by
cache-mad22056-MAD
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=255083304564274&input_token&origin=1&redirect_uri=https%3A%2F%2Fpromo.com%2Ffor%2Freal%2F-estate%2F-videos%2F%25C2%25AC&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=8ef4fcb6ff7d51641bdf09221ffdfde7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Mon, 16 Sep 2024 23:30:42 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415387490722911680", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=10, mss=1297, tbw=2760, tp=-1, tpl=-1, uplat=28, ullat=0
pragma
no-cache
x-fb-debug
e0ipYmhZ3a0CIHfafj2z3FFHYtL9UGgjmX39P8FJL35DCPi+5KxG0vEl8IvflMIZS6bWASFo5IIMxG7K1iux5A==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415387490722911680"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://promo.com
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
snippet.js
lift-ai-js.marketlinc.com/promo.com/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lift-ai-js.marketlinc.com/promo.com/snippet.js?viewId=66703694
Requested by
Host: lift-ai-js.marketlinc.com
URL: https://lift-ai-js.marketlinc.com/promo.com/deployment.js?383701187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-119.fra60.r.cloudfront.net
Software
Apache/2.4.62 () OpenSSL/1.0.2k-fips /
Resource Hash
524ac86e2d5e523133ef579992a085f3947d986b2c652bb220937aac0649b88a

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 23:30:41 GMT
content-encoding
gzip
via
1.1 3de687dde9ccf524586562826ee53358.cloudfront.net (CloudFront)
server
Apache/2.4.62 () OpenSSL/1.0.2k-fips
x-amz-cf-pop
FRA60-P10
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
no-cache="set-cookie"
content-length
8836
x-amz-cf-id
8Kjo416v9uOvC3vk77fXd9aC8-xG9CQUVnGwF-036FNd6MOAAgfwVQ==
main.97c41ef3.js
s.pinimg.com/ct/lib/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.97c41ef3.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e2d60cdf4948bf1fcc89d3e1fb4875dbfe0cd45125eced25eb220b5fd72abe73

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 23:30:42 GMT
content-encoding
br
x-cdn
fastly
etag
"e1539e83e14f862d3b381b23e74d63fa"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=1209600
alt-svc
h3=":443";ma=600
content-length
23701
van22wlo
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/van22wlo
Requested by
Host: ak03-promo-cdn.slidely.com
URL: https://ak03-promo-cdn.slidely.com/1726495388/dist/pa/promoAnalytics.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-49.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28a21034c86df271b6995749fd19760af8bbd615356cd6ec78e94ea4a566d4f0

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
o6voM0voZD9t7KFa7rfhfQyFN3JmFnmj
content-encoding
gzip
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
date
Mon, 16 Sep 2024 23:25:14 GMT
x-amz-cf-pop
FRA2-C1
age
348
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2666
last-modified
Mon, 16 Sep 2024 15:19:30 GMT
server
AmazonS3
etag
"cbf4a61ee193ab7e021ed501eb474982"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
nH9v_xZLFBQPO3fKekkwfUEM8UAZcVeeBnlmvzxRB_sckcr77A2ltA==
favicon32x32.png
promo.com/favicons/ 		432 B
723 B 		Other
General
Check archive.org
Download Go to
Full URL
https://promo.com/favicons/favicon32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e805c4d209a70255513fe041ff7e8e9a99afdc665387350380beb75eacd12be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://promo.com/for/real/-estate/-videos/%C2%AC
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 23:30:42 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=1022
content-disposition
inline; filename="favicon32x32.webp"
alt-svc
h3=":443"; ma=86400
content-length
432
x-xss-protection
1; mode=block
cf-bgj
imgq:100,h2pri
last-modified
Thu, 07 Dec 2023 12:06:19 GMT
server
cloudflare
etag
"6571b53b-3fe"
vary
Accept
content-type
image/webp
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8c44a559ce0435fe-FRA
expires
Tue, 17 Sep 2024 03:30:42 GMT
frame-modern.e1c621b6.js
js.intercomcdn.com/ Frame F8FE 		461 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.e1c621b6.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/van22wlo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-24.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35fbf7cdff6f786b21526e5f5ed414d1b89da296b41c4327bfc11860d77e9147
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
_PiLRl2bXSEsnK9_kajjFuWFURnEUA7L
content-encoding
gzip
via
1.1 abf6c055b398b223d7325958955066c0.cloudfront.net (CloudFront)
date
Mon, 16 Sep 2024 23:19:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P11
age
670
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
141968
last-modified
Mon, 16 Sep 2024 15:16:56 GMT
server
AmazonS3
etag
"e66cf0e9ed54b995d7b2d9f368bbf76b"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
cRUxWtLtr2tHQ2qS2plycafvmGfKkZcaw2O-oJYi2jC_P6FcFTWrXA==
vendor-modern.8b97a971.js
js.intercomcdn.com/ Frame F8FE 		455 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.8b97a971.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/van22wlo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-24.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6c64aca195132b32d28bc973e985612230c910a30d7acd2334760ef50816eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 23:09:03 GMT
content-encoding
gzip
via
1.1 abf6c055b398b223d7325958955066c0.cloudfront.net (CloudFront)
x-amz-version-id
s.aN4Zh9NZ0fDMayDVozZyZtS3QW4LDb
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P11
age
1300
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
147289
last-modified
Mon, 16 Sep 2024 15:16:56 GMT
server
AmazonS3
etag
"2406ae0ce4db8aa51ed52dde4792a464"
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
MsYO6gCyiqQygQZfpfqWANJZiV-yyS78ICkVLwPSMqXnC7YCBb6C8A==
ping
api-iam.intercom.io/messenger/web/ Frame F8FE 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.e1c621b6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.81.238.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-238-62.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4f8883a90f7710554e47309aff61f8c8d107392c7524e0b4ec2e7fe1c6b1a251
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 16 Sep 2024 23:30:43 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-0a84313acadc7d6c7
status
200 OK
x-xss-protection
1; mode=block
x-request-id
00095c5k36ovae8k3gi0
x-runtime
0.348496
server
nginx
etag
W/"4f8883a90f7710554e47309aff61f8c8"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://promo.com
x-intercom-version
b1251902d9dcb83be871ff830354797d4b5c615d
access-control-expose-headers
x-request-id
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
en-US.json
cdn.userway.org/widgetapp/2024-09-09-09-41-58/locales/ 		607 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2024-09-09-09-41-58/locales/en-US.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-09-09-09-41-58/widget_app_base_1725874918757.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 16 Sep 2024 23:30:43 GMT
via
1.1 67a9db8bae62321fca21cfd1c50bec56.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
357
x-amz-server-side-encryption
AES256
x-accel-date-max
1725875198
x-77-cache
HIT
x-cache
HIT
x-age
653883
x-accel-date
1725875560
x-77-nzt
EgwB1GY4sQH3O/oJAAwBJRPCNAG3BgAAAA
x-accel-expires
@1751795554
x-77-age
653883
last-modified
Mon, 09 Sep 2024 09:44:38 GMT
server
CDN77-Turbo
etag
W/"971644f50e2020e1ff22e37edcad46f6"
x-77-nzt-ray
1cb09c0e8c7962a7a3bfe866b9b36406
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
3sJVQpCNQcIxKi3mGhG9QzwHHGhOlzLVSz-V6o2b_82rhqVY6PTt5g==
visitor-scoring
visitor-scoring-new.marketlinc.com/ 		189 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://visitor-scoring-new.marketlinc.com/visitor-scoring
Requested by
Host: lift-ai-js.marketlinc.com
URL: https://lift-ai-js.marketlinc.com/promo.com/snippet.js?viewId=66703694
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.151.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-151-153.compute-1.amazonaws.com
Software
Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
e445fbf085d6f4204615de7d45416e1d0b6bc2fc85a02c307365d6c63812e055

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 16 Sep 2024 23:30:43 GMT
content-encoding
gzip
cache-control
no-store, no-cache, must-revalidate
expires
-1
server
Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8
content-type
application/json
visitor-scoring
visitor-scoring-new.marketlinc.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://visitor-scoring-new.marketlinc.com/visitor-scoring
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.151.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-151-153.compute-1.amazonaws.com
Software
Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://promo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
content-encoding
gzip
content-length
0
date
Mon, 16 Sep 2024 23:30:43 GMT
server
Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8
remediation_1725874918757.js
cdn.userway.org/widgetapp/2024-09-09-09-41-58/remediation/ 		97 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2024-09-09-09-41-58/remediation/remediation_1725874918757.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-09-09-09-41-58/widget_app_base_1725874918757.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
1fad22c34c11020c6c170dd7d9ce5e71314daee75eac0beaa752ec70d20bb7ee

Request headers

Referer
https://promo.com/
Origin
https://promo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 16 Sep 2024 23:30:43 GMT
via
1.1 59d552fe007f8133d3f016164f2c79aa.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
325
x-amz-server-side-encryption
AES256
x-accel-date-max
1725875229
x-77-cache
HIT
x-cache
HIT
x-age
653885
x-accel-date
1725875558
x-77-nzt
EgwB1GY4sQH3PfoJAAwBJRPCNAG3BAAAAA
x-accel-expires
@1751795554
x-77-age
653885
last-modified
Mon, 09 Sep 2024 09:44:39 GMT
server
CDN77-Turbo
etag
W/"390ddca4999afee91f007f3bbbe63bc6"
x-77-nzt-ray
1cb09c0e8c7962a7a3bfe8669bb06824
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
iWE53AH8eqBpalG56inhBil-RD9DvWKabvPtSueaSPCEEdOnHE7cQw==
cyYPwT1C9XYWDRvt.json
cdn.userway.org/remediations/consolidated/3524903/ 		1022 KB
148 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/remediations/consolidated/3524903/cyYPwT1C9XYWDRvt.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-09-09-09-41-58/widget_app_base_1725874918757.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
dd592496da6fc6f4abc900da841d218795205e60199b0bf83d24aaffff4129ac

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 16 Sep 2024 23:30:43 GMT
via
1.1 c53fb2c65e26830010100e7d773f73ae.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
39
x-amz-server-side-encryption
AES256
x-accel-date-max
1725875583
x-77-cache
HIT
x-cache
HIT
x-age
643796
x-accel-date
1725885647
x-77-nzt
EgwB1GY4sQH31NIJAAwBnJIhJwG3KicAAA
x-accel-expires
@1757411621
x-77-age
643796
last-modified
Mon, 22 Apr 2024 19:10:11 GMT
server
CDN77-Turbo
etag
W/"85d415f021988f283bc9cf642915276f"
x-77-nzt-ray
1cb09c0e8c7962a7a3bfe86636445c24
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
public, max-age=31536000
vary
Accept-Encoding
x-amz-cf-id
a_RbcHn8q9a_lsclTinqkxIaVBRb4pVtVV0AoSoT03p7XZTRQMTWmg==
body_wh.svg
cdn.userway.org/widgetapp/images/ 		4 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 16 Sep 2024 23:30:43 GMT
via
1.1 9ceaac5e4cbf8702556b2c925b200af8.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
x-accel-date-max
1725875553
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
653887
x-accel-date
1725875556
x-77-nzt
EgwB1GY4sQH3P/oJAAwBJRPCMQG3AwAAAA
x-accel-expires
@1751795553
x-77-age
653887
last-modified
Mon, 09 Sep 2024 09:44:40 GMT
server
CDN77-Turbo
etag
W/"1d8b1582fe82bd329041cc1982ad42e4"
x-77-nzt-ray
1cb09c0ee38995a6a3bfe8661d317f25
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
OOurvP_UkOVsm2huMQgXeJdHkZ8PL1kyjONtAgul8PvGcMOAF4G_mg==
spin_wh.svg
cdn.userway.org/widgetapp/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 16 Sep 2024 23:30:43 GMT
via
1.1 965181b6d91907befd5a0165af38daf0.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
x-accel-date-max
1725875553
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
653887
x-accel-date
1725875556
x-77-nzt
EgwB1GY4sQH3P/oJAAwBJRPCNAG3AwAAAA
x-accel-expires
@1751795553
x-77-age
653887
last-modified
Mon, 09 Sep 2024 09:44:41 GMT
server
CDN77-Turbo
etag
W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray
1cb09c0ee38995a6a3bfe866ca458325
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
zOBcGnI5C_KzZuLDwn7pUmr5QaPZY8l31QdUCN9Mdy9V8tmCOSvsBw==
remediation-tool.js
cdn.userway.org/remediation/2024-09-09-09-41-58/paid/ 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/remediation/2024-09-09-09-41-58/paid/remediation-tool.js?ts=1725874918757
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-09-09-09-41-58/widget_app_base_1725874918757.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
677aa064b1f644656a5d7ef92c1b2de18b1c92c2ac056a0c74bc659a38c601c6

Request headers

Referer
https://promo.com/
Origin
https://promo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 16 Sep 2024 23:30:43 GMT
via
1.1 28f8e84a396255d768dd04c506bf86f0.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
324
x-amz-server-side-encryption
AES256
x-accel-date-max
1725875230
x-77-cache
HIT
x-cache
HIT
x-age
653884
x-accel-date
1725875559
x-77-nzt
EgwB1GY4sQH3PPoJAAwBnJIhHwG3BQAAAA
x-accel-expires
@1751795554
x-77-age
653884
last-modified
Mon, 09 Sep 2024 09:44:49 GMT
server
CDN77-Turbo
etag
W/"c68f0e946c42be3356e8f9031cd4ddd5"
x-77-nzt-ray
1cb09c0e8c7962a7a3bfe866b6490026
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
6Fv9HDo5RTmMfXlTX6vrNXkIrbYvy4y4_wE_DV6QVRqaM6DpMp0uQw==
cyYPwT1C9XYWDRvt.json
cdn.userway.org/remediations/consolidated/3524903/ 		1022 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/remediations/consolidated/3524903/cyYPwT1C9XYWDRvt.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-09-09-09-41-58/paid/remediation-tool.js?ts=1725874918757
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
dd592496da6fc6f4abc900da841d218795205e60199b0bf83d24aaffff4129ac

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 16 Sep 2024 23:30:43 GMT
via
1.1 c53fb2c65e26830010100e7d773f73ae.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
39
x-amz-server-side-encryption
AES256
x-accel-date-max
1725875583
x-77-cache
HIT
x-cache
HIT
x-age
643796
x-accel-date
1725885647
x-77-nzt
EgwB1GY4sQH31NIJAAwBnJIhJwG3KicAAA
x-accel-expires
@1757411621
x-77-age
643796
last-modified
Mon, 22 Apr 2024 19:10:11 GMT
server
CDN77-Turbo
etag
W/"85d415f021988f283bc9cf642915276f"
x-77-nzt-ray
1cb09c0e8c7962a7a3bfe86636445c24
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
public, max-age=31536000
vary
Accept-Encoding
x-amz-cf-id
a_RbcHn8q9a_lsclTinqkxIaVBRb4pVtVV0AoSoT03p7XZTRQMTWmg==
unip
trc-events.taboola.com/1169464/log/3/ 		0
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1169464/log/3/unip?en=pre_d_eng_tb&tos=1553&scd=0&ssd=1&est=1726529442509&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1726529444061&mrir=u&vi=1726529442506&ref=null&cv=20240905-22-RELEASE&item-url=https%3A%2F%2Fpromo.com%2Ffor%2Freal%2F-estate%2F-videos%2F%25C2%25AC&it=JS_PIXEL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1169464/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://promo.com/
Attribution-Reporting-Eligible
trigger
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://promo.com
pragma
no-cache
date
Mon, 16 Sep 2024 23:30:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1169464/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1169464/log/3/unip?en=pre_d_eng_tb&tos=1553&scd=0&ssd=1&est=1726529442509&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1726529444061&mrir=u&vi=1726529442506&ref=null&cv=20240905-22-RELEASE&item-url=https%3A%2F%2Fpromo.com%2Ffor%2Freal%2F-estate%2F-videos%2F%25C2%25AC&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://promo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://promo.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Mon, 16 Sep 2024 23:30:44 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
3524903
api.userway.org/api/br-links/v0/contribute/ 		51 B
429 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/br-links/v0/contribute/3524903
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-09-09-09-41-58/paid/remediation-tool.js?ts=1725874918757
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb11:da15:eb93:ee4c:a991 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 23:30:44 GMT
etag
W/"33-H+KjAZZBE0PpJIInQTjCoPBRoaQ"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
vary
Accept-Encoding
access-control-allow-headers
*
content-length
51
x-service-version
apps-5b4b97f5
3524903
api.userway.org/api/br-links/v0/links/ 		300 B
668 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/br-links/v0/links/3524903
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-09-09-09-41-58/paid/remediation-tool.js?ts=1725874918757
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb11:da15:eb93:ee4c:a991 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
12a92bedef8080db0fec90a0a244ddfed91436d020b0b766814695f5d7ed7308

Request headers

Referer
https://promo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 23:30:44 GMT
etag
W/"12c-RG57+ItojGgomu3UqUDjLiZyIBM"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=300, public
vary
Accept-Encoding
access-control-allow-headers
*
content-length
300
x-service-version
apps-5b4b97f5
nav_menu_helper_1725874918757.js
cdn.userway.org/widgetapp/2024-09-09-09-41-58/remediation/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2024-09-09-09-41-58/remediation/nav_menu_helper_1725874918757.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-09-09-09-41-58/widget_app_base_1725874918757.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
48eef7fe61a3e2c7c88ac1c6a263bd851b6a05363607e52fd2be4e4472d42255

Request headers

Referer
https://promo.com/
Origin
https://promo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 16 Sep 2024 23:30:44 GMT
via
1.1 fd6dc3eaf39d0b931b4b1369a7e91ac0.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
159
x-amz-server-side-encryption
AES256
x-accel-date-max
1725875231
x-77-cache
HIT
x-cache
HIT
x-age
653884
x-accel-date
1725875560
x-77-nzt
EgwB1GY4sQH3PPoJAAwBJRPCMQG3qgAAAA
x-accel-expires
@1751795390
x-77-age
653884
last-modified
Mon, 09 Sep 2024 09:44:39 GMT
server
CDN77-Turbo
etag
W/"d5babf1f477d0f7bf4044b0693b956d9"
x-77-nzt-ray
1cb09c0e8c7962a7a4bfe86657f31626
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
7l0kyRouhRWoBWY-IN_BX4KpF5-IeQqtuKWrsRsOTLEffePZ7yIGAw==
unip
trc-events.taboola.com/1169464/log/3/ 		0
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1169464/log/3/unip?en=pre_d_eng_tb&tos=4555&scd=0&ssd=1&est=1726529442509&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1726529447064&mrir=u&vi=1726529442506&ref=null&cv=20240905-22-RELEASE&item-url=https%3A%2F%2Fpromo.com%2Ffor%2Freal%2F-estate%2F-videos%2F%25C2%25AC&it=JS_PIXEL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1169464/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://promo.com/
Attribution-Reporting-Eligible
trigger
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://promo.com
pragma
no-cache
date
Mon, 16 Sep 2024 23:30:47 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1169464/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1169464/log/3/unip?en=pre_d_eng_tb&tos=4555&scd=0&ssd=1&est=1726529442509&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1726529447064&mrir=u&vi=1726529442506&ref=null&cv=20240905-22-RELEASE&item-url=https%3A%2F%2Fpromo.com%2Ffor%2Freal%2F-estate%2F-videos%2F%25C2%25AC&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://promo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://promo.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Mon, 16 Sep 2024 23:30:47 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ak02-promo-cdn.slidely.com
URL
https://ak02-promo-cdn.slidely.com/next/static/promo-js/fonts/wes-fy/Black-Foundry-Wes-FY-Medium.ttf

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| paCallback object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST object| config object| slidelySdk object| Backbone object| PromoAnalytics boolean| isReportingDisabledByGdpr boolean| noSupportRedirection object| dataLayer boolean| ga-disable-G-115YEV4FHZ function| gtag object| __core-js_shared__ object| ezReportsQueue object| mixpanel function| fbAsyncInit object| _fbds object| _fbq function| fbq object| _iaq object| tw object| uetq object| ezAuth object| system object| ezSession object| intercomSettings string| affiliateReportData function| twq object| _tfa function| Intercom function| pintrk object| userpilotSettings object| UserWayWidgetApp object| FB object| iterableAnalytics object| regeneratorRuntime object| twttr function| __assign function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| CONTROLS_WITH_TEXT_TAGS object| INPUT_TYPES_WITH_TEXT_CONTENT function| isInputElementWithText function| isDirectParentOfText object| FuncKeys object| DEFAULT_OPEN_HOTKEY object| userwaySupportedLanguages object| userwayMapToSupportedLanguages object| userwaySupportedLocales string| USERWAY_DEFAULT_FALLBACK_LANGUAGE function| userwaySupports function| formatLangCode function| __rest object| messageStream object| _userway_config boolean| _userway object| google_tag_manager object| google_tag_data object| __buffer function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| EVENT_PROPERTIES_TO_URL_PARAMS_MAP number| INVALID_ACCOUNT_ID object| CONFIGS object| VALIDATION_ERRORS object| EVENTS object| TUP_EVENT_HANDLERS_BY_EVENT_NAME object| TRK_EVENT_TO_ERROR_TYPE_MAP boolean| PUBLISHER_ID_EXISTS string| CALLBACK_PARAMETER_NAME string| LAST_EXTERNAL_REFERRER_URL_PARAM string| client_view_id function| loadLiftAI function| ML_getCookie function| ML_setCookie function| ml_intent_band number| ml_check_cookie_update_Interval number| ml_scoring_load_count function| ml_scoring_load object| scoring function| __intercomAssignLocation function| __intercomReloadLocation object| UserWay function| __awaiter function| __generator function| __defProp function| __defProps function| __getOwnPropDescs function| __getOwnPropSymbols function| __hasOwnProp function| __propIsEnum function| __defNormalProp function| __spreadValues function| __spreadProps function| __objRest function| __async function| runMenuRemediationScript

14 Cookies

Domain/Path Name / Value
.promo.com/ Name: __cf_bm
Value: 3AdTDhgoCgwj6YzqAyJBRq0MsFd.WZ212NiTAhG7RvI-1726529440-1.0.1.1-S3Nkh9AkddUx.Bwv_Yw0PgpOv8THMKY9fbJ5AXsnC3Tv.ixFVxI084hcTa6mezDDV4YRsKteaBn_BQhZoYgN7A
promo.com/ Name: EZSESSID
Value: shabnj8c22ju9pmlp242h8c047
promo.com/ Name: urn
Value: 62
promo.com/ Name: ezRI
Value: %7B%22source%22%3A%22organicdirect%22%7D
.promo.com/ Name: mp_e7d2894fb113ce2e99d62bcfd0f0a3f0_mixpanel
Value: %7B%22distinct_id%22%3A%20%22%24device%3A191fd2c92816d1-01a008750099e8-1f462c6f-1d4c00-191fd2c92816d1%22%2C%22%24device_id%22%3A%20%22191fd2c92816d1-01a008750099e8-1f462c6f-1d4c00-191fd2c92816d1%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%7D
.promo.com/ Name: vs_intent
Value: Low Intent
.promo.com/ Name: intercom-id-van22wlo
Value: e46165e3-1a42-458c-b7cb-bcac18be3178
.promo.com/ Name: intercom-session-van22wlo
Value:
.promo.com/ Name: intercom-device-id-van22wlo
Value: 168c339e-f425-4ef2-b0bf-2d5ccc70f594
.promo.com/ Name: vs_vid
Value: NXqzXOrDOFvqa
.promo.com/ Name: vs_vfs
Value: 1
.promo.com/ Name: vs_sid
Value: 4XPBXML2MFG5g
.promo.com/ Name: vs_conv_ai
Value: 0-4
.promo.com/ Name: vs_lift_ai
Value: 95-100

3 Console Messages

Source Level URL
Text
network error URL: https://promo.com/for/real/-estate/-videos/%C2%AC
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://promo.com/for/real/-estate/-videos/%C2%AC
Message:
Access to font at 'https://ak02-promo-cdn.slidely.com/next/static/promo-js/fonts/wes-fy/Black-Foundry-Wes-FY-Medium.ttf' from origin 'https://promo.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ak02-promo-cdn.slidely.com/next/static/promo-js/fonts/wes-fy/Black-Foundry-Wes-FY-Medium.ttf
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ak02-promo-cdn.slidely.com
ak03-cdn.slidely.com
ak03-promo-cdn.slidely.com
api-iam.intercom.io
api.userway.org
cdn.mxpnl.com
cdn.taboola.com
cdn.userway.org
connect.facebook.net
js.intercomcdn.com
js.iterable.com
lift-ai-js.marketlinc.com
promo.com
psb.taboola.com
s.pinimg.com
static.ads-twitter.com
trc-events.taboola.com
visitor-scoring-new.marketlinc.com
widget.intercom.io
www.facebook.com
www.googletagmanager.com
www.promo.com
ak02-promo-cdn.slidely.com
104.18.29.133
13.224.189.39
13.224.189.49
13.35.58.119
141.226.228.48
151.101.193.44
151.101.65.44
157.240.252.13
172.64.148.114
172.64.149.202
18.244.18.24
199.232.188.157
2600:1901:0:498c::
2600:1f14:5db:eb11:da15:eb93:ee4c:a991
2a00:1450:4001:81d::2008
2a02:6ea0:c700::21
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42::84
34.197.151.153
54.81.238.62
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
03dce1db4de3e8ca9359a6a90fab5f2aeb40a06b2137286bf59139a2e73ba98d
0c6b2a716f796f9b68f10ccce4afac642bb1c4f27b2b50ef16970e9e9248d8f1
0ffa85a1841c4e11f0dd6a0a2c3f94739dc117fe7b6dd0dbad8a2040700e5566
12a92bedef8080db0fec90a0a244ddfed91436d020b0b766814695f5d7ed7308
18d748c25596b11a9387a7c65a6227b77471bf7f1255487eb0e0db8b0a842cd6
1b07ff9cb3ee66f1f0e4c708320ea5d9d6487d1b15e022416d914e214df163aa
1d4173e23f518fc25e7c2569cec6c0e90f126443dba9a04ca92a7ccea732b6fa
1fad22c34c11020c6c170dd7d9ce5e71314daee75eac0beaa752ec70d20bb7ee
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
28a21034c86df271b6995749fd19760af8bbd615356cd6ec78e94ea4a566d4f0
32d5197fecf0a39a77142a7adf2a1d1eca1162095fb61b9b0492bcb3d4a79138
35fbf7cdff6f786b21526e5f5ed414d1b89da296b41c4327bfc11860d77e9147
36cb0fb86ee18accbd96345ec80e87b81c498b122a859f15de01d79035bb0dbf
3af4a093f10b50543a21652544233a1bc7b2c10fc103327fc7ede892961ea7bb
443e0a429443e5f77a0bd31cfd8339a08bdcd932d9c376c7dd423c32cb697887
445824de9dcd16539938dbe00fb348cd63fdb55d1ea356a200c1708cb5a3a697
48eef7fe61a3e2c7c88ac1c6a263bd851b6a05363607e52fd2be4e4472d42255
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4f8883a90f7710554e47309aff61f8c8d107392c7524e0b4ec2e7fe1c6b1a251
524ac86e2d5e523133ef579992a085f3947d986b2c652bb220937aac0649b88a
5357d3283ddf27fc4156d8c48f95dadf544139b198c43db3162c8cf18b3de996
5a41afc46f00ec0bf713a08761131cc5f76d23fb234839d674b2f219127041ab
5f7cef2df37f752a57f1d883c342d300ccbb3d5dfe758c5ae7f13d9dd7d19457
677aa064b1f644656a5d7ef92c1b2de18b1c92c2ac056a0c74bc659a38c601c6
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
75d1361b9a98e44fd627231837b1cb9ed5917a95030990a820f740efc3d03322
8c6563b6fadcf3be4d1ab9191985e661b81c148b9f115fdfb95f82df4d1db49a
8e805c4d209a70255513fe041ff7e8e9a99afdc665387350380beb75eacd12be
919293e56b6a814a84a579b014f63a2423b0419c418494da7baa7c0c5893cde1
9ebc620f60e0dcac2bf210c561d101d9133b00f05a550eca84d52dbb37a28ba0
a1ec7275142b4808268985b4e010a3807a245bdbcfae96b5529fdff10e0f9865
a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf
a912e2c86fc108ec9db865d2408cfad215421995edab4d1869a7de4cd9b8b13b
b90fa49612a49bc666a8675b304805566cda98cb902443056ecdca631fac166d
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de
c49da562b3db6e12f415e89d90e83b3133e25c1a5516a44361d83feae21dd457
c6fbec159585e6f71c896d76e39baeacd0878707a8a487afafe45fdeb7ea7373
cc0c14a6c8467399237154429caac8d441dc477480c63e146a6b35d565dbf3ad
ce76c8cab5e2836062b24e92e0cd2c45e8ab2386ba65d9648bfe3837bf22e141
dd592496da6fc6f4abc900da841d218795205e60199b0bf83d24aaffff4129ac
e1d150d6538f0bd92bb8085a57c3afef20752314846f8efdd1949867c86aa454
e2d60cdf4948bf1fcc89d3e1fb4875dbfe0cd45125eced25eb220b5fd72abe73
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e445fbf085d6f4204615de7d45416e1d0b6bc2fc85a02c307365d6c63812e055
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
f106b0c7f62fd796c1f1409c00a5e84f89fc85f2ee4847b4c97962ef6de4f96f
f15d1c4495c186c09e76dbf26453039b8a2a133ad591d7ca066cf773eea34d94
f6c64aca195132b32d28bc973e985612230c910a30d7acd2334760ef50816eec
f9eba3f818f8db829259816e9ecd47d3e050f44091cfeed806f36b47e8804c7c