www.orderpromos.com Open in urlscan Pro
34.66.251.5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://orderpromos.com/
Effective URL:
https://www.orderpromos.com/
Submission: On January 02 via api (January 2nd 2024, 3:49:54 pm UTC) from US — Scanned from DE

Summary HTTP 24 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 24 HTTP transactions. The main IP is 34.66.251.5, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.orderpromos.com.
TLS certificate: Issued by R3 on November 4th 2023. Valid for: 3 months.

This is the only time www.orderpromos.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 17	34.66.251.5 34.66.251.5	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
24	7

17 34.66.251.5 (Council Bluffs, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 5.251.66.34.bc.googleusercontent.com

orderpromos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.orderpromos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	orderpromos.com 2 redirects orderpromos.com — Cisco Umbrella Rank: 285672 www.orderpromos.com	936 KB
5	gstatic.com fonts.gstatic.com	134 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	3 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1695	257 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 438	9 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	88 KB
24	6

	Domain	Requested by
16	www.orderpromos.com	1 redirects www.orderpromos.com
5	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.orderpromos.com
1	region1.google-analytics.com	www.googletagmanager.com
1	cdn.jsdelivr.net	www.orderpromos.com
1	www.googletagmanager.com	www.orderpromos.com
1	orderpromos.com	1 redirects
24	7

This site contains links to these domains. Also see Links.

Domain
support.orderpromos.com
simpleadvanceddesign.orderpromos.com
hope5k.orderpromos.com
omegabasketball.orderpromos.com
goodharvestdfs.orderpromos.com
blueprint.orderpromos.com
www.brightstores.com

Subject Issuer	Validity	Valid
*.orderpromos.com R3	`2023-11-04` - `2024-02-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.orderpromos.com/
Frame ID: 2FA45495FDD69E69C8D2B7685428C0FB
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Simple Stores: Online Stores for Branded Merch & Promo Products

Page URL History Show full URLs

http://orderpromos.com/ HTTP 308
http://www.orderpromos.com/ HTTP 308
https://www.orderpromos.com/ Page URL
https://www.orderpromos.com/ Page URL

Detected technologies

Alpine.js (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+[^\w-]x-data[^\w-][^<]+
/alpine(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

24
Requests

100 %
HTTPS

83 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

1170 kB
Transfer

1432 kB
Size

3
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: http://support.orderpromos.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://simpleadvanceddesign.orderpromos.com/
Title: VIEW DEMO

Search URL Search Domain Scan URL

URL: https://hope5k.orderpromos.com/
Title: VIEW DEMO

Search URL Search Domain Scan URL

URL: https://omegabasketball.orderpromos.com/
Title: VIEW DEMO

Search URL Search Domain Scan URL

URL: https://goodharvestdfs.orderpromos.com/
Title: VIEW DEMO

Search URL Search Domain Scan URL

URL: https://blueprint.orderpromos.com/redemption_codes/new
Title: VIEW DEMO

Search URL Search Domain Scan URL

URL: https://www.brightstores.com/contact
Title: CONTACT US

Search URL Search Domain Scan URL

URL: https://www.brightstores.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.brightstores.com/terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.brightstores.com/terms-of-service.html
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.brightstores.com/privacy-policy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://orderpromos.com/ HTTP 308
http://www.orderpromos.com/ HTTP 308
https://www.orderpromos.com/ Page URL
https://www.orderpromos.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://orderpromos.com/ HTTP 308
http://www.orderpromos.com/ HTTP 308
https://www.orderpromos.com/

24 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
www.orderpromos.com/
Redirect Chain

http://orderpromos.com/
http://www.orderpromos.com/
https://www.orderpromos.com/

110 B
818 B

359ms
119ms

Document
text/html

34.66.251.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orderpromos.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.66.251.5 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

5.251.66.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
content-length: 110
content-type: text/html; charset=utf-8
date: Tue, 02 Jan 2024 15:49:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-frame-options: SAMEORIGIN

Redirect headers

Connection: keep-alive
Content-Length: 164
Content-Type: text/html
Date: Tue, 02 Jan 2024 15:49:49 GMT
Location: https://www.orderpromos.com
X-Frame-Options: SAMEORIGIN

GET
H2 200 Primary Request / Show response
www.orderpromos.com/ 10 KB
4 KB 124ms
124ms Document
text/html 34.66.251.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orderpromos.com/

Requested by

Host: www.orderpromos.com
URL: https://www.orderpromos.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.66.251.5 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

5.251.66.34.bc.googleusercontent.com

Software

Resource Hash

3b31566a0b22420ad5cefe60acb48e5389418bb8c63351cd85c9a77cfa38c8f9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.orderpromos.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
content-type: text/html
date: Tue, 02 Jan 2024 15:49:49 GMT
last-modified: Tuesday, 02-Jan-2024 15:49:49 UTC
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-prisma-event-id: e31c93c3-aa9f-dbfe-8d27-11cdbd633a3c
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 257 KB
88 KB 41ms
21ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H5NGT85Q2F

Requested by

Host: www.orderpromos.com
URL: https://www.orderpromos.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ef5408cfdaefb7b6dc87eae5df7180edd10ced9a2b8810c77fdaad51b0dbfe29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orderpromos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 15:49:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89392
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 02 Jan 2024 15:49:49 GMT

GET
H2 200 alpine.min.js Show response
cdn.jsdelivr.net/gh/alpinejs/alpine@v2.8.1/dist/ 26 KB
9 KB 40ms
23ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/alpinejs/alpine@v2.8.1/dist/alpine.min.js

Requested by

Host: www.orderpromos.com
URL: https://www.orderpromos.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de9485aee0805fc555984a4286697dccb8a9762fa9240c6a47b4dd478d282e74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orderpromos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 15:49:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2989018
x-jsd-version: 2.8.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"6964-M33llwtEtRbUwMPPG0SKpWL3vX8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3JZqKBmesPX0xkAe2Ah1VzVg97wTzv0FJPnBjq14POCnHBmELVMINZzjxyhZzkIdVYFw8EGjI9ur1kWL9a1c3M%2F4n%2BEN9X7UrArcEOOB5%2BsO3rShOuQspCNEvIr4TetRZvtg%2F8TOq8v8czpG7Ys%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 83f4277a4c612bc0-FRA

GET
H2 200 main.81e9ea12.js Show response
www.orderpromos.com/js/ 55 KB
20 KB 315ms
314ms Script
application/javascript 34.66.251.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orderpromos.com/js/main.81e9ea12.js

Requested by

Host: www.orderpromos.com
URL: https://www.orderpromos.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.66.251.5 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

5.251.66.34.bc.googleusercontent.com

Software

Resource Hash

4c971c9d3e63ad67c9123f09f67a2183ba523c07cacb3876f6e9b8d8fe634b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orderpromos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 15:49:49 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 11 Jul 2023 09:45:51 GMT
etag: W/"64ad24cf-dbfd"
x-prisma-event-id: bf764023-aae6-121e-461e-4d01fd8d3bb4
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript

GET
H2 200 main.b0feadd96c5ea717f131.css
www.orderpromos.com/css/ 23 KB
6 KB 125ms
125ms Stylesheet
text/css 34.66.251.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orderpromos.com/css/main.b0feadd96c5ea717f131.css

Requested by

Host: www.orderpromos.com
URL: https://www.orderpromos.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.66.251.5 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

5.251.66.34.bc.googleusercontent.com

Software

Resource Hash

a857e12d66a890abb9211f60b12a6289ba2b03e81c45b3ee91779ac7d6eb1bcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orderpromos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 15:49:49 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 11 Jul 2023 09:45:51 GMT
etag: W/"64ad24cf-5cfc"
x-prisma-event-id: 1040cb95-9100-4a00-a5c1-eb6882ce4b87
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css

GET
H2 200 logo-813e6e9b.png
www.orderpromos.com/images/ 14 KB
15 KB 241ms
240ms Image
image/png 34.66.251.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.orderpromos.com/images/logo-813e6e9b.png

Requested by

Host: www.orderpromos.com
URL: https://www.orderpromos.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.66.251.5 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

5.251.66.34.bc.googleusercontent.com

Software

Resource Hash

42880ef6ce309900706a477af9adb42fb2ccaa598423b87ef1ce3a8f2791f03b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orderpromos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 15:49:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 11 Jul 2023 09:45:51 GMT
etag: "64ad24cf-39bd"
x-prisma-event-id: 1b1b0fb8-3374-6b3a-2804-1466242aaf0b
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 14781

GET
H2 200 multi-advanced-design-53265284.png
www.orderpromos.com/images/ 347 KB
348 KB 242ms
241ms Image
image/png 34.66.251.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.orderpromos.com/images/multi-advanced-design-53265284.png

Requested by

Host: www.orderpromos.com
URL: https://www.orderpromos.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.66.251.5 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

5.251.66.34.bc.googleusercontent.com

Software

Resource Hash

d147808b5ee03418140cb608d23913dc971d2e7e61d2b25c4e35fac6f8b28b32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orderpromos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 15:49:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 11 Jul 2023 09:45:51 GMT
etag: "64ad24cf-56b1f"
x-prisma-event-id: 240d636f-89b8-cc6d-856a-be1706f47ff1
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 355103

GET
H2 200 advanced-design-store-83f686ef.png
www.orderpromos.com/images/ 99 KB
100 KB 315ms
314ms Image
image/png 34.66.251.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.orderpromos.com/images/advanced-design-store-83f686ef.png

Requested by

Host: www.orderpromos.com
URL: https://www.orderpromos.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.66.251.5 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

5.251.66.34.bc.googleusercontent.com

Software

Resource Hash

2927fe4f0a20a50f869065cd726d9b3f115125b6a2e45e703bdc7c6cdcf77c53

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orderpromos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 15:49:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 11 Jul 2023 09:45:51 GMT
etag: "64ad24cf-18d5b"
x-prisma-event-id: a4c54a63-5028-7b3b-1b4d-f073e2855b3b
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 101723

GET
H2 200 non-profit-store-demo-845e89c4.png
www.orderpromos.com/images/ 72 KB
73 KB 314ms
314ms Image
image/png 34.66.251.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.orderpromos.com/images/non-profit-store-demo-845e89c4.png

Requested by

Host: www.orderpromos.com
URL: https://www.orderpromos.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.66.251.5 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

5.251.66.34.bc.googleusercontent.com

Software

Resource Hash

dd63aded2d1e4a2ea34c8b5e1abdabe1231ea167bfbf00dac3edd420799dbd9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orderpromos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 15:49:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 11 Jul 2023 09:45:51 GMT
etag: "64ad24cf-121fd"
x-prisma-event-id: bfe0e074-8332-08ec-d502-ca12576236b0
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 74237

GET
H2 200 omega-store-90216908.png
www.orderpromos.com/images/ 34 KB
34 KB 314ms
314ms Image
image/png 34.66.251.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.orderpromos.com/images/omega-store-90216908.png

Requested by

Host: www.orderpromos.com
URL: https://www.orderpromos.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.66.251.5 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

5.251.66.34.bc.googleusercontent.com

Software

Resource Hash

a0ee09dee418cc3e986d19d48f1313b3d59bb5d22b2d99d2414f8242f58d111d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orderpromos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 15:49:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 11 Jul 2023 09:45:51 GMT
etag: "64ad24cf-8859"
x-prisma-event-id: 1dbed1a6-224a-b100-1f72-b138d3c0ce4b
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 34905

GET
H2 200 good-harvest-store-dc95b3c2.png
www.orderpromos.com/images/ 93 KB
93 KB 315ms
315ms Image
image/png 34.66.251.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.orderpromos.com/images/good-harvest-store-dc95b3c2.png

Requested by

Host: www.orderpromos.com
URL: https://www.orderpromos.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.66.251.5 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

5.251.66.34.bc.googleusercontent.com

Software

Resource Hash

b49e93a27ef9965bc765872c6d419cebc2233603ead7c80e0901339c96962fc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orderpromos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 15:49:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 11 Jul 2023 09:45:51 GMT
etag: "64ad24cf-17305"
x-prisma-event-id: 0563251b-a950-4ae9-0951-8a238b0ea806
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 94981

GET
H2 200 blueprint-redemption-store-e1e34a46.png
www.orderpromos.com/images/ 72 KB
73 KB 315ms
314ms Image
image/png 34.66.251.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.orderpromos.com/images/blueprint-redemption-store-e1e34a46.png

Requested by

Host: www.orderpromos.com
URL: https://www.orderpromos.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.66.251.5 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

5.251.66.34.bc.googleusercontent.com

Software

Resource Hash

8a69f8ce69e285bf212c86e902cb8ba764eedb415a014c60069c98e772ee1a05

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orderpromos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 15:49:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 11 Jul 2023 09:45:51 GMT
etag: "64ad24cf-120e5"
x-prisma-event-id: 728d6e87-dc3a-8b98-43d9-e8349a138c14
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 73957

GET
DATA 200
OK truncated
/ 202 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac5a771e03212b06bb0bdb2f243b8a2f992d0f65bb20f996a260142e2ee46040

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 199 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80ae57d114f6c4722995f081df537a38d66b0d5f9d4182ad842cc4c5fbdbc1be

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 33ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-H5NGT85Q2F&gtm=45je3bt0v874677335&_p=1704210589802&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=130627795.1704210590&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704210589&sct=1&seg=0&dl=https%3A%2F%2Fwww.orderpromos.com%2F&dr=https%3A%2F%2Fwww.orderpromos.com%2F&dt=Simple%20Stores%3A%20Online%20Stores%20for%20Branded%20Merch%20%26%20Promo%20Products&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=218
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H5NGT85Q2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orderpromos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 15:49:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.orderpromos.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 26 KB
3 KB 37ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Josefin+Slab|Lato:300,400,700|Merriweather:400,700|Open+Sans:300,400,700|PT+Sans:400,700&display=swap

Requested by

Host: www.orderpromos.com
URL: https://www.orderpromos.com/css/main.b0feadd96c5ea717f131.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e5938d67b7f51e5785f49d1b102a04360dda315140a8f3aaa798b64a5665e5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orderpromos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 02 Jan 2024 15:49:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 15:49:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 Jan 2024 15:49:49 GMT

GET
H2 200 confetti-banner-large-aeb07d4a.png
www.orderpromos.com/images/ 132 KB
133 KB 308ms
307ms Image
image/png 34.66.251.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.orderpromos.com/images/confetti-banner-large-aeb07d4a.png

Requested by

Host: www.orderpromos.com
URL: https://www.orderpromos.com/css/main.b0feadd96c5ea717f131.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.66.251.5 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

5.251.66.34.bc.googleusercontent.com

Software

Resource Hash

f24e7ffeef1f1fd8a875683e6fc976cd285c3747ce81a5d4a1a52eb13afcf12a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orderpromos.com/css/main.b0feadd96c5ea717f131.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 15:49:50 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 11 Jul 2023 09:45:51 GMT
etag: "64ad24cf-211f6"
x-prisma-event-id: 65e126ab-e94a-eccc-03ae-36b80f8b25b5
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 135670

GET
H2 200 checkmark-icon-ad5ede8b.png
www.orderpromos.com/images/ 541 B
785 B 308ms
308ms Image
image/png 34.66.251.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.orderpromos.com/images/checkmark-icon-ad5ede8b.png

Requested by

Host: www.orderpromos.com
URL: https://www.orderpromos.com/css/main.b0feadd96c5ea717f131.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.66.251.5 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

5.251.66.34.bc.googleusercontent.com

Software

Resource Hash

52abd67edd001f0dcf532d8bbc445fdc9330a569497b1e0f65721623e42d85f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orderpromos.com/css/main.b0feadd96c5ea717f131.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 15:49:50 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 11 Jul 2023 09:45:51 GMT
etag: "64ad24cf-21d"
x-prisma-event-id: 0bc8f7f2-7673-65ce-a50e-746053eadaf0
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 541

GET
H2 200 circle-peach-04f63f27.png
www.orderpromos.com/images/ 20 KB
21 KB 308ms
308ms Image
image/png 34.66.251.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.orderpromos.com/images/circle-peach-04f63f27.png

Requested by

Host: www.orderpromos.com
URL: https://www.orderpromos.com/css/main.b0feadd96c5ea717f131.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.66.251.5 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

5.251.66.34.bc.googleusercontent.com

Software

Resource Hash

4eeb997f5aae89abd423952af7a469710fb28fc123bab2aa3e8edf89187bd30f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orderpromos.com/css/main.b0feadd96c5ea717f131.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 15:49:50 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 11 Jul 2023 09:45:51 GMT
etag: "64ad24cf-518f"
x-prisma-event-id: 74204ccb-8d87-1df0-a4e6-f38df5d6a90b
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 20879

GET
H2 200 footer-bg-img-4ca13534.png
www.orderpromos.com/images/ 14 KB
15 KB 308ms
308ms Image
image/png 34.66.251.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.orderpromos.com/images/footer-bg-img-4ca13534.png

Requested by

Host: www.orderpromos.com
URL: https://www.orderpromos.com/css/main.b0feadd96c5ea717f131.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.66.251.5 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

5.251.66.34.bc.googleusercontent.com

Software

Resource Hash

0cdaf197f3a850e3625c281885a01f7beb20dffbdaa8c10bd06f574899e9aa28

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orderpromos.com/css/main.b0feadd96c5ea717f131.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 15:49:50 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 11 Jul 2023 09:45:51 GMT
etag: "64ad24cf-399d"
x-prisma-event-id: 1e6019bc-7780-0938-0c9c-23effc06d071
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 14749

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Slab|Lato:300,400,700|Merriweather:400,700|Open+Sans:300,400,700|PT+Sans:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.orderpromos.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 14:33:15 GMT
x-content-type-options: nosniff
age: 90994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 14:33:15 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 39ms
19ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Slab|Lato:300,400,700|Merriweather:400,700|Open+Sans:300,400,700|PT+Sans:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.orderpromos.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 09:03:57 GMT
x-content-type-options: nosniff
age: 24352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 09:03:57 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 46 KB
46 KB 36ms
15ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Slab|Lato:300,400,700|Merriweather:400,700|Open+Sans:300,400,700|PT+Sans:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.orderpromos.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 01:51:59 GMT
x-content-type-options: nosniff
age: 50270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47048
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 01:51:59 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 41ms
20ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Slab|Lato:300,400,700|Merriweather:400,700|Open+Sans:300,400,700|PT+Sans:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.orderpromos.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 02:09:36 GMT
x-content-type-options: nosniff
age: 49213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 02:09:36 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 31ms
11ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Slab|Lato:300,400,700|Merriweather:400,700|Open+Sans:300,400,700|PT+Sans:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.orderpromos.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 15:36:20 GMT
x-content-type-options: nosniff
age: 87209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 15:36:20 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.orderpromos.com/	1970-01-20 18:06:42	Name: pcc_bpc Value: ODBq0r9rEfR/c+wMmL+kSqQK/82cCD6ox+UKWh1nxYtdQjAdw9A25joO8ND3u0IEtuBYTqojCOARem8TzAZPmUKuX89NkeuTGpcFlGrmiN/3XdSlqdYzLlEDexJkOG8A4RYZfpzLDhEhHVrCOCA54y/bXZVGCyxE4Skdaj6v8s6TKZut4VgZc5eJIe5svYo4fS7WuEamOgFAOTByMLV9U7MhHjMHGSysV207gYNci/x1phpWbOVRuicP1MAbJ20o3MTTW5y1oni15obHnHOqMUjVvrt1ixOZPD/6s6cR/KcIImpbsIqPifug3e0ob8x7cE3rBB5lWp/JAAWBQ4XEGruuUIL1Ep3qyqymM6QI9pFNMKH1RPdpPmii0W2HkDFaIvpT3n8YSCTb2VCI96eTyisq6TiTxEeZK09t+3NRNwTFAGr05048V9Lc7Qd9gTff5WDyRq57RdZMF3TcW2QbLIMa2hIMszrWZNE7UJZ0oy0x9MZznljz7+v+I1Qje96mo0Y22Ummj95jpGEhUibUyIoUXVVyM1Ig6A6VZkrtkKwTTTkfdq+b4MT4JdkU5Xxy0NTLBzC+/sEW2pTuvWknUnEhtHbPL89LXebaD3lCWEk=
.orderpromos.com/	1970-01-21 02:59:30	Name: _ga_H5NGT85Q2F Value: GS1.1.1704210589.1.0.1704210589.0.0.0
.orderpromos.com/	1970-01-21 02:59:30	Name: _ga Value: GA1.1.130627795.1704210590

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
orderpromos.com
region1.google-analytics.com
www.googletagmanager.com
www.orderpromos.com
2001:4860:4802:34::36
2606:4700::6810:5814
2a00:1450:4001:802::2008
2a00:1450:4001:813::2003
2a00:1450:4001:831::200a
34.66.251.5
0cdaf197f3a850e3625c281885a01f7beb20dffbdaa8c10bd06f574899e9aa28
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
2927fe4f0a20a50f869065cd726d9b3f115125b6a2e45e703bdc7c6cdcf77c53
3b31566a0b22420ad5cefe60acb48e5389418bb8c63351cd85c9a77cfa38c8f9
42880ef6ce309900706a477af9adb42fb2ccaa598423b87ef1ce3a8f2791f03b
4c971c9d3e63ad67c9123f09f67a2183ba523c07cacb3876f6e9b8d8fe634b1a
4eeb997f5aae89abd423952af7a469710fb28fc123bab2aa3e8edf89187bd30f
52abd67edd001f0dcf532d8bbc445fdc9330a569497b1e0f65721623e42d85f1
7e5938d67b7f51e5785f49d1b102a04360dda315140a8f3aaa798b64a5665e5f
80ae57d114f6c4722995f081df537a38d66b0d5f9d4182ad842cc4c5fbdbc1be
8a69f8ce69e285bf212c86e902cb8ba764eedb415a014c60069c98e772ee1a05
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a0ee09dee418cc3e986d19d48f1313b3d59bb5d22b2d99d2414f8242f58d111d
a857e12d66a890abb9211f60b12a6289ba2b03e81c45b3ee91779ac7d6eb1bcb
ac5a771e03212b06bb0bdb2f243b8a2f992d0f65bb20f996a260142e2ee46040
b49e93a27ef9965bc765872c6d419cebc2233603ead7c80e0901339c96962fc9
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
d147808b5ee03418140cb608d23913dc971d2e7e61d2b25c4e35fac6f8b28b32
dd63aded2d1e4a2ea34c8b5e1abdabe1231ea167bfbf00dac3edd420799dbd9f
de9485aee0805fc555984a4286697dccb8a9762fa9240c6a47b4dd478d282e74
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef5408cfdaefb7b6dc87eae5df7180edd10ced9a2b8810c77fdaad51b0dbfe29
f24e7ffeef1f1fd8a875683e6fc976cd285c3747ce81a5d4a1a52eb13afcf12a

www.orderpromos.com Open in urlscan Pro 34.66.251.5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

83 %IPv6

6 Domains

7 Subdomains

7 IPs

2 Countries

1170 kBTransfer

1432 kBSize

3 Cookies

11 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

3 Cookies

Security Headers

www.orderpromos.com Open in urlscan Pro
34.66.251.5 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

83 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

1170 kB
Transfer

1432 kB
Size

3
Cookies

24 HTTP transactions
2 data transactions