urlscan.io logo urlscan.io
SecurityTrails logo

www.promorules.com Open in urlscan Pro
184.73.186.78  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.comm.coorsbrewing.com/?qs=2fe01120b4f73ec26ddfce00fb74869f2efc048b4293c0d17c55153a3150b33d0b1a8bd982b2daa8c1f126478216...
Effective URL: https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness
Submission: On March 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 11 domains to perform 47 HTTP transactions. The main IP is 184.73.186.78, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.promorules.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on November 1st 2023. Valid for: a year.
This is the only time www.promorules.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.111.159.111 14340 (SALESFORCE)
1 12 184.73.186.78 14618 (AMAZON-AES)
7 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 34.247.72.3 16509 (AMAZON-02)
10 13.225.78.35 16509 (AMAZON-02)
1 63.140.62.27 15224 (OMNITURE)
8 18.66.147.117 16509 (AMAZON-02)
1 52.222.236.95 16509 (AMAZON-02)
2 34.236.77.169 14618 (AMAZON-AES)
1 2001:678:cb4:... 56396 (AMOBEE)
1 2602:816:5001... 54113 (FASTLY)
1 162.247.243.29 54113 (FASTLY)
47 12
1    13.111.159.111 (United States)

ASN14340 (SALESFORCE, US)
PTR: click.comm.coorsbrewing.com
click.comm.coorsbrewing.com
12    184.73.186.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-186-78.compute-1.amazonaws.com
www.promorules.com
7    2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
1    34.247.72.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-72-3.eu-west-1.compute.amazonaws.com
dpm.demdex.net
10    13.225.78.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-35.fra2.r.cloudfront.net
consent.trustarc.com
1    63.140.62.27 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-27.data.adobedc.net
millerbrewingcompany.122.2o7.net
8    18.66.147.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-117.fra60.r.cloudfront.net
23-bc.promorules.com
1    52.222.236.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-95.fra56.r.cloudfront.net
consent-pref.trustarc.com
2    34.236.77.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-77-169.compute-1.amazonaws.com
mcbc.blueconic.net
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
1    2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.243.29 (United States)

ASN54113 (FASTLY, US)
bam.nr-data.net
Apex Domain
Subdomains		 Transfer
20 promorules.com
www.promorules.com
23-bc.promorules.com
294 KB
11 trustarc.com
consent.trustarc.com — Cisco Umbrella Rank: 3129
consent-pref.trustarc.com — Cisco Umbrella Rank: 15732 Failed
89 KB
7 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 430
116 KB
2 blueconic.net
mcbc.blueconic.net
2 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 244
589 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 636
16 KB
1 turn.com
d.turn.com — Cisco Umbrella Rank: 1283
753 B
1 2o7.net
millerbrewingcompany.122.2o7.net — Cisco Umbrella Rank: 440548
269 B
1 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 241
millercoors.demdex.net Failed
2 KB
1 coorsbrewing.com
click.comm.coorsbrewing.com
282 B
0 everesttech.net Failed
cm.everesttech.net Failed
47 11
Domain Requested by
12 www.promorules.com 1 redirects www.promorules.com
10 consent.trustarc.com assets.adobedtm.com
consent.trustarc.com
www.promorules.com
8 23-bc.promorules.com assets.adobedtm.com
23-bc.promorules.com
7 assets.adobedtm.com www.promorules.com
assets.adobedtm.com
2 mcbc.blueconic.net 23-bc.promorules.com
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com www.promorules.com
1 d.turn.com www.promorules.com
1 consent-pref.trustarc.com consent.trustarc.com
1 millerbrewingcompany.122.2o7.net assets.adobedtm.com
1 dpm.demdex.net assets.adobedtm.com
1 click.comm.coorsbrewing.com 1 redirects
0 cm.everesttech.net Failed
0 millercoors.demdex.net Failed assets.adobedtm.com
47 14

This site contains links to these domains. Also see Links.

Domain
www.coorslight.com
www.facebook.com
www.molsoncoors.com
winlists.helloworld.com
Subject Issuer Validity Valid
arnoldpalmerspiked.com
Entrust Certification Authority - L1K		 2023-11-01 -
2024-11-01		 a year crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-11 -
2024-08-10		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
*.trustarc.com
Amazon RSA 2048 M02		 2024-03-16 -
2025-04-14		 a year crt.sh
*.112.2o7.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-10		 a year crt.sh
24-bc.atwaterbeer.com
Amazon RSA 2048 M03		 2024-02-22 -
2025-03-22		 a year crt.sh
*.blueconic.net
Amazon RSA 2048 M01		 2023-06-08 -
2024-07-06		 a year crt.sh
*.turn.com
Sectigo RSA Domain Validation Secure Server CA		 2024-03-26 -
2025-04-26		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-03-21 -
2025-04-22		 a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh

This page contains 4 frames:

Primary Page: https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness
Frame ID: 641BA56DFC9631E9131C4EC3E885A3B4
Requests: 44 HTTP requests in this frame

Frame: https://millercoors.demdex.net/dest5.html?d_nsid=0
Frame ID: E720E491FCA5120976EFBBAB0C0909AA
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?layout=gdpr&type=molsoncoors_prod&site=molsoncoors.com&country=de&action=notice&locale=en&behavior=expressed&gtm=1&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=892e1ade-64a1-4a65-8c68-f90e515f3b0d&userType=NEW
Frame ID: E6551C2A4620A802FE5C9E36C7CDF672
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?layout=gdpr&type=molsoncoors_prod&site=molsoncoors.com&country=de&action=notice&locale=en&behavior=expressed&gtm=1&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=892e1ade-64a1-4a65-8c68-f90e515f3b0d&userType=NEW
Frame ID: 676C1C04C353255520F6A1E42BE15B4B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Coors Light MK258714 | Promo Rules

Page URL History Show full URLs

  1. https://click.comm.coorsbrewing.com/?qs=2fe01120b4f73ec26ddfce00fb74869f2efc048b4293c0d17c55153a3150b33d0b1a8bd9... HTTP 302
    https://www.promorules.com/MK258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness&non-gate=... HTTP 301
    https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness&non-gate=... Page URL
  2. https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • consent\.trustarc\.com

Page Statistics

47
Requests

94 %
HTTPS

25 %
IPv6

11
Domains

14
Subdomains

12
IPs

4
Countries

519 kB
Transfer

1644 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.comm.coorsbrewing.com/?qs=2fe01120b4f73ec26ddfce00fb74869f2efc048b4293c0d17c55153a3150b33d0b1a8bd982b2daa8c1f1264782160c97fa1c9eea90e9025e HTTP 302
    https://www.promorules.com/MK258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness&non-gate=true HTTP 301
    https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness&non-gate=true Page URL
  2. https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://click.comm.coorsbrewing.com/?qs=2fe01120b4f73ec26ddfce00fb74869f2efc048b4293c0d17c55153a3150b33d0b1a8bd982b2daa8c1f1264782160c97fa1c9eea90e9025e HTTP 302
  • https://www.promorules.com/MK258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness&non-gate=true HTTP 301
  • https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness&non-gate=true

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
mk258714
www.promorules.com/
Redirect Chain
  • https://click.comm.coorsbrewing.com/?qs=2fe01120b4f73ec26ddfce00fb74869f2efc048b4293c0d17c55153a3150b33d0b1a8bd982b2daa8c1f1264782160c97fa1c9eea90e9025e
  • https://www.promorules.com/MK258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness&non-gate=true
  • https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness&non-gate=true
109 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness&non-gate=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.186.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-186-78.compute-1.amazonaws.com
Software
nginx /
Resource Hash
96c997db6fd2414e5258e6dbae89efe2b4109f9ee9ed5b4994949601beeaae8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=300, public
content-encoding
gzip
content-language
en
content-type
text/html; charset=UTF-8
date
Fri, 29 Mar 2024 06:41:57 GMT
etag
"1711639969"
expires
Sun, 19 Nov 1978 05:00:00 GMT
last-modified
Thu, 28 Mar 2024 15:32:49 GMT
server
nginx
vary
Cookie,Accept-Encoding,X-Geo-Country
via
varnish
x-ah-environment
prod
x-cache
MISS
x-content-type-options
nosniff
x-drupal-cache
HIT
x-drupal-dynamic-cache
HIT
x-frame-options
SAMEORIGIN
x-generator
Drupal 10 (https://www.drupal.org)
x-geo-country
DE
x-request-id
v-70938010-ed97-11ee-9820-c77052d8d921

Redirect headers

age
0
cache-control
max-age=900, public
content-language
en
content-length
33381
content-type
text/html; charset=UTF-8
date
Fri, 29 Mar 2024 06:41:57 GMT
location
https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness&non-gate=true
server
nginx
vary
X-Geo-Country
via
varnish
x-ah-environment
prod
x-cache
MISS
x-content-type-options
nosniff
x-drupal-cache
HIT
x-drupal-route-normalizer
1
x-frame-options
SAMEORIGIN
x-generator
Drupal 10 (https://www.drupal.org)
x-geo-country
DE
x-request-id
v-7067515c-ed97-11ee-8937-07b5200f7d8c
launch-EN52f76093b76140d396bf40eafb5c8e8b.min.js
assets.adobedtm.com/ 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/launch-EN52f76093b76140d396bf40eafb5c8e8b.min.js
Requested by
Host: www.promorules.com
URL: https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness&non-gate=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
839db27868c4378e108a918ca39f801ae107b2ee41659895c87d7b1245172989

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 06:41:58 GMT
content-encoding
gzip
last-modified
Thu, 20 Apr 2023 18:47:46 GMT
server
AkamaiNetStorage
etag
"f0e42d472ce9f5a8b8872f8c9e74b81d:1682016466.306408"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.promorules.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
44420
expires
Fri, 29 Mar 2024 07:41:58 GMT
css_QBjUupc3OEMgPPRpU8C6LzPErHw5QNhZSI-Y9KTdWpw.css
www.promorules.com/sites/promorules/files/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.promorules.com/sites/promorules/files/css/css_QBjUupc3OEMgPPRpU8C6LzPErHw5QNhZSI-Y9KTdWpw.css?delta=0&language=en&theme=promorules&include=eJwrriwuSc3VT0osTtUpKMrPzS8qzUkt1k_PyU9KzNEtLqnMycxLBwAZTw7L
Requested by
Host: www.promorules.com
URL: https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness&non-gate=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.186.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-186-78.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7c073a7a38b600015134dbbb635f247a8a2c849c310d5fe5cf3ee6f6b808ff0f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness&non-gate=true
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 12 Apr 2024 02:32:41 GMT
date
Fri, 29 Mar 2024 06:41:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
varnish
x-geo-country
DE
age
14956
x-cache
HIT
x-ah-environment
prod
content-length
1996
x-request-id
v-9dc94b1e-ed74-11ee-a799-0389080852d9
last-modified
Thu, 07 Mar 2024 03:21:19 GMT
server
nginx
vary
Accept-Encoding,X-Geo-Country
content-type
text/css
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
5
css_LhARUIfZphcgDLlouKxnBrnkUNCyKqYZXKNtIvn3Jw0.css
www.promorules.com/sites/promorules/files/css/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.promorules.com/sites/promorules/files/css/css_LhARUIfZphcgDLlouKxnBrnkUNCyKqYZXKNtIvn3Jw0.css?delta=1&language=en&theme=promorules&include=eJwrriwuSc3VT0osTtUpKMrPzS8qzUkt1k_PyU9KzNEtLqnMycxLBwAZTw7L
Requested by
Host: www.promorules.com
URL: https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness&non-gate=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.186.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-186-78.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness&non-gate=true
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 12 Apr 2024 02:32:41 GMT
date
Fri, 29 Mar 2024 06:41:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
varnish
x-geo-country
DE
age
14956
x-cache
HIT
x-ah-environment
prod
content-length
4771
x-request-id
v-9dc9a276-ed74-11ee-9bac-87839ece276b
last-modified
Wed, 06 Mar 2024 20:25:50 GMT
server
nginx
vary
Accept-Encoding,X-Geo-Country
content-type
text/css
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
5
js_pMh-FjIw_p5GOlxn76wttL4istQEQeEElfSWUTSb788.js
www.promorules.com/sites/promorules/files/js/ 		139 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.promorules.com/sites/promorules/files/js/js_pMh-FjIw_p5GOlxn76wttL4istQEQeEElfSWUTSb788.js?scope=footer&delta=0&language=en&theme=promorules&include=eJwrriwuSc3VT0osTtUpKMrPzS8qzUkt1k_PyU9KzNEtLqnMycxLBwAZTw7L
Requested by
Host: www.promorules.com
URL: https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness&non-gate=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.186.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-186-78.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness&non-gate=true
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 12 Apr 2024 02:32:41 GMT
date
Fri, 29 Mar 2024 06:41:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
varnish
x-geo-country
DE
age
14956
x-cache
HIT
x-ah-environment
prod
content-length
49001
x-request-id
v-9dc9fcc6-ed74-11ee-b636-874b9915f90c
last-modified
Thu, 07 Mar 2024 00:20:30 GMT
server
nginx
vary
Accept-Encoding,X-Geo-Country
content-type
text/javascript
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
5
id
dpm.demdex.net/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=8AE2C8AD54E65FB30A4C98A6%40AdobeOrg&d_nsid=0&ts=1711694518253
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN52f76093b76140d396bf40eafb5c8e8b.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.247.72.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-3.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.promorules.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-irl1-1-v058-033dca498.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Fri, 29 Mar 2024 06:41:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
zhS3B5fRTrE=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://www.promorules.com
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
1401
expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN52f76093b76140d396bf40eafb5c8e8b.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 06:41:58 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 16:16:49 GMT
server
AkamaiNetStorage
etag
"dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.promorules.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12384
expires
Fri, 29 Mar 2024 07:41:58 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN52f76093b76140d396bf40eafb5c8e8b.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 06:41:58 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 16:16:49 GMT
server
AkamaiNetStorage
etag
"b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.promorules.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1598
expires
Fri, 29 Mar 2024 07:41:58 GMT
notice
consent.trustarc.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/notice?domain=molsoncoors.com&c=teconsent&language=EN&pcookie=true&cdn=1&gtm=true&js=bb&noticeType=bb
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN52f76093b76140d396bf40eafb5c8e8b.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/
Origin
https://www.promorules.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 05:48:14 GMT
content-encoding
gzip
via
1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA2-C2
age
3224
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=3600
content-length
5518
x-amz-cf-id
npN3Mg44M_AkXSBwja-ySR7PjkO7NAjTrc2UNExCWW7fgjghZb6Lsw==
coorslight.png
www.promorules.com/sites/promorules/files/styles/brands_logo/public/2022-10/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.promorules.com/sites/promorules/files/styles/brands_logo/public/2022-10/coorslight.png?itok=RoANs6FB
Requested by
Host: www.promorules.com
URL: https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness&non-gate=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.186.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-186-78.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness&non-gate=true
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
4
date
Fri, 29 Mar 2024 06:41:58 GMT
via
varnish
x-content-type-options
nosniff
x-geo-country
DE
age
3264
x-cache
HIT
x-ah-environment
prod
content-length
8332
x-request-id
v-d71f7e90-ed8f-11ee-a5b2-d3c0e6d8b41e
last-modified
Tue, 11 Oct 2022 19:50:07 GMT
server
nginx
vary
X-Geo-Country
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
expires
Fri, 12 Apr 2024 05:47:34 GMT
Primary Request mk258714
www.promorules.com/ 		109 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness
Requested by
Host: www.promorules.com
URL: https://www.promorules.com/sites/promorules/files/js/js_pMh-FjIw_p5GOlxn76wttL4istQEQeEElfSWUTSb788.js?scope=footer&delta=0&language=en&theme=promorules&include=eJwrriwuSc3VT0osTtUpKMrPzS8qzUkt1k_PyU9KzNEtLqnMycxLBwAZTw7L
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.186.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-186-78.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cdf02ebb0229216dad811a85ab39273fd0760fe149fdab0f2575b4b0d0f95d5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness&non-gate=true
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=300, public
content-encoding
gzip
content-language
en
content-type
text/html; charset=UTF-8
date
Fri, 29 Mar 2024 06:41:58 GMT
etag
"1711640035"
expires
Sun, 19 Nov 1978 05:00:00 GMT
last-modified
Thu, 28 Mar 2024 15:33:55 GMT
server
nginx
vary
Cookie,Accept-Encoding,X-Geo-Country
via
varnish
x-ah-environment
prod
x-cache
MISS
x-content-type-options
nosniff
x-drupal-cache
HIT
x-drupal-dynamic-cache
HIT
x-frame-options
SAMEORIGIN
x-generator
Drupal 10 (https://www.drupal.org)
x-geo-country
DE
x-request-id
v-70e035ea-ed97-11ee-a53a-27b69c235fc5
v1.7-2475
consent.trustarc.com/asset/notice.js/v/ 		92 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/asset/notice.js/v/v1.7-2475
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=molsoncoors.com&c=teconsent&language=EN&pcookie=true&cdn=1&gtm=true&js=bb&noticeType=bb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/
Origin
https://www.promorules.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Fri, 29 Mar 2024 05:58:52 GMT
content-encoding
gzip
via
1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 19 Mar 2024 02:16:13 GMT
x-amz-cf-pop
FRA2-C2
age
2587
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
x-amz-cf-id
-rSX5P3JgoCKRMVizgpAAzu491GksxBg-Vlaj6_SXtitDTAQlp7XHg==
log
consent.trustarc.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/log?domain=molsoncoors.com&country=de&state=&behavior=expressed&session=892e1ade-64a1-4a65-8c68-f90e515f3b0d&userType=NEW&c=dc75&referer=https://www.promorules.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 06:41:58 GMT
content-security-policy
object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
cross-origin-opener-policy
cross-origin
expect-ct
enforce, max-age=60
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), camera=(), speaker=(), microphone=(), vibrate=()
x-amz-cf-id
853gpBJ1kEn4Fx-9-iGrkzTxcgrKKkBFk8o8Nzns567ZoBmsYcd2yQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
dest5.html
millercoors.demdex.net/ Frame E720 		0
0
id
millerbrewingcompany.122.2o7.net/ 		2 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://millerbrewingcompany.122.2o7.net/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=8AE2C8AD54E65FB30A4C98A6%40AdobeOrg&mid=14866546150049450993513201009063287059&ts=1711694518463
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN52f76093b76140d396bf40eafb5c8e8b.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.27 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-27.data.adobedc.net
Software
jag /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.promorules.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 29 Mar 2024 06:41:58 GMT
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.promorules.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
2
x-xss-protection
1; mode=block
dd
cm.everesttech.net/cm/ 		0
0
/
consent-pref.trustarc.com/ Frame E655 		0
0
cookiepref.png
consent.trustarc.com/asset/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/asset/cookiepref.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Fri, 29 Mar 2024 05:58:19 GMT
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 9 Dec 2020 08:11:16 GMT
x-amz-cf-pop
FRA2-C2
age
2619
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
content-length
9270
x-amz-cf-id
-ty3kTegxAbvNymtDYeX1fUUUVYxZ_myWgHH8KQkKMWp1ygImxqoUw==
noticemsg
consent.trustarc.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/noticemsg?action=consent&domain=molsoncoors.com&behavior=expressed&country=de&language=en&rand=0.8746545842690008&session=892e1ade-64a1-4a65-8c68-f90e515f3b0d&userType=NEW&referer=https://www.promorules.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 06:41:58 GMT
content-security-policy
object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
cross-origin-opener-policy
cross-origin
expect-ct
enforce, max-age=60
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), camera=(), speaker=(), microphone=(), vibrate=()
x-amz-cf-id
BlO9AhXbAtRH_yj0pGPQEEyYj5Nhih8Sv4NEsM568jt6vcQpT-DB2g==
expires
Mon, 26 Jul 1997 05:00:00 GMT
launch-EN52f76093b76140d396bf40eafb5c8e8b.min.js
assets.adobedtm.com/ 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/launch-EN52f76093b76140d396bf40eafb5c8e8b.min.js
Requested by
Host: www.promorules.com
URL: https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
839db27868c4378e108a918ca39f801ae107b2ee41659895c87d7b1245172989

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 06:41:58 GMT
content-encoding
gzip
last-modified
Thu, 20 Apr 2023 18:47:46 GMT
server
AkamaiNetStorage
etag
"f0e42d472ce9f5a8b8872f8c9e74b81d:1682016466.306408"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.promorules.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
44420
expires
Fri, 29 Mar 2024 07:41:58 GMT
css_QBjUupc3OEMgPPRpU8C6LzPErHw5QNhZSI-Y9KTdWpw.css
www.promorules.com/sites/promorules/files/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.promorules.com/sites/promorules/files/css/css_QBjUupc3OEMgPPRpU8C6LzPErHw5QNhZSI-Y9KTdWpw.css?delta=0&language=en&theme=promorules&include=eJwrriwuSc3VT0osTtUpKMrPzS8qzUkt1k_PyU9KzNEtLqnMycxLBwAZTw7L
Requested by
Host: www.promorules.com
URL: https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.186.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-186-78.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7c073a7a38b600015134dbbb635f247a8a2c849c310d5fe5cf3ee6f6b808ff0f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 12 Apr 2024 02:32:41 GMT
date
Fri, 29 Mar 2024 06:41:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
varnish
x-geo-country
DE
age
14957
x-cache
HIT
x-ah-environment
prod
content-length
1996
x-request-id
v-9dc94b1e-ed74-11ee-a799-0389080852d9
last-modified
Thu, 07 Mar 2024 03:21:19 GMT
server
nginx
vary
Accept-Encoding,X-Geo-Country
content-type
text/css
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
6
css_LhARUIfZphcgDLlouKxnBrnkUNCyKqYZXKNtIvn3Jw0.css
www.promorules.com/sites/promorules/files/css/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.promorules.com/sites/promorules/files/css/css_LhARUIfZphcgDLlouKxnBrnkUNCyKqYZXKNtIvn3Jw0.css?delta=1&language=en&theme=promorules&include=eJwrriwuSc3VT0osTtUpKMrPzS8qzUkt1k_PyU9KzNEtLqnMycxLBwAZTw7L
Requested by
Host: www.promorules.com
URL: https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.186.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-186-78.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c09e58de41809b5ecabd9e8a0e86e5f858a1522a09e5bb4fd1cbcb13c88f3839
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 12 Apr 2024 02:32:41 GMT
date
Fri, 29 Mar 2024 06:41:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
varnish
x-geo-country
DE
age
14957
x-cache
HIT
x-ah-environment
prod
content-length
4771
x-request-id
v-9dc9a276-ed74-11ee-9bac-87839ece276b
last-modified
Wed, 06 Mar 2024 20:25:50 GMT
server
nginx
vary
Accept-Encoding,X-Geo-Country
content-type
text/css
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
6
js_pMh-FjIw_p5GOlxn76wttL4istQEQeEElfSWUTSb788.js
www.promorules.com/sites/promorules/files/js/ 		139 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.promorules.com/sites/promorules/files/js/js_pMh-FjIw_p5GOlxn76wttL4istQEQeEElfSWUTSb788.js?scope=footer&delta=0&language=en&theme=promorules&include=eJwrriwuSc3VT0osTtUpKMrPzS8qzUkt1k_PyU9KzNEtLqnMycxLBwAZTw7L
Requested by
Host: www.promorules.com
URL: https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.186.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-186-78.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2c41784d154caaf4f1eb8ec713e55b10d222acedc560dc3a73e981803c1ca925
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 12 Apr 2024 02:32:41 GMT
date
Fri, 29 Mar 2024 06:41:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
varnish
x-geo-country
DE
age
14957
x-cache
HIT
x-ah-environment
prod
content-length
49001
x-request-id
v-9dc9fcc6-ed74-11ee-b636-874b9915f90c
last-modified
Thu, 07 Mar 2024 00:20:30 GMT
server
nginx
vary
Accept-Encoding,X-Geo-Country
content-type
text/javascript
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
6
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN52f76093b76140d396bf40eafb5c8e8b.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 06:41:58 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 16:16:49 GMT
server
AkamaiNetStorage
etag
"dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.promorules.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12384
expires
Fri, 29 Mar 2024 07:41:58 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN52f76093b76140d396bf40eafb5c8e8b.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 06:41:58 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 16:16:49 GMT
server
AkamaiNetStorage
etag
"b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.promorules.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1598
expires
Fri, 29 Mar 2024 07:41:58 GMT
notice
consent.trustarc.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/notice?domain=molsoncoors.com&c=teconsent&language=EN&pcookie=true&cdn=1&gtm=true&js=bb&noticeType=bb
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN52f76093b76140d396bf40eafb5c8e8b.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
/
Resource Hash
1bb360a74a6a4e472e6915c92ce76df4d1ce6f178caf6886f0c7eb4bea00605c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/
Origin
https://www.promorules.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 05:48:14 GMT
content-encoding
gzip
via
1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA2-C2
age
3224
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=3600
content-length
5518
x-amz-cf-id
6vhQgJqJdTVfUn_PstuwTYN18My4SA9UuUOIi7RE0cQ0-YK-_e8-Wg==
script.js
23-bc.promorules.com/ 		136 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://23-bc.promorules.com/script.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN52f76093b76140d396bf40eafb5c8e8b.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-117.fra60.r.cloudfront.net
Software
- /
Resource Hash
79c4875a0d56c371e813c58da1274c402cb409e46b28a27e6a3a0a08d6bd2c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 06:40:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA60-P4
age
111
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
42142
x-xss-protection
1; mode=block
last-modified
Fri, 29 Mar 2024 06:34:43 GMT
server
-
etag
ba75e063cad4f8c7c6ebcfbdc1e0a0d9
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=600
x-robots-tag
noindex, nofollow
x-amz-cf-id
XBrS54R9IPRG50g1SSSJyImMqcz7El4jeBsJOMqfr2nn6yjtovDSQA==
expires
Fri, 29 Mar 2024 06:50:07 GMT
v1.7-2475
consent.trustarc.com/asset/notice.js/v/ 		92 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/asset/notice.js/v/v1.7-2475
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=molsoncoors.com&c=teconsent&language=EN&pcookie=true&cdn=1&gtm=true&js=bb&noticeType=bb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
/
Resource Hash
7904d8846e66f0c538335e696b4e06fe1d1d10f8856e275316d409efda45ead9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/
Origin
https://www.promorules.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Fri, 29 Mar 2024 05:58:52 GMT
content-encoding
gzip
via
1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 19 Mar 2024 02:16:13 GMT
x-amz-cf-pop
FRA2-C2
age
2587
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
x-amz-cf-id
9yJeDwqZOQNebxF9oLvjSabqKD38J-ulCKVxSfHYvNzsXZsxO2EWAQ==
log
consent.trustarc.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/log?domain=molsoncoors.com&country=de&state=&behavior=expressed&session=892e1ade-64a1-4a65-8c68-f90e515f3b0d&userType=NEW&c=4463&referer=https://www.promorules.com
Requested by
Host: www.promorules.com
URL: https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 06:41:58 GMT
content-security-policy
object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
cross-origin-opener-policy
cross-origin
expect-ct
enforce, max-age=60
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), camera=(), speaker=(), microphone=(), vibrate=()
x-amz-cf-id
Ksrg011-Cu3GHtjwAKkSLFqMOvGoKNs2TmWGFYgJ7WwgrpYANR3d7g==
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
consent-pref.trustarc.com/ Frame 676C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/?layout=gdpr&type=molsoncoors_prod&site=molsoncoors.com&country=de&action=notice&locale=en&behavior=expressed&gtm=1&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=892e1ade-64a1-4a65-8c68-f90e515f3b0d&userType=NEW
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-2475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-95.fra56.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.promorules.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
5111
content-type
text/html
date
Fri, 29 Mar 2024 06:41:58 GMT
expect-ct
max-age=86400; enforce;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
via
1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-id
KisLzN1UPrPGNXmfoPS3IDThFNrIiRHnE9c36Ft5hnOL07YviHFqZA==
x-amz-cf-pop
FRA56-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1
cookiepref.png
consent.trustarc.com/asset/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/asset/cookiepref.png
Requested by
Host: www.promorules.com
URL: https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
/
Resource Hash
e0a0340b7c912b0e1e0e020532b87affb27b7ae7be6ff084199800973a53ff6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Fri, 29 Mar 2024 05:58:19 GMT
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 9 Dec 2020 08:11:16 GMT
x-amz-cf-pop
FRA2-C2
age
2619
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
content-length
9270
x-amz-cf-id
q8l_iCMixOTYM-i-NcuTP3i_4YyTFEQU-Cn9kaSPYtdg75YMlTj55w==
noticemsg
consent.trustarc.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/noticemsg?action=consent&domain=molsoncoors.com&behavior=expressed&country=de&language=en&rand=0.18251448665851022&session=892e1ade-64a1-4a65-8c68-f90e515f3b0d&userType=NEW&referer=https://www.promorules.com
Requested by
Host: www.promorules.com
URL: https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 06:41:58 GMT
content-security-policy
object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
cross-origin-opener-policy
cross-origin
expect-ct
enforce, max-age=60
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), camera=(), speaker=(), microphone=(), vibrate=()
x-amz-cf-id
ZvS4BzRxsV04pUqzaB5pn-LMCkwa9-ctZjBINjhrjwrSfBa710-2QA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
coorslight.png
www.promorules.com/sites/promorules/files/styles/brands_logo/public/2022-10/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.promorules.com/sites/promorules/files/styles/brands_logo/public/2022-10/coorslight.png?itok=RoANs6FB
Requested by
Host: www.promorules.com
URL: https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.186.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-186-78.compute-1.amazonaws.com
Software
nginx /
Resource Hash
572aa67750b7badcab8743f73f7ab060d98c99c8aae03ef204431233e440cd7e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
5
date
Fri, 29 Mar 2024 06:41:58 GMT
via
varnish
x-content-type-options
nosniff
x-geo-country
DE
age
3264
x-cache
HIT
x-ah-environment
prod
content-length
8332
x-request-id
v-d71f7e90-ed8f-11ee-a5b2-d3c0e6d8b41e
last-modified
Tue, 11 Oct 2022 19:50:07 GMT
server
nginx
vary
X-Geo-Country
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
expires
Fri, 12 Apr 2024 05:47:34 GMT
RC000719e6854d4508a54aff480dee0970-source.min.js
assets.adobedtm.com/284fab1c816f/2dfc38bdc113/8f01b9e1465e/ 		1 KB
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/284fab1c816f/2dfc38bdc113/8f01b9e1465e/RC000719e6854d4508a54aff480dee0970-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN52f76093b76140d396bf40eafb5c8e8b.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
881fffa5c7add7590c2f5a2695e6688775e3e0a489439c57f2e779c9097cc2cd

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 06:41:58 GMT
content-encoding
gzip
last-modified
Thu, 20 Apr 2023 18:47:47 GMT
server
AkamaiNetStorage
etag
"4646d0680f4fc772109c1ce90eb9c023:1682016467.071639"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.promorules.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
489
expires
Fri, 29 Mar 2024 07:41:58 GMT
cs
mcbc.blueconic.net/DG/DEFAULT/ 		16 B
703 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mcbc.blueconic.net/DG/DEFAULT/cs?&callback=bc_json490
Requested by
Host: 23-bc.promorules.com
URL: https://23-bc.promorules.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.236.77.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-169.compute-1.amazonaws.com
Software
- /
Resource Hash
660e9d26f994c4bf7e76cf66cf2f05609410a183b883935b6bd8adad8c0248f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 29 Mar 2024 06:41:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
36
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
https%3A%2F%2Fwww.promorules.com%2Fmk258714
d.turn.com/r/dd/id/L21rdC85MjMvY2lkLzE3NDkxMjQ2NjUvdC8w/cat/millercoorspromocom/qry/ 		377 B
753 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.turn.com/r/dd/id/L21rdC85MjMvY2lkLzE3NDkxMjQ2NjUvdC8w/cat/millercoorspromocom/qry/https%3A%2F%2Fwww.promorules.com%2Fmk258714
Requested by
Host: www.promorules.com
URL: https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness&non-gate=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:678:cb4:bbbb::13 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
83334c02a111885a77a7d8834664952d1fcbf7066366282cc74f6cef6150447e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
text/javascript;charset=UTF-8
pragma
no-cache
date
Fri, 29 Mar 2024 06:41:58 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
377
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
489
23-bc.promorules.com/DG/DEFAULT/rest/rpc/ 		110 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://23-bc.promorules.com/DG/DEFAULT/rest/rpc/489?referer=https%3A%2F%2Fwww.promorules.com%2Fmk258714%3Fcid%3Dsfmc_email_owned_nat_non-shop_cl_dlybby-march-madness&bcsessionid=&bctempid=&overruleReferrer=&time=2024-03-29T07%3A41%3A59%2B01%3A00&ts=1711694519156
Requested by
Host: 23-bc.promorules.com
URL: https://23-bc.promorules.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-117.fra60.r.cloudfront.net
Software
- /
Resource Hash
77bc9cd90b3406379c6c879396a9635c36269f8a89c21d8d84ab66aeadd5ead0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.promorules.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 29 Mar 2024 06:41:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
10268
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.promorules.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
LT-ceNWdEAB8DuSRYmRDNVqbsTqpOte1SK3pTlIC-2aVuHjqRtWa_g==
expires
Thu, 01 Jan 1970 00:00:00 GMT
nr-rum-1.253.0.min.js
js-agent.newrelic.com/ 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-rum-1.253.0.min.js
Requested by
Host: www.promorules.com
URL: https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:816:5001::39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6d7aa6bb298937661d993695e32a86a9c891b3cb77e46cda3831bc8ca616c55c
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/
Origin
https://www.promorules.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
TgvqgvoYAHsERQ1.OBrfuMt0ieYpGWt5
content-encoding
br
via
1.1 varnish
date
Fri, 29 Mar 2024 06:41:59 GMT
strict-transport-security
max-age=300
x-amz-request-id
D657V5J8Y4EVFV7M
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
15820
x-amz-id-2
xFQplmUzrCzfAzIb8asFlkIvZk+OssPY1h6ccxBbUBcncCHXlrVcdvUyi0aQtdRCGqsM1HNhViQ=
x-served-by
cache-fra-eddf8230100-FRA
last-modified
Wed, 13 Mar 2024 21:07:25 GMT
server
AmazonS3
etag
"25a03a86ccddb342618e06f726d40778"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
15285
favicon_0_0.png
www.promorules.com/sites/promorules/files/ 		954 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.promorules.com/sites/promorules/files/favicon_0_0.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.186.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-186-78.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a0ca0203d83a13fafddc90c80cf38c2bd54a2cb8e5e919383d2031aeec05fa14
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 11 Apr 2024 16:28:53 GMT
date
Fri, 29 Mar 2024 06:41:59 GMT
via
varnish
x-content-type-options
nosniff
last-modified
Wed, 06 Sep 2017 22:23:41 GMT
server
nginx
age
51185
x-cache
HIT
content-type
image/png
cache-control
max-age=1209600
x-ah-environment
prod
accept-ranges
bytes
content-length
954
x-request-id
v-44540384-ed20-11ee-8cdd-1f075c663bb9
x-cache-hits
826
173f877119
bam.nr-data.net/1/ 		136 B
589 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/173f877119?a=995833968&v=1.253.0&to=NFwEY0FWWEIHAhZcWQ0WJ1RHXllfSREDUlM8WgdUW1I%3D&rst=923&ck=0&s=93a6c57f4be5214d&ref=https://www.promorules.com/mk258714&hr=0&qt=12&ap=41&be=249&fe=590&dc=163&at=GBsHFQlMS0w%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1711694518327,%22n%22:0,%22u%22:256,%22ue%22:256,%22f%22:72,%22dn%22:72,%22dne%22:72,%22c%22:72,%22s%22:72,%22ce%22:72,%22rq%22:73,%22rp%22:249,%22rpe%22:257,%22di%22:410,%22ds%22:410,%22de%22:412,%22dc%22:831,%22l%22:831,%22le%22:839%7D,%22navigation%22:%7B%7D%7D&fp=426&fcp=426
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-rum-1.253.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
93f2069d7c684f72483bbd4414d1fb1b6272ae324021c2ddd58f3ab462130bd5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.promorules.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 29 Mar 2024 06:42:00 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.promorules.com
access-control-expose-headers
Date
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
timing-allow-origin
https://www.promorules.com
Content-Length
136
x-served-by
cache-fra-eddf8230159-FRA
5e797c9daa2b8998896ec18ff4b4b11d
23-bc.promorules.com/plugin/plugin/ 		57 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://23-bc.promorules.com/plugin/plugin/5e797c9daa2b8998896ec18ff4b4b11d
Requested by
Host: 23-bc.promorules.com
URL: https://23-bc.promorules.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-117.fra60.r.cloudfront.net
Software
- /
Resource Hash
7a2ef8477c2778ac264ec9172c474ef9ca6bb789ce5a66bf98ceac375ef21177
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 06 Mar 2024 08:37:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA60-P4
age
1980251
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
15287
x-xss-protection
1; mode=block
last-modified
Tue, 05 Mar 2024 08:37:48 GMT
server
-
etag
5e797c9daa2b8998896ec18ff4b4b11d
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
L7SfNk6X2hubf4lfAdRZZBM3Rrt-vehuzlqC6f2ZPWh0Cdatu5wrYw==
expires
Thu, 06 Mar 2025 08:37:48 GMT
d2561cc7016f274bb0607fa96f12386c
23-bc.promorules.com/plugin/library/ 		127 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://23-bc.promorules.com/plugin/library/d2561cc7016f274bb0607fa96f12386c
Requested by
Host: 23-bc.promorules.com
URL: https://23-bc.promorules.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-117.fra60.r.cloudfront.net
Software
- /
Resource Hash
cbb9939d6c6aa40de228f8050d99fefcdbbd4b058513b82c5a148c6ae0d1100c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 06 Mar 2024 08:37:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA60-P4
age
1980250
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
42140
x-xss-protection
1; mode=block
last-modified
Tue, 05 Mar 2024 08:37:49 GMT
server
-
etag
d2561cc7016f274bb0607fa96f12386c
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
iUHSkYXWYC3tfIr37kn4XH9-nP1hR4Ku82htEH3JPC6A1gCdo8cUUA==
expires
Thu, 06 Mar 2025 08:37:49 GMT
LB-Zone-2
23-bc.promorules.com/DG/DEFAULT/rest/rpc/489/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://23-bc.promorules.com/DG/DEFAULT/rest/rpc/489/LB-Zone-2?referer=https%3A%2F%2Fwww.promorules.com%2Fmk258714%3Fcid%3Dsfmc_email_owned_nat_non-shop_cl_dlybby-march-madness&bcsessionid=&bctempid=0c26aab1-6dfa-457f-a2d8-7ed9f19b4066&overruleReferrer=&time=2024-03-29T07%3A41%3A59%2B01%3A00&ts=1711694519594
Requested by
Host: 23-bc.promorules.com
URL: https://23-bc.promorules.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-117.fra60.r.cloudfront.net
Software
- /
Resource Hash
04909546201eee98724e9032802518048678f2118d0130d3d4af98a95f4ab8ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.promorules.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 29 Mar 2024 06:41:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
671
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.promorules.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
qLag7HMDb5DTYacmVJ5zYWz1qJEdbuDG9-mN5LxDMumI66OWc-OUTw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
489
23-bc.promorules.com/DG/DEFAULT/rest/rpc/ 		667 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://23-bc.promorules.com/DG/DEFAULT/rest/rpc/489?referer=https%3A%2F%2Fwww.promorules.com%2Fmk258714%3Fcid%3Dsfmc_email_owned_nat_non-shop_cl_dlybby-march-madness&bcsessionid=0c26aab1-6dfa-457f-a2d8-7ed9f19b4066&bctempid=&overruleReferrer=&time=2024-03-29T07%3A41%3A59%2B01%3A00&ts=1711694519927
Requested by
Host: 23-bc.promorules.com
URL: https://23-bc.promorules.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-117.fra60.r.cloudfront.net
Software
- /
Resource Hash
ea6d18a20130b7121212f4a3d809dcd9edb83be645da81e9aed5ff40d342b8ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.promorules.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 29 Mar 2024 06:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
197
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.promorules.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
foojZ-7sYzIGi2cw7aHb0Psca9MBpHKQJ3F1KgzigcPva7SUvnF6Nw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
489
23-bc.promorules.com/DG/DEFAULT/rest/rpc/ 		188 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://23-bc.promorules.com/DG/DEFAULT/rest/rpc/489?referer=https%3A%2F%2Fwww.promorules.com%2Fmk258714%3Fcid%3Dsfmc_email_owned_nat_non-shop_cl_dlybby-march-madness&bcsessionid=0c26aab1-6dfa-457f-a2d8-7ed9f19b4066&bctempid=&overruleReferrer=&time=2024-03-29T07%3A41%3A59%2B01%3A00&ts=1711694519929
Requested by
Host: 23-bc.promorules.com
URL: https://23-bc.promorules.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-117.fra60.r.cloudfront.net
Software
- /
Resource Hash
2893fde05cd30d745c5e0ebf14ba52f0fc7a4aa2043389b4debddae101df7f54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.promorules.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 29 Mar 2024 06:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
167
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.promorules.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
vQ8VDY17lZDmndK8kGc0jBl6cvQhmHAcracNzh0JWarHBJIGfJRMhw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
mcbc.blueconic.net/DG/DEFAULT/ 		66 B
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mcbc.blueconic.net/DG/DEFAULT/cs?bcsessionid=0c26aab1-6dfa-457f-a2d8-7ed9f19b4066&&callback=bc_json491
Requested by
Host: 23-bc.promorules.com
URL: https://23-bc.promorules.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.236.77.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-169.compute-1.amazonaws.com
Software
- /
Resource Hash
c5f32d282769a5c43fa987d4f62d0ae9bd9a65ddf6bbf3409cf75b0a5bb3eb42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.promorules.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 29 Mar 2024 06:41:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
86
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
489
23-bc.promorules.com/DG/DEFAULT/rest/rpc/ 		223 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://23-bc.promorules.com/DG/DEFAULT/rest/rpc/489?referer=https%3A%2F%2Fwww.promorules.com%2Fmk258714%3Fcid%3Dsfmc_email_owned_nat_non-shop_cl_dlybby-march-madness&bcsessionid=0c26aab1-6dfa-457f-a2d8-7ed9f19b4066&bctempid=&overruleReferrer=&time=2024-03-29T07%3A41%3A59%2B01%3A00&ts=1711694519975
Requested by
Host: 23-bc.promorules.com
URL: https://23-bc.promorules.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-117.fra60.r.cloudfront.net
Software
- /
Resource Hash
efb75b6bcaa974911d8de538f6faa605789ba0b321958715f26fded6ec8ca265
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.promorules.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 29 Mar 2024 06:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
184
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.promorules.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
v-t9RAGHI1WBi0wGaz5iFk7Jt-mn6JXrmjcikPHV--yykio5W9JOKQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
millercoors.demdex.net
URL
https://millercoors.demdex.net/dest5.html?d_nsid=0
Domain
cm.everesttech.net
URL
https://cm.everesttech.net/cm/dd?d_uuid=14900352012957948933516579945348464917
Domain
consent-pref.trustarc.com
URL
https://consent-pref.trustarc.com/?layout=gdpr&type=molsoncoors_prod&site=molsoncoors.com&country=de&action=notice&locale=en&behavior=expressed&gtm=1&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=892e1ade-64a1-4a65-8c68-f90e515f3b0d&userType=NEW

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onpagereveal object| NREUM object| webpackChunk:NRBA-1.253.0.PROD object| newrelic object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| _truste_eumap object| truste string| $temp_externalcss function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_ActivityMap function| _truste_eu object| PREF_MGR_API_DEBUG object| PrivacyManagerAPI object| TRUSTE_CMAPI_DEBUG function| mcFramework string| startyear string| endyear object| dat number| curday number| curmon number| curyear function| checkleapyear function| DaysInMonth function| datediff function| _getExpirationDate function| initMobiScroll string| _lang undefined| $ function| jQuery object| drupalSettings object| Drupal object| mcHandleWebServiceCallback number| c_start number| c_end object| blueConicPreListeners function| BCClass object| blueConicClient object| _STATE function| runOnce object| bc_json490 object| justDetectAdblock function| RuleService object| bcConnectionUtil object| bc_json491

14 Cookies

Domain/Path Name / Value
23-bc.promorules.com/DG/DEFAULT Name: BCSessionID
Value: 0c26aab1-6dfa-457f-a2d8-7ed9f19b4066
mcbc.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: 0c26aab1-6dfa-457f-a2d8-7ed9f19b4066
www.promorules.com/ Name: av
Value: true
.promorules.com/ Name: TAsessionID
Value: 892e1ade-64a1-4a65-8c68-f90e515f3b0d|NEW
.demdex.net/ Name: demdex
Value: 14900352012957948933516579945348464917
.promorules.com/ Name: AMCVS_8AE2C8AD54E65FB30A4C98A6%40AdobeOrg
Value: 1
.promorules.com/ Name: AMCV_8AE2C8AD54E65FB30A4C98A6%40AdobeOrg
Value: 179643557%7CMCIDTS%7C19812%7CMCMID%7C14866546150049450993513201009063287059%7CMCAAMLH-1712299318%7C6%7CMCAAMB-1712299318%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1711701718s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.5.0
.promorules.com/ Name: notice_behavior
Value: expressed,eu
.turn.com/ Name: uid
Value: 7778739136970558792
www.promorules.com/ Name: fpcid
Value: 3370501764370992761_FPD
www.promorules.com/ Name: BCSessionID
Value: 0c26aab1-6dfa-457f-a2d8-7ed9f19b4066
mcbc.blueconic.net/ Name: AWSALBCORS
Value: jq+TNKnU+UP+vIZ7bmR3idcgEtpxnRRYFyhOaDingGAHzOVpihAoi4KOdapzbbzsnEJiin4DI1L49GgYJydQ9+l2C5kYBNO0/qgTDzafQioWeSofdtqH5qtu/ClV
23-bc.promorules.com/ Name: AWSALB
Value: +bUJSQeqfjaQ1uHmBiJF7WYYRWci3Q/4844ZwR09REmpDNt7dVty8C3KqJZWif8DEFMS+UYQIyRfGz8CwBJd0vbZWlkIxmKxTB+6CPfrO1Moyyz5RNsKSIerLlFe
23-bc.promorules.com/ Name: AWSALBCORS
Value: +bUJSQeqfjaQ1uHmBiJF7WYYRWci3Q/4844ZwR09REmpDNt7dVty8C3KqJZWif8DEFMS+UYQIyRfGz8CwBJd0vbZWlkIxmKxTB+6CPfrO1Moyyz5RNsKSIerLlFe

6 Console Messages

Source Level URL
Text
other warning URL: https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness&non-gate=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.promorules.com/mk258714?cid=sfmc_email_owned_nat_non-shop_cl_dlybby-march-madness
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23-bc.promorules.com
assets.adobedtm.com
bam.nr-data.net
click.comm.coorsbrewing.com
cm.everesttech.net
consent-pref.trustarc.com
consent.trustarc.com
d.turn.com
dpm.demdex.net
js-agent.newrelic.com
mcbc.blueconic.net
millerbrewingcompany.122.2o7.net
millercoors.demdex.net
www.promorules.com
cm.everesttech.net
consent-pref.trustarc.com
millercoors.demdex.net
13.111.159.111
13.225.78.35
162.247.243.29
18.66.147.117
184.73.186.78
2001:678:cb4:bbbb::13
2602:816:5001::39
2a02:26f0:3500:587::1e80
34.236.77.169
34.247.72.3
52.222.236.95
63.140.62.27
04909546201eee98724e9032802518048678f2118d0130d3d4af98a95f4ab8ff
1bb360a74a6a4e472e6915c92ce76df4d1ce6f178caf6886f0c7eb4bea00605c
2893fde05cd30d745c5e0ebf14ba52f0fc7a4aa2043389b4debddae101df7f54
2c41784d154caaf4f1eb8ec713e55b10d222acedc560dc3a73e981803c1ca925
572aa67750b7badcab8743f73f7ab060d98c99c8aae03ef204431233e440cd7e
660e9d26f994c4bf7e76cf66cf2f05609410a183b883935b6bd8adad8c0248f2
6d7aa6bb298937661d993695e32a86a9c891b3cb77e46cda3831bc8ca616c55c
77bc9cd90b3406379c6c879396a9635c36269f8a89c21d8d84ab66aeadd5ead0
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
7904d8846e66f0c538335e696b4e06fe1d1d10f8856e275316d409efda45ead9
79c4875a0d56c371e813c58da1274c402cb409e46b28a27e6a3a0a08d6bd2c08
7a2ef8477c2778ac264ec9172c474ef9ca6bb789ce5a66bf98ceac375ef21177
7c073a7a38b600015134dbbb635f247a8a2c849c310d5fe5cf3ee6f6b808ff0f
83334c02a111885a77a7d8834664952d1fcbf7066366282cc74f6cef6150447e
839db27868c4378e108a918ca39f801ae107b2ee41659895c87d7b1245172989
881fffa5c7add7590c2f5a2695e6688775e3e0a489439c57f2e779c9097cc2cd
93f2069d7c684f72483bbd4414d1fb1b6272ae324021c2ddd58f3ab462130bd5
96c997db6fd2414e5258e6dbae89efe2b4109f9ee9ed5b4994949601beeaae8e
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a0ca0203d83a13fafddc90c80cf38c2bd54a2cb8e5e919383d2031aeec05fa14
c09e58de41809b5ecabd9e8a0e86e5f858a1522a09e5bb4fd1cbcb13c88f3839
c5f32d282769a5c43fa987d4f62d0ae9bd9a65ddf6bbf3409cf75b0a5bb3eb42
cbb9939d6c6aa40de228f8050d99fefcdbbd4b058513b82c5a148c6ae0d1100c
cdf02ebb0229216dad811a85ab39273fd0760fe149fdab0f2575b4b0d0f95d5b
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
e0a0340b7c912b0e1e0e020532b87affb27b7ae7be6ff084199800973a53ff6a
ea6d18a20130b7121212f4a3d809dcd9edb83be645da81e9aed5ff40d342b8ba
efb75b6bcaa974911d8de538f6faa605789ba0b321958715f26fded6ec8ca265