www.your-promos.com Open in urlscan Pro
108.128.72.146 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://w.dctw.io/eZiKIpbMrMIm
Effective URL:
https://www.your-promos.com/promos/armala-con-boing/participations/108074283?locale=de
Submission: On December 24 via manual (December 24th 2021, 5:17:29 am UTC) from MX — Scanned from DE

Summary HTTP 21 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 21 HTTP transactions. The main IP is 108.128.72.146, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.your-promos.com.
TLS certificate: Issued by R3 on November 11th 2021. Valid for: 3 months.

This is the only time www.your-promos.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.73.26.109 54.73.26.109	16509 (AMAZON-02) (AMAZON-02)
1 2	108.128.72.146 108.128.72.146	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:200... 2a04:4e42:200::729	54113 (FASTLY) (FASTLY)
6	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
10 10	2a03:2880:f02... 2a03:2880:f02d:e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
10	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	52.218.30.186 52.218.30.186	16509 (AMAZON-02) (AMAZON-02)
21	6

1 54.73.26.109 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-26-109.eu-west-1.compute.amazonaws.com

w.dctw.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.128.72.146 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-72-146.eu-west-1.compute.amazonaws.com

www.your-promos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

cdn3.ct-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:2880:f02d:e:face:b00c:0:2 (Frankfurt am Main, Germany) 10 redirects

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

platform-lookaside.fbsbx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.218.30.186 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-3-w.amazonaws.com

cool-tabs-eu.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	fbsbx.com platform-lookaside.fbsbx.com	24 KB
10	facebook.com 10 redirects graph.facebook.com	2 KB
6	ct-assets.com cdn3.ct-assets.com	734 KB
2	amazonaws.com cool-tabs-eu.s3.amazonaws.com	446 KB
2	zencdn.net vjs.zencdn.net	65 KB
2	your-promos.com 1 redirects www.your-promos.com	15 KB
1	dctw.io 1 redirects w.dctw.io	222 B
21	7

	Domain	Requested by
10	platform-lookaside.fbsbx.com	www.your-promos.com
10	graph.facebook.com	10 redirects
6	cdn3.ct-assets.com	www.your-promos.com cdn3.ct-assets.com
2	cool-tabs-eu.s3.amazonaws.com	www.your-promos.com cdn3.ct-assets.com
2	vjs.zencdn.net
2	www.your-promos.com	1 redirects
1	w.dctw.io	1 redirects
21	7

This site contains links to these domains. Also see Links.

Domain
twitter.com
web.whatsapp.com
www.pinterest.com
www.facebook.com
w.dctw.io

Subject Issuer	Validity	Valid
www.your-promos.com R3	`2021-11-11` - `2022-02-09`	3 months	crt.sh
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-11-26` - `2022-12-28`	a year	crt.sh
cdn3.ct-assets.com R3	`2021-11-10` - `2022-02-08`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2021-03-22` - `2022-03-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.your-promos.com/promos/armala-con-boing/participations/108074283?locale=de
Frame ID: 87FD0AFFD9DA32867D4E4D308A13D79B
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

¡PARTICIPA Y ÁRMALA CON BOING!

Page URL History Show full URLs

https://w.dctw.io/eZiKIpbMrMIm HTTP 302
https://www.your-promos.com/part/108074283 HTTP 302
https://www.your-promos.com/promos/armala-con-boing/participations/108074283?locale=de Page URL

Page Statistics

21
Requests

52 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

1284 kB
Transfer

3737 kB
Size

1
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/share?count=none&lang=es&text=%C2%A1PARTICIPA+Y+%C3%81RMALA+CON+BOING%21&url=https%3A%2F%2Fwww.your-promos.com%2Fpub%2Farmala-con-boing%3Futm_medium%3Dtwitter%26utm_source%3Dtwitter%26v%3D4cc18&via=BoingOficial_Mx

Search URL Search Domain Scan URL

URL: https://web.whatsapp.com/send?text=%C2%A1PARTICIPA%20Y%20%C3%81RMALA%20CON%20BOING%21%0A%0Ahttps%3A%2F%2Fwww.your-promos.com%2Fpub%2Farmala-con-boing%3Futm_medium%3Dwhatsapp%26utm_source%3Dwhatsapp%26v%3D4cc18

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?description=&media=https%3A%2F%2Fuploads3.ct-assets.com%2Fassets%2Fshare_to_wall_images%2Fc43ff92a23e34d988251ecbad23892e8%2Fbig_IMG_2836.jpg&url=https%3A%2F%2Fwww.your-promos.com%2Fpub%2Farmala-con-boing%3Futm_medium%3Dpinterest%26utm_source%3Dpinterest%26v%3D4cc18

Search URL Search Domain Scan URL

URL: https://www.facebook.com/10226176812424593

Search URL Search Domain Scan URL

URL: https://twitter.com/share?count=none&lang=es&text=%C2%A1PARTICIPA+Y+%C3%81RMALA+CON+BOING%21&url=https%3A%2F%2Fw.dctw.io%2F6oiZIv8nmnIk&via=BoingOficial_Mx

Search URL Search Domain Scan URL

URL: https://web.whatsapp.com/send?text=%C2%A1PARTICIPA%20Y%20%C3%81RMALA%20CON%20BOING%21%0A%0Ahttps%3A%2F%2Fw.dctw.io%2FNPimIB7eZeUQ

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?description=&media=https%3A%2F%2Fcool-tabs-eu.s3.amazonaws.com%2Fassets%2Fparticipation_images%2F15d231df1d1448b3bf324053c599e252%2F%3Aoriginal_IMG_20211223_075132.jpg&url=https%3A%2F%2Fwww.your-promos.com%2Fpart%2F108074283%3Futm_medium%3Dpinterest%26utm_source%3Dpinterest

Search URL Search Domain Scan URL

URL: https://w.dctw.io/eZiKIpbMrMIm
Title: https://w.dctw.io/eZiKIpbMrMIm

Search URL Search Domain Scan URL

URL: https://www.facebook.com/10226827592826089

Search URL Search Domain Scan URL

URL: https://www.facebook.com/434843781520655

Search URL Search Domain Scan URL

URL: https://www.facebook.com/273188418206286

Search URL Search Domain Scan URL

URL: https://www.facebook.com/10225127922132374

Search URL Search Domain Scan URL

URL: https://www.facebook.com/10224377934969422

Search URL Search Domain Scan URL

URL: https://www.facebook.com/10226730719876190

Search URL Search Domain Scan URL

URL: https://www.facebook.com/4534383243282834

Search URL Search Domain Scan URL

URL: https://www.facebook.com/10159108468513451

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://w.dctw.io/eZiKIpbMrMIm HTTP 302
https://www.your-promos.com/part/108074283 HTTP 302
https://www.your-promos.com/promos/armala-con-boing/participations/108074283?locale=de Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://graph.facebook.com/10226176812424593/picture?width=80 HTTP 302
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10226176812424593&width=80&ext=1642915044&hash=AeSke_xWcooQD8xs5dI

Request Chain 11

https://graph.facebook.com/10226827592826089/picture?width=80 HTTP 302
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10226827592826089&width=80&ext=1642915044&hash=AeRvZlE7lK5KZm9TpDQ

Request Chain 12

https://graph.facebook.com/434843781520655/picture?width=80 HTTP 302
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=434843781520655&width=80&ext=1642915044&hash=AeTrqqpfzUoJFis4fwY

Request Chain 13

https://graph.facebook.com/273188418206286/picture?width=80 HTTP 302
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=273188418206286&width=80&ext=1642915044&hash=AeTW-6uoRLWQMxJTJVY

Request Chain 14

https://graph.facebook.com/10225127922132374/picture?width=80 HTTP 302
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10225127922132374&width=80&ext=1642915044&hash=AeSE1zjxsFdgc_IlMAY

Request Chain 15

https://graph.facebook.com/10224377934969422/picture?width=80 HTTP 302
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10224377934969422&width=80&ext=1642915044&hash=AeSVjR-vEc2qoeIBao4

Request Chain 16

https://graph.facebook.com/10226730719876190/picture?width=80 HTTP 302
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10226730719876190&width=80&ext=1642915044&hash=AeTn5ZUfRAVFdzBXjxg

Request Chain 17

https://graph.facebook.com/4534383243282834/picture?width=80 HTTP 302
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=4534383243282834&width=80&ext=1642915044&hash=AeQ8X6QXm2ON6iP6zGQ

Request Chain 18

https://graph.facebook.com/10159108468513451/picture?width=80 HTTP 302
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10159108468513451&width=80&ext=1642915044&hash=AeSKYkcW3-89gu0eEUw

Request Chain 19

https://graph.facebook.com/10226176812424593/picture?width=80 HTTP 302
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10226176812424593&width=80&ext=1642915044&hash=AeSke_xWcooQD8xsL5Y

21 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request 108074283 Show response
www.your-promos.com/promos/armala-con-boing/participations/
Redirect Chain

https://w.dctw.io/eZiKIpbMrMIm
https://www.your-promos.com/part/108074283
https://www.your-promos.com/promos/armala-con-boing/participations/108074283?locale=de

78 KB
15 KB

135ms
135ms

Document
text/html

108.128.72.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.your-promos.com/promos/armala-con-boing/participations/108074283?locale=de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-72-146.eu-west-1.compute.amazonaws.com

Software

Cowboy /

Resource Hash

3b30ea219d6ce22e8185f97ec5e7ad6389e42b360b955506562275ece7c806ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: Cowboy
Connection: keep-alive
X-Frame-Options: ALLOWALL
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Link: <//vjs.zencdn.net/6.7/video-js.min.css>; rel=preload; as=style; nopush,<//vjs.zencdn.net/6.7/video.min.js>; rel=preload; as=script; nopush,<https://cdn3.ct-assets.com/assets/new-promos/stylesheets.ie-29cf496af8e6a07983ecf7590015c2c8096121a28785548b4a1e44b29ec24e10.css>; rel=preload; as=style; nopush,<https://cdn3.ct-assets.com/assets/new-promos/stylesheets-b505047d672c12ee047fa603d0b066d9c04079fb7113630a0e083677ae8efd7b.css>; rel=preload; as=style; nopush,<https://cdn3.ct-assets.com/assets/new-promos/all.fn-54f9c07543f5e744c2191e9a82c8f574e9d5a9bb2e73bb7984ff367737d97150.js>; rel=preload; as=script; nopush
Content-Type: text/html; charset=utf-8
Etag: W/"ed9d12a227012ebbae0abdd1c7e3d9a7"
Last-Modified: Fri, 24 Dec 2021 05:00:46 GMT
Cache-Control: public
Vary: Accept-Encoding
Content-Encoding: gzip
X-Request-Id: 8672d841-cb65-470f-b5fe-86c9efb190b6
X-Runtime: 0.092905
Date: Fri, 24 Dec 2021 05:17:23 GMT
X-Content-Digest: 0132b6a14053d405872e2ebf693d4d3b0a66ca74
Age: 0
X-Rack-Cache: miss, ignore, store
Strict-Transport-Security: max-age=86400; includeSubDomains
Content-Length: 13590
Via: 1.1 vegur

Redirect headers

Server: Cowboy
Connection: keep-alive
X-Frame-Options: ALLOWALL
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Location: https://www.your-promos.com/promos/armala-con-boing/participations/108074283?locale=de
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Content-Encoding: gzip
X-Request-Id: 5bd7ba40-eaf8-430c-bb79-ce288baaf22e
X-Runtime: 0.030712
Date: Fri, 24 Dec 2021 05:17:23 GMT
X-Rack-Cache: miss
Strict-Transport-Security: max-age=86400; includeSubDomains
Transfer-Encoding: chunked
Via: 1.1 vegur

GET
H2 200 video-js.min.css
vjs.zencdn.net/6.7/ 47 KB
15 KB 40ms
17ms Stylesheet
text/css 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/6.7/video-js.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9d7ce0df74fd071fe70ab8a95435c2cc417415d1b15078a493f3453a2876bae6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.your-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 05:17:23 GMT
content-encoding: gzip
last-modified: Tue, 06 Feb 2018 17:03:13 GMT
etag: "37b55a1e0cae75b970e8d66367fb9d79"
x-served-by: cache-fra19181-FRA
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2628000
timing-allow-origin: *
content-length: 15111
x-cache-hits: 1

GET
H2 200 video.min.js Show response
vjs.zencdn.net/6.7/ 189 KB
50 KB 28ms
6ms Script
application/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/6.7/video.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f021274069e7e6734bd5d2128078f6f63fbf326bbc2766e73be14a0a9d8e379d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.your-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 05:17:23 GMT
content-encoding: gzip
last-modified: Tue, 06 Feb 2018 17:03:13 GMT
etag: "7bba6223f3ca40fdbac2b3e6cbfc3fe1"
x-served-by: cache-fra19181-FRA
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2628000
timing-allow-origin: *
content-length: 51092
x-cache-hits: 2

GET
H2 200 stylesheets.ie-29cf496af8e6a07983ecf7590015c2c8096121a28785548b4a1e44b29ec24e10.css
cdn3.ct-assets.com/assets/new-promos/ 123 B
339 B 87ms
22ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.ct-assets.com/assets/new-promos/stylesheets.ie-29cf496af8e6a07983ecf7590015c2c8096121a28785548b4a1e44b29ec24e10.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cowboy /

Resource Hash

1d4f76c658f4e6303ff56510c0b701b49905c106126f9d22ee5e4ec8c28fef0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.your-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 05:17:24 GMT
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 13:47:48 GMT
server: Cowboy
etag: "1637675268"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1640323044.cds007.ml1.hn,1640323044.cds214.ml1.c
content-type: text/css
access-control-allow-origin: *
cache-control: public, s-maxage=31556952, max-age=2592000
accept-ranges: bytes
content-length: 112
via: 1.1 vegur

GET
H2 200 stylesheets-b505047d672c12ee047fa603d0b066d9c04079fb7113630a0e083677ae8efd7b.css
cdn3.ct-assets.com/assets/new-promos/ 431 KB
68 KB 87ms
23ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.ct-assets.com/assets/new-promos/stylesheets-b505047d672c12ee047fa603d0b066d9c04079fb7113630a0e083677ae8efd7b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cowboy /

Resource Hash

2eefb8bdeaf91e1284b9aa3c6530cc37e8cb3eb810292a9056ac227eb3c8fcc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.your-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 05:17:24 GMT
content-encoding: gzip
last-modified: Thu, 23 Dec 2021 07:07:40 GMT
server: Cowboy
etag: "1640243260"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1640323044.cds007.ml1.hn,1640323044.cds206.ml1.c
content-type: text/css
access-control-allow-origin: *
cache-control: public, s-maxage=31556952, max-age=2592000
accept-ranges: bytes
content-length: 69880
via: 1.1 vegur

GET
H2 200 all.fn-54f9c07543f5e744c2191e9a82c8f574e9d5a9bb2e73bb7984ff367737d97150.js Show response
cdn3.ct-assets.com/assets/new-promos/ 2 MB
500 KB 106ms
42ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.ct-assets.com/assets/new-promos/all.fn-54f9c07543f5e744c2191e9a82c8f574e9d5a9bb2e73bb7984ff367737d97150.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cowboy /

Resource Hash

c548773755fa2d4c7c186070b5d97dd2a44eb7d0a000d3ee7e68b4c06cb924cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.your-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 05:17:24 GMT
content-encoding: gzip
last-modified: Thu, 23 Dec 2021 07:07:40 GMT
server: Cowboy
etag: "1640243260"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1640323044.cds007.ml1.hn,1640323044.cds216.ml1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, s-maxage=31556952, max-age=2592000
accept-ranges: bytes
content-length: 511167
via: 1.1 vegur

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 klaro-custom-242b2f14557d86c0e3fb1b0b4891c19688f106e912317167274a3db270f11b87.js Show response
cdn3.ct-assets.com/assets/ 322 KB
73 KB 103ms
63ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.ct-assets.com/assets/klaro-custom-242b2f14557d86c0e3fb1b0b4891c19688f106e912317167274a3db270f11b87.js

Requested by

Host: www.your-promos.com
URL: https://www.your-promos.com/promos/armala-con-boing/participations/108074283?locale=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cowboy /

Resource Hash

b12957d75eed6943f302d7f135956e762460d570ee63f37ec1533b0412d53424

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.your-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 05:17:24 GMT
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 13:47:49 GMT
server: Cowboy
etag: "1637675269"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1640323044.cds007.ml1.hn,1640323044.cds224.ml1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, s-maxage=31556952, max-age=2592000
accept-ranges: bytes
content-length: 74117
via: 1.1 vegur

GET
H2 200 leaguegothic-regular-webfont-92ffe371d38357effec806e1ef47a19ab18512cdc9027ce44b50017bb406b62a.woff
cdn3.ct-assets.com/assets/ 19 KB
19 KB 84ms
28ms Font
application/font-woff 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.ct-assets.com/assets/leaguegothic-regular-webfont-92ffe371d38357effec806e1ef47a19ab18512cdc9027ce44b50017bb406b62a.woff

Requested by

Host: cdn3.ct-assets.com
URL: https://cdn3.ct-assets.com/assets/new-promos/stylesheets-b505047d672c12ee047fa603d0b066d9c04079fb7113630a0e083677ae8efd7b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cowboy /

Resource Hash

9e7726e2d42ed412e308d089ecffe3fd211fb56b4b273a3caeaa2a175fba744f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://cdn3.ct-assets.com/assets/new-promos/stylesheets-b505047d672c12ee047fa603d0b066d9c04079fb7113630a0e083677ae8efd7b.css
Origin: https://www.your-promos.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 05:17:24 GMT
via: 1.1 vegur
last-modified: Tue, 23 Nov 2021 13:47:48 GMT
server: Cowboy
etag: "1637675268"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1640323044.cds031.ml1.hn,1640323044.cds003.ml1.c
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, s-maxage=31556952, max-age=2592000
accept-ranges: bytes
content-length: 19548

GET
H2 200 fa-solid-900-beec083729ca494fa944cbf6b43370ac018d3106f26f521ebe6a1f1b3e059016.woff2
cdn3.ct-assets.com/assets/ 74 KB
74 KB 95ms
41ms Font
application/font-woff2 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.ct-assets.com/assets/fa-solid-900-beec083729ca494fa944cbf6b43370ac018d3106f26f521ebe6a1f1b3e059016.woff2

Requested by

Host: cdn3.ct-assets.com
URL: https://cdn3.ct-assets.com/assets/new-promos/stylesheets-b505047d672c12ee047fa603d0b066d9c04079fb7113630a0e083677ae8efd7b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cowboy /

Resource Hash

cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://cdn3.ct-assets.com/assets/new-promos/stylesheets-b505047d672c12ee047fa603d0b066d9c04079fb7113630a0e083677ae8efd7b.css
Origin: https://www.your-promos.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 05:17:24 GMT
via: 1.1 vegur
last-modified: Tue, 23 Nov 2021 13:47:47 GMT
server: Cowboy
etag: "1637675267"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1640323044.cds031.ml1.hn,1640323044.cds022.ml1.c
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, s-maxage=31556952, max-age=2592000
accept-ranges: bytes
content-length: 75440

GET
H2

200

/
platform-lookaside.fbsbx.com/platform/profilepic/
Redirect Chain

https://graph.facebook.com/10226176812424593/picture?width=80
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10226176812424593&width=80&ext=1642915044&hash=AeSke_xWcooQD8xs5dI

2 KB
2 KB

78ms
51ms

Image
image/jpeg

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10226176812424593&width=80&ext=1642915044&hash=AeSke_xWcooQD8xs5dI
Requested by: Host: www.your-promos.com
URL: https://www.your-promos.com/promos/armala-con-boing/participations/108074283?locale=de
Protocol: H2
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: b230a82d92ddab1b4a55bf4a4895b12042a40ac790660b56bd1f5f2da8f316da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.your-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-haystack-needlechecksum: 580481134
date: Fri, 24 Dec 2021 05:17:24 GMT
x-fb-trip-id: 917726464
last-modified: Sat, 29 May 2021 19:55:55 GMT
x-needle-checksum: 3314444223
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
content-length: 2003

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
x-fb-rev: 1004896088
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: G2ilDfA8MuOCbXMQtqiobIGLn8rCXpvFNldkJJv8tLbALHbddw4aB3wH9IB6BSphsr2Js9NVqCAlrCaM7P9FOg==
x-fb-trace-id: GgZ7k6zUCmC
date: Fri, 24 Dec 2021 05:17:24 GMT
content-type: image/jpeg
location: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10226176812424593&width=80&ext=1642915044&hash=AeSke_xWcooQD8xs5dI
x-fb-request-id: AGWQfPCMTAvoFSyVeeXpGgD
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v5.0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK :original_IMG_20211223_075132.jpg
cool-tabs-eu.s3.amazonaws.com/assets/participation_images/15d231df1d1448b3bf324053c599e252/ 223 KB
223 KB 184ms
80ms Image
image/jpeg 52.218.30.186
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cool-tabs-eu.s3.amazonaws.com/assets/participation_images/15d231df1d1448b3bf324053c599e252/:original_IMG_20211223_075132.jpg
Requested by: Host: www.your-promos.com
URL: https://www.your-promos.com/promos/armala-con-boing/participations/108074283?locale=de
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.30.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-3-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 940d136d07d59d93e0cdb5613b6f5aac4a2717fe168e9bdc777aea6b52f4337d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.your-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 24 Dec 2021 05:17:25 GMT
Last-Modified: Thu, 23 Dec 2021 13:53:31 GMT
Server: AmazonS3
x-amz-request-id: BRJ8BX0DNMR82A8D
ETag: "f951e7d1717c0ea64594ce23100431f4"
Content-Type: image/jpeg
Cache-Control: public,max-age=31536001
Accept-Ranges: bytes
Content-Length: 228070
x-amz-id-2: Mz4y9evXzSybYG59ci0D4vn3oQ8pWc1JO5Wg8jDVugc4T16j/2OU7UhWWaPbVoXiIHwaeAPCT/E=

GET
H2

200

/
platform-lookaside.fbsbx.com/platform/profilepic/
Redirect Chain

https://graph.facebook.com/10226827592826089/picture?width=80
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10226827592826089&width=80&ext=1642915044&hash=AeRvZlE7lK5KZm9TpDQ

2 KB
3 KB

173ms
146ms

Image
image/jpeg

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10226827592826089&width=80&ext=1642915044&hash=AeRvZlE7lK5KZm9TpDQ
Requested by: Host: www.your-promos.com
URL: https://www.your-promos.com/promos/armala-con-boing/participations/108074283?locale=de
Protocol: H2
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: d33f51b7ba044f881bbc82e933f530f9005fa18788682722f05f4548224e4e0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.your-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-haystack-needlechecksum: 668384153
date: Fri, 24 Dec 2021 05:17:24 GMT
x-fb-trip-id: 917726464
last-modified: Wed, 21 Nov 2012 00:00:00 GMT
x-needle-checksum: 1389457111
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
content-length: 2552

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
x-fb-rev: 1004896088
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: qaNt3XBqlCpNKTa+Sz3spUO4atrsFBxeUGxivodC9NU7o96mVSJKCYqJqrhKScVz+v2MQYPBGLLPc/Xma9zKJw==
x-fb-trace-id: G2dMNRONscL
date: Fri, 24 Dec 2021 05:17:24 GMT
content-type: image/jpeg
location: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10226827592826089&width=80&ext=1642915044&hash=AeRvZlE7lK5KZm9TpDQ
x-fb-request-id: AT5jNzjboIQpy7wdIux5z8N
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v5.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/
platform-lookaside.fbsbx.com/platform/profilepic/
Redirect Chain

https://graph.facebook.com/434843781520655/picture?width=80
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=434843781520655&width=80&ext=1642915044&hash=AeTrqqpfzUoJFis4fwY

2 KB
2 KB

334ms
308ms

Image
image/jpeg

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=434843781520655&width=80&ext=1642915044&hash=AeTrqqpfzUoJFis4fwY
Requested by: Host: www.your-promos.com
URL: https://www.your-promos.com/promos/armala-con-boing/participations/108074283?locale=de
Protocol: H2
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 04196f98f34c8e4b811497c710a6517570506367fc3e2bfe99dab165fa965fac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.your-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-haystack-needlechecksum: 2476787327
date: Fri, 24 Dec 2021 05:17:24 GMT
x-fb-trip-id: 917726464
last-modified: Mon, 29 Nov 2021 01:20:11 GMT
x-needle-checksum: 772690856
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
content-length: 2299

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
x-fb-rev: 1004896088
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: OaluSx8bfoPPxYJTt/LgeIB83sbWa4mi4/6aLOS3fjggjsHFmssXgDaCHlKvEAX3xRHXv2n5qzqYk6hv2Xpuvw==
x-fb-trace-id: Dkq9gakaT2b
date: Fri, 24 Dec 2021 05:17:24 GMT
content-type: image/jpeg
location: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=434843781520655&width=80&ext=1642915044&hash=AeTrqqpfzUoJFis4fwY
x-fb-request-id: AtgaGZLUY2W6n0kCT9eHUFL
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v5.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/
platform-lookaside.fbsbx.com/platform/profilepic/
Redirect Chain

https://graph.facebook.com/273188418206286/picture?width=80
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=273188418206286&width=80&ext=1642915044&hash=AeTW-6uoRLWQMxJTJVY

3 KB
3 KB

406ms
379ms

Image
image/jpeg

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=273188418206286&width=80&ext=1642915044&hash=AeTW-6uoRLWQMxJTJVY
Requested by: Host: www.your-promos.com
URL: https://www.your-promos.com/promos/armala-con-boing/participations/108074283?locale=de
Protocol: H2
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: ca838405109fefaa8f125eb4fab9ccd0aa4d18cf790b723473c2618162e0996e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.your-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-haystack-needlechecksum: 971921343
date: Fri, 24 Dec 2021 05:17:24 GMT
x-fb-trip-id: 917726464
last-modified: Thu, 25 Mar 2021 18:10:49 GMT
x-needle-checksum: 3835163275
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
content-length: 2734

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
x-fb-rev: 1004896088
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: hMnL5YnlHKUoxO6QXk71B8zRUFf0IXGRxEHpvtLuAQJRr81Qt320NPCoXCSM61T8txF77APjCcBI+ISeTxS0Iw==
x-fb-trace-id: DkwSLLFMTLY
date: Fri, 24 Dec 2021 05:17:24 GMT
content-type: image/jpeg
location: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=273188418206286&width=80&ext=1642915044&hash=AeTW-6uoRLWQMxJTJVY
x-fb-request-id: AAXfnOhJ46zcD6NKb72Jn0I
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v5.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/
platform-lookaside.fbsbx.com/platform/profilepic/
Redirect Chain

https://graph.facebook.com/10225127922132374/picture?width=80
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10225127922132374&width=80&ext=1642915044&hash=AeSE1zjxsFdgc_IlMAY

2 KB
2 KB

257ms
230ms

Image
image/jpeg

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10225127922132374&width=80&ext=1642915044&hash=AeSE1zjxsFdgc_IlMAY
Requested by: Host: www.your-promos.com
URL: https://www.your-promos.com/promos/armala-con-boing/participations/108074283?locale=de
Protocol: H2
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 021c47f03fc2195c0d246786adcea4ca25d1808f9c86577285554c1af8a5fe49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.your-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-haystack-needlechecksum: 2945141253
date: Fri, 24 Dec 2021 05:17:24 GMT
x-fb-trip-id: 917726464
last-modified: Wed, 06 May 2020 21:34:49 GMT
x-needle-checksum: 275280397
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
content-length: 2199

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
x-fb-rev: 1004896088
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: tmh8dPwYIqjDBXInvSu2vjke2I4q0FkYAN6UoavFCMkyYzss9m6t+l+mbpYimCgGJOy4EeOhzfXRAHBr+ota2g==
x-fb-trace-id: Bfd58pZLPT5
date: Fri, 24 Dec 2021 05:17:24 GMT
content-type: image/jpeg
location: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10225127922132374&width=80&ext=1642915044&hash=AeSE1zjxsFdgc_IlMAY
x-fb-request-id: ArpnKP0aIGcB9CZ1QRmgCmu
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v5.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/
platform-lookaside.fbsbx.com/platform/profilepic/
Redirect Chain

https://graph.facebook.com/10224377934969422/picture?width=80
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10224377934969422&width=80&ext=1642915044&hash=AeSVjR-vEc2qoeIBao4

3 KB
3 KB

401ms
374ms

Image
image/jpeg

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10224377934969422&width=80&ext=1642915044&hash=AeSVjR-vEc2qoeIBao4
Requested by: Host: www.your-promos.com
URL: https://www.your-promos.com/promos/armala-con-boing/participations/108074283?locale=de
Protocol: H2
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: fbe9a5fa85383fcd8a4b10a88a619197d93fed0b4b54b072bdf13981343fd651

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.your-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-haystack-needlechecksum: 1600253691
date: Fri, 24 Dec 2021 05:17:24 GMT
x-fb-trip-id: 917726464
last-modified: Sun, 22 Dec 2019 23:43:28 GMT
x-needle-checksum: 3477031037
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
accept-ranges: bytes
content-length: 2953

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
x-fb-rev: 1004896088
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: TN/z+N0tp+LcX2LqvhQvDVZ52S+9f7m4cYg/IVNwunq8D/d68KloPgW8zriNZF1EJDPdrbl28EOVSi6J0VZ/qg==
x-fb-trace-id: At+s4O5qs4R
date: Fri, 24 Dec 2021 05:17:24 GMT
content-type: image/jpeg
location: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10224377934969422&width=80&ext=1642915044&hash=AeSVjR-vEc2qoeIBao4
x-fb-request-id: AGP20Pr-DqcGMDylaBbobcR
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v5.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/
platform-lookaside.fbsbx.com/platform/profilepic/
Redirect Chain

https://graph.facebook.com/10226730719876190/picture?width=80
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10226730719876190&width=80&ext=1642915044&hash=AeTn5ZUfRAVFdzBXjxg

2 KB
2 KB

230ms
229ms

Image
image/jpeg

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10226730719876190&width=80&ext=1642915044&hash=AeTn5ZUfRAVFdzBXjxg
Requested by: Host: www.your-promos.com
URL: https://www.your-promos.com/promos/armala-con-boing/participations/108074283?locale=de
Protocol: H2
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 0881f7e448af2a7b5e095cbfb79efdd0e126b7134d0dab88f10f84eb807a35a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.your-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-haystack-needlechecksum: 77131625
date: Fri, 24 Dec 2021 05:17:24 GMT
x-fb-trip-id: 917726464
last-modified: Sat, 24 Apr 2021 22:35:24 GMT
x-needle-checksum: 160179673
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
content-length: 1820

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
x-fb-rev: 1004896088
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: kwlHoMe4+BTrYoqtvYU+FfVA5k74GeYIM+qPa0Foh8+mVVvClireY3Tz1ey3m0aCxjV51XFoA1Bds+HkiCF9pA==
x-fb-trace-id: FO3vGwkI/Gd
date: Fri, 24 Dec 2021 05:17:24 GMT
content-type: image/jpeg
location: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10226730719876190&width=80&ext=1642915044&hash=AeTn5ZUfRAVFdzBXjxg
x-fb-request-id: AePzmjRFIDdPFik3bAk6TNZ
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v5.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/
platform-lookaside.fbsbx.com/platform/profilepic/
Redirect Chain

https://graph.facebook.com/4534383243282834/picture?width=80
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=4534383243282834&width=80&ext=1642915044&hash=AeQ8X6QXm2ON6iP6zGQ

3 KB
3 KB

252ms
252ms

Image
image/jpeg

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=4534383243282834&width=80&ext=1642915044&hash=AeQ8X6QXm2ON6iP6zGQ
Requested by: Host: www.your-promos.com
URL: https://www.your-promos.com/promos/armala-con-boing/participations/108074283?locale=de
Protocol: H2
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 2713c05bc6baf5cb377e054712bd544cd4d7cfb8d66c0e8752c2fe74688d183d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.your-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-haystack-needlechecksum: 2214349733
date: Fri, 24 Dec 2021 05:17:24 GMT
x-fb-trip-id: 917726464
last-modified: Wed, 10 Nov 2021 13:54:08 GMT
x-needle-checksum: 2449612033
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
content-length: 2986

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
x-fb-rev: 1004896088
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 55XdwA+LTq3VkdHwV7/3WWVDpX6yZmu+cMWjClTHkF0oYqOK/svMvjXSab68PncSkSZsgXWjsLV3PNmrN7F4/g==
x-fb-trace-id: DwzeLlr0KKJ
date: Fri, 24 Dec 2021 05:17:24 GMT
content-type: image/jpeg
location: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=4534383243282834&width=80&ext=1642915044&hash=AeQ8X6QXm2ON6iP6zGQ
x-fb-request-id: AlR8POvDKTcfRWECGHusT-3
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v5.0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/
platform-lookaside.fbsbx.com/platform/profilepic/
Redirect Chain

https://graph.facebook.com/10159108468513451/picture?width=80
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10159108468513451&width=80&ext=1642915044&hash=AeSKYkcW3-89gu0eEUw

2 KB
2 KB

196ms
194ms

Image
image/jpeg

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10159108468513451&width=80&ext=1642915044&hash=AeSKYkcW3-89gu0eEUw
Requested by: Host: www.your-promos.com
URL: https://www.your-promos.com/promos/armala-con-boing/participations/108074283?locale=de
Protocol: H2
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 48e245df2a305f512e9b4ecc7f4318a37c14a1edde32d42a3fe9d236960c2432

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.your-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-haystack-needlechecksum: 2690573659
date: Fri, 24 Dec 2021 05:17:24 GMT
x-fb-trip-id: 917726464
last-modified: Tue, 08 Apr 2014 23:30:36 GMT
x-needle-checksum: 1320491839
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
content-length: 2287

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
x-fb-rev: 1004896088
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: kiMIBp7s1WIfExYSp3xqt2+qZwE7+GNY7QNtAL2DKwOqTz74qCH3LYlGAXkUybdGwdY/FSNBYY2yeBR29FdYjQ==
x-fb-trace-id: EEoLcsdqrP7
date: Fri, 24 Dec 2021 05:17:24 GMT
content-type: image/jpeg
location: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10159108468513451&width=80&ext=1642915044&hash=AeSKYkcW3-89gu0eEUw
x-fb-request-id: A3GdwNY1AcfVwNlphASdbhl
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v5.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/
platform-lookaside.fbsbx.com/platform/profilepic/
Redirect Chain

https://graph.facebook.com/10226176812424593/picture?width=80
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10226176812424593&width=80&ext=1642915044&hash=AeSke_xWcooQD8xsL5Y

2 KB
2 KB

30ms
29ms

Image
image/jpeg

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10226176812424593&width=80&ext=1642915044&hash=AeSke_xWcooQD8xsL5Y
Protocol: H2
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: b230a82d92ddab1b4a55bf4a4895b12042a40ac790660b56bd1f5f2da8f316da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.your-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-haystack-needlechecksum: 580481134
date: Fri, 24 Dec 2021 05:17:24 GMT
x-fb-trip-id: 917726464
last-modified: Sat, 29 May 2021 19:55:55 GMT
x-needle-checksum: 3314444223
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
content-length: 2003

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
x-fb-rev: 1004896088
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: FNVvBnJ5Prf0M5i09gb2i0qh+5Wi1QrKs2ayseVDAN/J5FViRfmwXfC5Or3xxROyZHnyBPXUeaM2WQzGKIouZA==
x-fb-trace-id: ARx/bHE0MxP
date: Fri, 24 Dec 2021 05:17:24 GMT
content-type: image/jpeg
location: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10226176812424593&width=80&ext=1642915044&hash=AeSke_xWcooQD8xsL5Y
x-fb-request-id: AT5oHfDCiEp_yFHV9qGvwH0
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v5.0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK :original_IMG_20211223_075132.jpg
cool-tabs-eu.s3.amazonaws.com/assets/participation_images/15d231df1d1448b3bf324053c599e252/ 223 KB
223 KB 40ms
40ms Image
image/jpeg 52.218.30.186
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cool-tabs-eu.s3.amazonaws.com/assets/participation_images/15d231df1d1448b3bf324053c599e252/:original_IMG_20211223_075132.jpg
Requested by: Host: cdn3.ct-assets.com
URL: https://cdn3.ct-assets.com/assets/new-promos/all.fn-54f9c07543f5e744c2191e9a82c8f574e9d5a9bb2e73bb7984ff367737d97150.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.30.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-3-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 940d136d07d59d93e0cdb5613b6f5aac4a2717fe168e9bdc777aea6b52f4337d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.your-promos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 24 Dec 2021 05:17:25 GMT
Last-Modified: Thu, 23 Dec 2021 13:53:31 GMT
Server: AmazonS3
x-amz-request-id: BRJ5PTG6HCE2VDY5
ETag: "f951e7d1717c0ea64594ce23100431f4"
Content-Type: image/jpeg
Cache-Control: public,max-age=31536001
Accept-Ranges: bytes
Content-Length: 228070
x-amz-id-2: PO8dXY7kqRbM1pyuf99rPjsDDHKK7rFkAUb0bdfd6CbvLqEjSxyVQAyvo9GOKLTA6P6Z7S1UYRw=

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.your-promos.com/	1970-01-19 23:41:35	Name: ref241186 Value: 10226176812424593

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://cdn3.ct-assets.com/assets/new-promos/all.fn-54f9c07543f5e744c2191e9a82c8f574e9d5a9bb2e73bb7984ff367737d97150.js(Line 18445) Message: The behavior that Selection.addRange() merges existing Range and the specified Range was removed. See https://www.chromestatus.com/features/6680566019653632 for more details.
javascript	warning	URL: https://www.your-promos.com/promos/armala-con-boing/participations/108074283?locale=de Message: The resource https://cdn3.ct-assets.com/assets/new-promos/stylesheets.ie-29cf496af8e6a07983ecf7590015c2c8096121a28785548b4a1e44b29ec24e10.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn3.ct-assets.com
cool-tabs-eu.s3.amazonaws.com
graph.facebook.com
platform-lookaside.fbsbx.com
vjs.zencdn.net
w.dctw.io
www.your-promos.com
108.128.72.146
151.139.128.11
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:e:face:b00c:0:2
2a04:4e42:200::729
52.218.30.186
54.73.26.109
021c47f03fc2195c0d246786adcea4ca25d1808f9c86577285554c1af8a5fe49
04196f98f34c8e4b811497c710a6517570506367fc3e2bfe99dab165fa965fac
0881f7e448af2a7b5e095cbfb79efdd0e126b7134d0dab88f10f84eb807a35a4
1d4f76c658f4e6303ff56510c0b701b49905c106126f9d22ee5e4ec8c28fef0b
2713c05bc6baf5cb377e054712bd544cd4d7cfb8d66c0e8752c2fe74688d183d
2eefb8bdeaf91e1284b9aa3c6530cc37e8cb3eb810292a9056ac227eb3c8fcc2
3b30ea219d6ce22e8185f97ec5e7ad6389e42b360b955506562275ece7c806ce
48e245df2a305f512e9b4ecc7f4318a37c14a1edde32d42a3fe9d236960c2432
940d136d07d59d93e0cdb5613b6f5aac4a2717fe168e9bdc777aea6b52f4337d
9d7ce0df74fd071fe70ab8a95435c2cc417415d1b15078a493f3453a2876bae6
9e7726e2d42ed412e308d089ecffe3fd211fb56b4b273a3caeaa2a175fba744f
b12957d75eed6943f302d7f135956e762460d570ee63f37ec1533b0412d53424
b230a82d92ddab1b4a55bf4a4895b12042a40ac790660b56bd1f5f2da8f316da
c548773755fa2d4c7c186070b5d97dd2a44eb7d0a000d3ee7e68b4c06cb924cd
ca838405109fefaa8f125eb4fab9ccd0aa4d18cf790b723473c2618162e0996e
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
d33f51b7ba044f881bbc82e933f530f9005fa18788682722f05f4548224e4e0b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f021274069e7e6734bd5d2128078f6f63fbf326bbc2766e73be14a0a9d8e379d
fbe9a5fa85383fcd8a4b10a88a619197d93fed0b4b54b072bdf13981343fd651

www.your-promos.com Open in urlscan Pro 108.128.72.146 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

21 Requests

52 %HTTPS

43 %IPv6

7 Domains

7 Subdomains

6 IPs

3 Countries

1284 kBTransfer

3737 kBSize

1 Cookies

16 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

1 Cookies

www.your-promos.com Open in urlscan Pro
108.128.72.146 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

52 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

1284 kB
Transfer

3737 kB
Size

1
Cookies

21 HTTP transactions
1 data transactions