trivia.corona.mx Open in urlscan Pro
45.60.34.211 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://trivia.corona.mx/
Effective URL:
https://trivia.corona.mx/
Submission: On October 29 via api (October 29th 2021, 2:45:47 pm UTC) from US — Scanned from NL

Summary HTTP 50 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 14 domains to perform 50 HTTP transactions. The main IP is 45.60.34.211, located in United States and belongs to INCAPSULA, US. The main domain is trivia.corona.mx.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on October 14th 2021. Valid for: 10 months.

This is the only time trivia.corona.mx was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	45.60.34.211 45.60.34.211	19551 (INCAPSULA) (INCAPSULA)
2	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	13.227.220.61 13.227.220.61	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:64:... 2a02:26f0:64::210:6bb9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	13.227.220.29 13.227.220.29	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
7	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.227.220.6 13.227.220.6	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	99.80.125.216 99.80.125.216	16509 (AMAZON-02) (AMAZON-02)
2	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
1	52.17.176.161 52.17.176.161	16509 (AMAZON-02) (AMAZON-02)
50	20

15 45.60.34.211 (United States) 1 redirects

ASN19551 (INCAPSULA, US)

trivia.corona.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.220.61 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-220-61.ams54.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:64::210:6bb9 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

onetrust.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::10 (Germany)

ASN60068 (CDN77 ^_^, GB)

rec.smartlook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.220.29 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-220-29.ams54.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.220.6 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-220-6.ams54.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.125.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-125-216.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.176.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-176-161.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	corona.mx 1 redirects trivia.corona.mx	454 KB
8	krxd.net cdn.krxd.net consumer.krxd.net beacon.krxd.net	179 KB
7	cookielaw.org cdn.cookielaw.org	103 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	63 KB
2	facebook.com www.facebook.com	574 B
2	google.nl www.google.nl	608 B
2	doubleclick.net stats.g.doubleclick.net	498 B
2	google.com analytics.google.com www.google.com	848 B
2	facebook.net connect.facebook.net	114 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	googletagmanager.com www.googletagmanager.com	128 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	smartlook.com rec.smartlook.com	9 KB
1	azureedge.net onetrust.azureedge.net	384 B
50	14

	Domain	Requested by
15	trivia.corona.mx	1 redirects trivia.corona.mx
7	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org
5	cdn.krxd.net	trivia.corona.mx cdn.krxd.net
2	consumer.krxd.net	cdn.krxd.net
2	www.facebook.com	trivia.corona.mx
2	www.google.nl	trivia.corona.mx
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	trivia.corona.mx connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com trivia.corona.mx
2	www.googletagmanager.com	trivia.corona.mx www.googletagmanager.com
1	beacon.krxd.net	cdn.krxd.net
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	www.google.com	trivia.corona.mx
1	script.hotjar.com	static.hotjar.com
1	analytics.google.com	www.googletagmanager.com
1	fonts.googleapis.com	trivia.corona.mx
1	rec.smartlook.com	trivia.corona.mx
1	onetrust.azureedge.net	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
50	20

This site contains links to these domains. Also see Links.

Domain
www.tapintoyourbeer.com
www.instagram.com
www.facebook.com
twitter.com
portal.grupomodelo.com
www.ab-inbev.com
www.grupomodelo.com
www.trivia.corona.mx
onetrust.com

Subject Issuer	Validity	Valid
grupomodelo.com Sectigo RSA Organization Validation Secure Server CA	`2021-10-14` - `2022-08-25`	10 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.azureedge.net DigiCert SHA2 Secure Server CA	`2020-11-21` - `2021-11-30`	a year	crt.sh
1610534878.rsc.cdn77.org R3	`2021-09-08` - `2021-12-07`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-07` - `2021-11-05`	3 months	crt.sh
cdn.krxd.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-02-08` - `2022-02-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
consumer.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2022-07-12`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://trivia.corona.mx/
Frame ID: 433AFD7D7195D4D1E9A3F03FA89B7193
Requests: 45 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-d09a446edefba0dcce5d5143e1840e9a.html
Frame ID: 01CEAACE137513E7B2A2D631597DA543
Requests: 1 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 7322F316763F2D88C8AC043915CFD9D1
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ganate la sudadera con más brillo con esta trivia | Cerveza CoronaBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

http://trivia.corona.mx/ HTTP 301
https://trivia.corona.mx/ Page URL

Page Statistics

50
Requests

100 %
HTTPS

60 %
IPv6

14
Domains

20
Subdomains

20
IPs

5
Countries

1072 kB
Transfer

2845 kB
Size

19
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.tapintoyourbeer.com/age_check.cfm
Title: NO

Search URL Search Domain Scan URL

URL: https://www.instagram.com/corona_mx/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CoronaCeroMx/

Search URL Search Domain Scan URL

URL: https://twitter.com/CoronaCero

Search URL Search Domain Scan URL

URL: https://portal.grupomodelo.com/es/terminos.html
Title: TÉRMINOS Y CONDICIONES DE USO

Search URL Search Domain Scan URL

URL: https://www.ab-inbev.com/
Title: Anheuser-Busch InBev © 2020

Search URL Search Domain Scan URL

URL: https://www.grupomodelo.com/abilegal/politica-deproteccion-de-datos-personales
Title: AVISO DE PRIVACIDAD

Search URL Search Domain Scan URL

URL: https://www.tapintoyourbeer.com/
Title: TAP INTO YOUR BEER

Search URL Search Domain Scan URL

URL: https://portal.grupomodelo.com/es/noticias/contactanos
Title: CONTÁCTENOS

Search URL Search Domain Scan URL

URL: https://www.trivia.corona.mx/documents/aviso_de_privacidad.pdf
Title: Políticas de Privacidad

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://trivia.corona.mx/ HTTP 301
https://trivia.corona.mx/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
trivia.corona.mx/
Redirect Chain

http://trivia.corona.mx/
https://trivia.corona.mx/

2 KB
2 KB

269ms
233ms

Document
text/html

45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://trivia.corona.mx/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.211 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a15649a254fed8c04fcc33fb4610260d934758fb06d9ff086b94def9a8a7be2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9

Response headers

Cache-Control: must-revalidate, max-age=30
Transfer-Encoding: chunked
Content-Type: text/html
Content-Encoding: gzip
ETag: "72300925"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-DNS-Prefetch-Control: off
Date: Fri, 29 Oct 2021 14:45:41 GMT
X-CDN: Imperva
X-Iinfo: 12-19108898-19108904 NNNN CT(2 14 0) RT(1635518741073 22) q(0 0 1 -1) r(3 3) U12

Redirect headers

Content-Type: text/html; charset=UTF-8
Location: https://trivia.corona.mx/
Date: Fri, 29 Oct 2021 14:45:40 GMT
Content-Length: 0
X-CDN: Imperva
X-Iinfo: 14-27147650-27147651 NNNN CT(2 -1 0) RT(1635518740892 0) q(0 0 0 1) r(2 2) U11

GET
H/1.1 200
OK app.b4e321ac.css
trivia.corona.mx/css/ 56 KB
14 KB 202ms
201ms Stylesheet
text/css 45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://trivia.corona.mx/css/app.b4e321ac.css

Requested by

Host: trivia.corona.mx
URL: https://trivia.corona.mx/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.211 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2f834ff34a0db23a30ea44521c6e7f35f9c7d08d722676491f3cca26afba023d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://trivia.corona.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Content-Encoding: gzip
Referrer-Policy: same-origin
X-CDN: Imperva
Date: Fri, 29 Oct 2021 14:45:41 GMT
Vary: Accept-Encoding
Content-Type: text/css
X-Iinfo: 12-19108898-19071862 2NNN RT(1635518741073 275) q(0 0 0 -1) r(2 2) U18
X-XSS-Protection: 1; mode=block
Cache-Control: must-revalidate, max-age=30
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
ETag: "72300925"

GET
H/1.1 200
OK app.1cae9b61.js Show response
trivia.corona.mx/js/ 72 KB
25 KB 241ms
211ms Script
text/javascript 45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://trivia.corona.mx/js/app.1cae9b61.js

Requested by

Host: trivia.corona.mx
URL: https://trivia.corona.mx/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.211 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5e4336b9b5499a0e67e91b4f5906a6cebc40b0dff6c0f78b91e0fb30d1c04d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://trivia.corona.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Content-Encoding: gzip
Referrer-Policy: same-origin
X-CDN: Imperva
Date: Fri, 29 Oct 2021 14:45:40 GMT
Vary: Accept-Encoding
Content-Type: text/javascript
X-Iinfo: 13-23100160-23092700 2NNN RT(1635518741362 16) q(0 0 0 -1) r(2 2) U18
X-XSS-Protection: 1; mode=block
Cache-Control: must-revalidate, max-age=30
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
ETag: "72300925"

GET
H/1.1 200
OK chunk-vendors.81dd2a0e.js Show response
trivia.corona.mx/js/ 225 KB
99 KB 100ms
70ms Script
text/javascript 45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://trivia.corona.mx/js/chunk-vendors.81dd2a0e.js

Requested by

Host: trivia.corona.mx
URL: https://trivia.corona.mx/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.211 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

59427c3a73a99202fed04d0518feac7b4662d58843f25911a5b997698a337b32

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://trivia.corona.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Content-Encoding: gzip
Referrer-Policy: same-origin
X-CDN: Imperva
Date: Fri, 29 Oct 2021 14:45:41 GMT
Vary: Accept-Encoding
Content-Type: text/javascript
X-Iinfo: 13-23100159-23072130 2NNN RT(1635518741362 18) q(0 0 0 -1) r(1 1) U18
X-XSS-Protection: 1; mode=block
Cache-Control: must-revalidate, max-age=30
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
ETag: "72300925"

GET
H/1.1 200
OK _Incapsula_Resource Show response
trivia.corona.mx/ 140 KB
20 KB 55ms
23ms Script
application/javascript 45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://trivia.corona.mx/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=1305211373
Requested by: Host: trivia.corona.mx
URL: https://trivia.corona.mx/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.34.211 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: d5bfece4bb18cac1f35bf594a9feac345295142f3d3de0acb87341cc77325a7a

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://trivia.corona.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Encoding: gzip
Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 20042
Content-Type: application/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 221 KB
79 KB 108ms
56ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P3PS2G6

Requested by

Host: trivia.corona.mx
URL: https://trivia.corona.mx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

62aac9f7c4362d8ee08c673ba27c764606d124a1f058602c930551029c673c20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 14:45:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80605
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Oct 2021 14:45:41 GMT

GET
H/1.1 200
OK about.93ae1601.js
trivia.corona.mx/js/ 0
989 B 259ms
226ms Other
text/javascript 45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://trivia.corona.mx/js/about.93ae1601.js

Requested by

Host: trivia.corona.mx
URL: https://trivia.corona.mx/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.211 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://trivia.corona.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Content-Encoding: gzip
Referrer-Policy: same-origin
X-CDN: Imperva
Date: Fri, 29 Oct 2021 14:45:41 GMT
Vary: Accept-Encoding
Content-Type: text/javascript
X-Iinfo: 8-4652967-4652252 2NNN RT(1635518741363 19) q(0 0 0 -1) r(2 2) U18
X-XSS-Protection: 1; mode=block
Cache-Control: must-revalidate, max-age=30
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
ETag: "72300925"

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 125 KB
49 KB 47ms
46ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6NVP6SM5D6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3PS2G6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ed148332e9c39425e8850cb37c23d08973b87882594682fb6daa2988895e766

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 14:45:41 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49668
x-xss-protection: 0
expires: Fri, 29 Oct 2021 14:45:41 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 78ms
22ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3PS2G6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 2675
date: Fri, 29 Oct 2021 14:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 29 Oct 2021 16:01:06 GMT

GET
H2 200 hotjar-2152277.js Show response
static.hotjar.com/c/ 4 KB
2 KB 105ms
65ms Script
application/javascript 13.227.220.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2152277.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3PS2G6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.220.61 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-220-61.ams54.r.cloudfront.net

Software

Resource Hash

b6bc051452fb86da395f36d6c3ff1806dbbd72577942d1a3356f01281c5aa54c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 14:45:41 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: AMS54-C1
etag: W/86037f8af945c7f1facf86633258c102
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1886
via: 1.1 38f6d324a75dff585b0ce25920fd4bda.cloudfront.net (CloudFront)
x-amz-cf-id: 4tY1u0HpRHOtGNV1ipwuFrABeu9fvk4TYN6o3OM56kG4iUW3zzCE_Q==

GET
H2 200 webcore-ot-sdk.min.js Show response
onetrust.azureedge.net/onetrust/ 0
384 B 227ms
114ms Script
text/html 2a02:26f0:64::210:6bb9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://onetrust.azureedge.net/onetrust/webcore-ot-sdk.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3PS2G6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6bb9 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 14:45:41 GMT
last-modified: Tue, 02 Feb 2021 20:41:53 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8f3438d7a3f9d61:0"
content-type: text/html
cache-control: max-age=60
accept-ranges: bytes
content-length: 0

GET
H2 200 recorder.js Show response
rec.smartlook.com/ 28 KB
9 KB 67ms
21ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://rec.smartlook.com/recorder.js

Requested by

Host: trivia.corona.mx
URL: https://trivia.corona.mx/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::10 , Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

394653b172e1eb8c527dba3151a9d40522d67cd0ce88f8a7097b4c3347e7080e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Oct 2021 14:45:41 GMT
content-encoding: br
vary: Accept-Encoding
x-77-nzt-ray: p0hrqpXMeSI=
x-77-cache: HIT
x-cache: HIT
x-age: 481
x-77-nzt: Abk73BDqkTzv4QEAAA==
x-accel-expires: @1635518860
last-modified: Tue, 26 Oct 2021 15:25:45 GMT
server: CDN77-Turbo
etag: W/"61781df9-6f29"
strict-transport-security: max-age=31536000, max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 67ms
21ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: trivia.corona.mx
URL: https://trivia.corona.mx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9d1a71851b9c575f7a08134336da7769a379f0db481b058bf45a82d60b7e2ddc

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25969
x-xss-protection: 0
pragma: public
x-fb-debug: QeohfxgSt17zE6E30+V4THB5h/sOkvQRuD8aebXLxP10xJVEOkm2Gb1m9+9STc/RmG0yBakhTWI+mozRVPHjhQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 29 Oct 2021 14:45:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 woe7tyg1e.js Show response
cdn.krxd.net/controltag/ 20 KB
6 KB 154ms
105ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/woe7tyg1e.js
Requested by: Host: trivia.corona.mx
URL: https://trivia.corona.mx/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0fa19f56f34196b65d0fe67a08dde10e9ebaa2561b774bb4e3148eba3483d437

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Fri, 29 Oct 2021 14:45:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
x-cache: MISS, MISS, MISS
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 5477
x-served-by: config-service-a006-ash-prod.krxd.net, cache-bwi5159-BWI, cache-ams21041-AMS
x-response-time: 1
x-do-esi: esi
x-timer: S1635518742.612857,VS0,VE90
etag: "7e13e4f3ffe77f8c32afe20038a4920d50c21efc"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 0, 0

GET
H2 200 css2
fonts.googleapis.com/ 744 B
1 KB 81ms
29ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Bebas+Neue&display=swap

Requested by

Host: trivia.corona.mx
URL: https://trivia.corona.mx/css/app.b4e321ac.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

08ba82bbd1bdeb2ecabd09b85c5e100cc140e697a053c18bdd86828b34399faf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:37:32 GMT
server: ESF
date: Fri, 29 Oct 2021 14:45:41 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Fri, 29 Oct 2021 14:45:41 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
347 B 81ms
28ms Ping
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-6NVP6SM5D6&gtm=2oear0&_p=1532444170&sr=1600x1200&_gaz=1&ul=en-us&cid=142271711.1635518742&_s=1&dl=https%3A%2F%2Ftrivia.corona.mx%2F&dt=Participa%20por%20un%20cooler%20de%20Corona%20%7C%20Cerveza%20Corona&sid=1635518741&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6NVP6SM5D6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 14:45:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://trivia.corona.mx
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 75ms
25ms Ping
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6NVP6SM5D6&cid=142271711.1635518742&gtm=2oear0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6NVP6SM5D6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 14:45:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://trivia.corona.mx
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
501 B 96ms
45ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6NVP6SM5D6&cid=142271711.1635518742&gtm=2oear0&aip=1&z=841815490

Requested by

Host: trivia.corona.mx
URL: https://trivia.corona.mx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 14:45:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 39ms
24ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-158126615-39&cid=142271711.1635518742&jid=2070367808&gjid=2069313491&_gid=1744594108.1635518742&_u=YCDAgEABAAAAAE~&z=1820867801

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 29 Oct 2021 14:45:41 GMT
content-type: text/plain
access-control-allow-origin: https://trivia.corona.mx
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
193 B 21ms
21ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1532444170&t=pageview&_s=1&dl=https%3A%2F%2Ftrivia.corona.mx%2F&ul=en-us&de=UTF-8&dt=Participa%20por%20un%20cooler%20de%20Corona%20%7C%20Cerveza%20Corona&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEAB~&jid=2070367808&gjid=2069313491&cid=142271711.1635518742&tid=UA-158126615-39&_gid=1744594108.1635518742&gtm=2wgar0P3PS2G6&z=2113410008

Requested by

Host: trivia.corona.mx
URL: https://trivia.corona.mx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 13:26:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4732
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1712142902403242 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 68ms
67ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1712142902403242?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

655af8466afc77bc277a60ddaaa71412de519148dc103e5feab5e83f3f10615d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: OqIu2Gg698JkXaPTLj09rCmx/CE3AHVyzRNg4ZB95OSqgWF1rQBm2PyGnmwYzqiE2yksIgS1cMJy5nyrnOEeWQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 29 Oct 2021 14:45:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.d4630e91cffbd6b56a37.js Show response
script.hotjar.com/ 222 KB
59 KB 55ms
20ms Script
application/javascript 13.227.220.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.d4630e91cffbd6b56a37.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2152277.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.220.29 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-220-29.ams54.r.cloudfront.net

Software

Resource Hash

dd8bce41d0be6d4e5449bef910b493bcf872a4189a361451102996bfe0082f3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 10:41:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101076
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59861
access-control-allow-origin: *
last-modified: Thu, 28 Oct 2021 10:40:59 GMT
etag: "fe2e85deda154f5a6e0e0112bec8a18c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 fe106b75368b4a44b0461d7e712cd360.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: AMS54-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: gj63OfozYI7XRzQsYrzFGghyAmCPTR8CWlxR5VGz6f2Wzz6ZqAQfcQ==

GET
H/1.1 200
OK logo.02413110.svg
trivia.corona.mx/img/ 12 KB
5 KB 216ms
215ms Image
image/svg+xml 45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trivia.corona.mx/img/logo.02413110.svg

Requested by

Host: trivia.corona.mx
URL: https://trivia.corona.mx/age-gate

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.211 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

890faf5c6a66e8f3ce44ac57a7575498865b99d5a6de3f9b34372d2e66f57a4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://trivia.corona.mx/age-gate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Content-Encoding: gzip
Referrer-Policy: same-origin
X-CDN: Imperva
ETag: "72300925"
X-DNS-Prefetch-Control: off
Content-Type: image/svg+xml
X-Iinfo: 8-4652967-4652982 NNYN CT(2 15 0) RT(1635518741363 319) q(0 0 1 -1) r(2 2) U18
X-XSS-Protection: 1; mode=block
Cache-Control: must-revalidate, max-age=30
Date: Fri, 29 Oct 2021 14:45:41 GMT
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK age-gate-bg-desk.7d31e4f8.jpg
trivia.corona.mx/img/ 207 KB
207 KB 39ms
39ms Image
image/jpeg 45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trivia.corona.mx/img/age-gate-bg-desk.7d31e4f8.jpg

Requested by

Host: trivia.corona.mx
URL: https://trivia.corona.mx/css/app.b4e321ac.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.211 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2b397001e5e20ae37177f1bc2c1cc4264f073ad6e73a7990dd07438cd890faa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://trivia.corona.mx/css/app.b4e321ac.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Referrer-Policy: same-origin
X-CDN: Imperva
ETag: "72300925"
Transfer-Encoding: chunked
Content-Type: image/jpeg
X-Iinfo: 13-23100160-23092700 2NNN RT(1635518741362 315) q(0 0 0 -1) r(1 1) U18
Cache-Control: must-revalidate, max-age=30
Date: Fri, 29 Oct 2021 14:45:40 GMT
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK helveticaneue-condensed_bold-font.09eb9b78.woff2
trivia.corona.mx/fonts/ 19 KB
19 KB 29ms
29ms Font
font/woff2 45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://trivia.corona.mx/fonts/helveticaneue-condensed_bold-font.09eb9b78.woff2

Requested by

Host: trivia.corona.mx
URL: https://trivia.corona.mx/css/app.b4e321ac.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.211 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

796de3160e42300058f3c1173318578ba291ac2280f7d90258719ca8c58605fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://trivia.corona.mx/css/app.b4e321ac.css
Origin: https://trivia.corona.mx
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Referrer-Policy: same-origin
X-CDN: Imperva
ETag: "72300925"
X-DNS-Prefetch-Control: off
Content-Type: font/woff2
X-Iinfo: 12-19108898-19108904 SNNN RT(1635518741073 604) q(0 0 0 -1) r(0 0) U18
X-XSS-Protection: 1; mode=block
Cache-Control: must-revalidate, max-age=30
Date: Fri, 29 Oct 2021 14:45:41 GMT
Content-Length: 18976
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK corona-brillas.7a431f61.ttf
trivia.corona.mx/fonts/ 5 KB
5 KB 206ms
206ms Font
font/ttf 45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://trivia.corona.mx/fonts/corona-brillas.7a431f61.ttf

Requested by

Host: trivia.corona.mx
URL: https://trivia.corona.mx/css/app.b4e321ac.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.211 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ccd58b8fcf67cc42e74bc33893e02d287f3eae0b645ccc5b28ccd6d4ae91ad26

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://trivia.corona.mx/css/app.b4e321ac.css
Origin: https://trivia.corona.mx
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Referrer-Policy: same-origin
X-CDN: Imperva
ETag: "72300925"
Transfer-Encoding: chunked
Content-Type: font/ttf
X-Iinfo: 13-23100159-23100232 NNNN CT(3 13 0) RT(1635518741362 317) q(0 0 0 -1) r(2 2) U18
Cache-Control: must-revalidate, max-age=30
Date: Fri, 29 Oct 2021 14:45:41 GMT
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK helveticaneue-mediumcond-font.20e0cdc2.woff2
trivia.corona.mx/fonts/ 19 KB
19 KB 41ms
40ms Font
font/woff2 45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://trivia.corona.mx/fonts/helveticaneue-mediumcond-font.20e0cdc2.woff2

Requested by

Host: trivia.corona.mx
URL: https://trivia.corona.mx/css/app.b4e321ac.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.211 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3aa46191c1457b179175c92ffcf42c21b1a87b6a8361174dcbb5f8364a46ecc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://trivia.corona.mx/css/app.b4e321ac.css
Origin: https://trivia.corona.mx
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Referrer-Policy: same-origin
X-CDN: Imperva
ETag: "72300925"
Transfer-Encoding: chunked
Content-Type: font/woff2
X-Iinfo: 5-8487728-8487751 NNNN CT(2 8 0) RT(1635518741363 315) q(0 0 0 -1) r(1 1) U18
Cache-Control: must-revalidate, max-age=30
Date: Fri, 29 Oct 2021 14:45:41 GMT
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK helveticaneue-light-font.45dc16e4.woff2
trivia.corona.mx/fonts/ 19 KB
19 KB 59ms
29ms Font
font/woff2 45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://trivia.corona.mx/fonts/helveticaneue-light-font.45dc16e4.woff2

Requested by

Host: trivia.corona.mx
URL: https://trivia.corona.mx/css/app.b4e321ac.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.211 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

433ca6438dc25db0b8ebcd860c553afd59697aea1320e9a995a8b08107a42802

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://trivia.corona.mx/css/app.b4e321ac.css
Origin: https://trivia.corona.mx
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Referrer-Policy: same-origin
X-CDN: Imperva
ETag: "72300925"
X-DNS-Prefetch-Control: off
Content-Type: font/woff2
X-Iinfo: 12-19109023-19108904 PNNN RT(1635518741692 16) q(0 0 0 -1) r(0 0) U18
X-XSS-Protection: 1; mode=block
Cache-Control: must-revalidate, max-age=30
Date: Fri, 29 Oct 2021 14:45:41 GMT
Content-Length: 19108
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK helvetica-47-light-condensed-font.e5dbe4e7.woff2
trivia.corona.mx/fonts/ 18 KB
18 KB 203ms
168ms Font
font/woff2 45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://trivia.corona.mx/fonts/helvetica-47-light-condensed-font.e5dbe4e7.woff2

Requested by

Host: trivia.corona.mx
URL: https://trivia.corona.mx/css/app.b4e321ac.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.211 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2e0bb280ba3c8ab6df25eee29daa421da74aba5f8a3415f847110bb0bf733891

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://trivia.corona.mx/css/app.b4e321ac.css
Origin: https://trivia.corona.mx
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Referrer-Policy: same-origin
X-CDN: Imperva
ETag: "72300925"
Transfer-Encoding: chunked
Content-Type: font/woff2
X-Iinfo: 12-19108898-19109031 NNNN CT(2 14 0) RT(1635518741073 640) q(0 0 0 -1) r(1 1) U18
Cache-Control: must-revalidate, max-age=30
Date: Fri, 29 Oct 2021 14:45:41 GMT
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-XSS-Protection: 1; mode=block

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 99ms
46ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-158126615-39&cid=142271711.1635518742&jid=2070367808&_u=YCDAgEABAAAAAE~&z=718904442

Requested by

Host: trivia.corona.mx
URL: https://trivia.corona.mx/age-gate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 14:45:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 45ms
44ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-158126615-39&cid=142271711.1635518742&jid=2070367808&_u=YCDAgEABAAAAAE~&z=718904442

Requested by

Host: trivia.corona.mx
URL: https://trivia.corona.mx/age-gate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 14:45:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK _Incapsula_Resource
trivia.corona.mx/ 1 B
123 B 15ms
15ms Image
text/plain 45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trivia.corona.mx/_Incapsula_Resource?SWKMTFSR=1&e=0.1681219015872517
Requested by: Host: trivia.corona.mx
URL: https://trivia.corona.mx/age-gate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.34.211 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://trivia.corona.mx/age-gate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 1
Content-Type: text/plain

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/4cb01c89-9cf4-4054-a08b-af15e399ffda/ 5 KB
2 KB 251ms
185ms Script
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4cb01c89-9cf4-4054-a08b-af15e399ffda/OtAutoBlock.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3PS2G6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9054eb8c22729134bfa5c6ed526e18816f0ef0abeab5c84edd8a7169c6d1dd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 29 Oct 2021 14:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: vtfESBp66hEtCzNLWCD/XQ==
vary: Accept-Encoding
content-length: 1760
x-ms-lease-status: unlocked
last-modified: Fri, 10 Sep 2021 23:02:17 GMT
server: cloudflare
etag: 0x8D974AF099C5B78
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2b0bdebd-a01e-0176-0bd3-cc1a0f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6a5d30688a773761-MXP
expires: Fri, 29 Oct 2021 18:45:42 GMT

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 15ms
15ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/woe7tyg1e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Fri, 29 Oct 2021 14:45:41 GMT
content-encoding: gzip
age: 7612069
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 1963764
content-length: 84509
x-served-by: cache-ams21041-AMS
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1635518742.779360,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H2 200 box-d09a446edefba0dcce5d5143e1840e9a.html Show response
vars.hotjar.com/ Frame 01CE 2 KB
1 KB 53ms
14ms Document
text/html 13.227.220.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-d09a446edefba0dcce5d5143e1840e9a.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2152277.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.220.6 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-220-6.ams54.r.cloudfront.net
Software: /
Resource Hash: 69ae95b7f73e2899d0c398ed4fb9faba242bbec4d0a58b182e4dd0e7808f01ac

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9

Response headers

content-type: text/html
content-length: 1044
date: Wed, 20 Oct 2021 07:15:05 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "63e08f928469ab67d9dac30c065ed182"
last-modified: Wed, 20 Oct 2021 07:15:01 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6c22fb0e883db3123ae98d8d72cdaf76.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: kwBfESDQ_GTAYJXILriSjrW3cHnO4EqJuFZG1efD0aMNW2aKbmAxkg==
age: 804636

GET
H2 200 /
www.facebook.com/tr/ 44 B
427 B 68ms
23ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1712142902403242&ev=PageView&dl=https%3A%2F%2Ftrivia.corona.mx%2Fage-gate&rl=&if=false&ts=1635518741821&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1635518741821.1503394972&it=1635518741661&coo=false&exp=p1&rqm=GET

Requested by

Host: trivia.corona.mx
URL: https://trivia.corona.mx/age-gate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 14:45:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 29 Oct 2021 14:45:41 GMT

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response
cdn.krxd.net/partnerjs/xdi/ Frame 7322 805 B
842 B 15ms
14ms Document
text/html 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9

Response headers

last-modified: Tue, 21 Feb 2017 17:50:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
cache-control: public, max-age=315360000
expires: Fri, 19 Feb 2027 17:50:50 GMT
content-type: text/html
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
fastly-restarts: 1
content-encoding: gzip
accept-ranges: bytes
date: Fri, 29 Oct 2021 14:45:41 GMT
via: 1.1 varnish
age: 12369221
x-served-by: cache-ams21041-AMS
x-cache: HIT
x-cache-hits: 559879
x-timer: S1635518742.878273,VS0,VE0
vary: Accept-Encoding
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 525

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2152277/ 146 B
323 B 106ms
36ms XHR
application/json 99.80.125.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2152277/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.d4630e91cffbd6b56a37.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.125.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-125-216.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1f93261e6db2c54e59dd3384dbb44d59a47c0118c3526bec3a3e5f52925e5243

Request headers

Referer
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 29 Oct 2021 14:45:41 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 woe7tyg1e.js Show response
cdn.krxd.net/controltag/ Frame 7322 20 KB
6 KB 15ms
15ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/woe7tyg1e.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0fa19f56f34196b65d0fe67a08dde10e9ebaa2561b774bb4e3148eba3483d437

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Fri, 29 Oct 2021 14:45:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
x-cache: MISS, MISS, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 5477
x-served-by: config-service-a006-ash-prod.krxd.net, cache-bwi5159-BWI, cache-ams21041-AMS
x-response-time: 1
x-do-esi: esi
x-timer: S1635518742.902864,VS0,VE0
etag: "7e13e4f3ffe77f8c32afe20038a4920d50c21efc"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 0, 1

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ Frame 7322 259 KB
83 KB 16ms
16ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/woe7tyg1e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Fri, 29 Oct 2021 14:45:41 GMT
content-encoding: gzip
age: 7612069
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 1963765
content-length: 84509
x-served-by: cache-ams21041-AMS
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1635518742.920033,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H2 200 8d253cfb-b007-48a9-9e88-40026a95abd2 Show response
consumer.krxd.net/consent/get/ 234 B
428 B 48ms
15ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/8d253cfb-b007-48a9-9e88-40026a95abd2?idt=device&dt=kxcookie&callback=Krux.ns.abimaz.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bd288db9e2f83f7d5d3a67ded340af0cf6e246809394c983b92103e597d39dc

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 14:45:41 GMT
via: 1.1 varnish
age: 627
x-served-by: consumer-a009-dub-prod.krxd.net, cache-ams21024-AMS
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1635518742.957782,VS0,VE0
content-length: 189
x-cache-hits: 0, 1

GET
H2 200 8d253cfb-b007-48a9-9e88-40026a95abd2 Show response
consumer.krxd.net/consent/get/ Frame 7322 219 B
322 B 43ms
42ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/8d253cfb-b007-48a9-9e88-40026a95abd2?idt=device&dt=kxcookie&callback=Krux.ns.abimaz.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 950a479bf003bbb4e0f625bcfd24f3c5c003c88549b00765f15d696a921fee80

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 14:45:42 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a003-dub-prod.krxd.net, cache-ams21024-AMS
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1635518742.981918,VS0,VE28
content-length: 181
x-cache-hits: 0, 0

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 39ms
39ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3PS2G6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11b947e74a7ba8f1d433b84ab7a719799ec0662a9035a8b4a2ab4d7d1eb2d681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 29 Oct 2021 14:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: OPcq+YIYFFKAyM1Ar0weOg==
age: 916820
vary: Accept-Encoding
content-length: 6350
x-ms-lease-status: unlocked
last-modified: Thu, 14 Oct 2021 05:25:41 GMT
server: cloudflare
etag: 0x8D98ED3103C1468
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 75937fa8-e01e-0075-326c-c45f5d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6a5d3069bd163761-MXP
expires: Sat, 06 Nov 2021 14:45:42 GMT

GET
H2 200 4cb01c89-9cf4-4054-a08b-af15e399ffda.json Show response
cdn.cookielaw.org/consent/4cb01c89-9cf4-4054-a08b-af15e399ffda/ 3 KB
2 KB 153ms
85ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4cb01c89-9cf4-4054-a08b-af15e399ffda/4cb01c89-9cf4-4054-a08b-af15e399ffda.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf84206330a0af671f564fe5b2834e83c8213905e332a25d6c9f6ee68358e82c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 29 Oct 2021 14:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: +MtureWe7uWm6t6hdzxkoQ==
vary: Accept-Encoding
content-length: 1249
x-ms-lease-status: unlocked
last-modified: Fri, 10 Sep 2021 23:02:17 GMT
server: cloudflare
etag: 0x8D974AF09801BC3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 730bd05e-a01e-009c-4fd3-cca35b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6a5d306a6effe8f7-MXP
expires: Fri, 29 Oct 2021 18:45:42 GMT

GET
H2 200 optout_check Show response
beacon.krxd.net/ 79 B
239 B 99ms
30ms Script
text/javascript 52.17.176.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.abimaz.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.176.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-176-161.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bf183933467ff43e06a2420c350bbda5da165be6c73d88e3e9d73f6749ba23c8

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 14:45:42 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=21 t=1635518742
x-served-by: beacon-n006-dub-prod.krxd.net
content-type: text/javascript

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.5.0/ 325 KB
68 KB 40ms
39ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 29 Oct 2021 14:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: AvbD4VHYe4H/QnyU6j8v5w==
age: 923855
vary: Accept-Encoding
content-length: 69711
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:22 GMT
server: cloudflare
etag: 0x8D84A3B58DE8819
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: cd51f405-401e-0155-726c-c475c4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6a5d306aff733761-MXP
expires: Sat, 06 Nov 2021 14:45:42 GMT

GET
H2 200 es.json Show response
cdn.cookielaw.org/consent/4cb01c89-9cf4-4054-a08b-af15e399ffda/0d24cda6-c88f-4f5d-a74f-3b1ce38596d1/ 31 KB
9 KB 74ms
74ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4cb01c89-9cf4-4054-a08b-af15e399ffda/0d24cda6-c88f-4f5d-a74f-3b1ce38596d1/es.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fcf0f73829d7d651743c45c212051f633aa8ad01fd9f80f70531be5343c182b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 29 Oct 2021 14:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: AOHuei/fRYCmyJTPeWAX9Q==
vary: Accept-Encoding
content-length: 9298
x-ms-lease-status: unlocked
last-modified: Fri, 10 Sep 2021 23:02:18 GMT
server: cloudflare
etag: 0x8D974AF09C6A77B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 30ba69ae-b01e-0104-3cd3-cc6b31000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6a5d306b78cbe8f7-MXP
expires: Fri, 29 Oct 2021 18:45:42 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.5.0/assets/ 12 KB
3 KB 180ms
180ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 29 Oct 2021 14:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: NgHQTHCGWwGmNE0ie37G8A==
vary: Accept-Encoding
content-length: 3248
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:16 GMT
server: cloudflare
etag: 0x8D84A3B556B9C39
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: f106626b-b01e-0162-1ed3-ccd96b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6a5d306c09bae8f7-MXP
expires: Sat, 06 Nov 2021 14:45:42 GMT

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.5.0/assets/v2/ 42 KB
11 KB 176ms
176ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

319014ec1f2fed36df3bea88fb0858755417146541880ea972d7f09f2c02c1d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 29 Oct 2021 14:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: upoPZAz/T1nlJaBExjIC+A==
vary: Accept-Encoding
content-length: 10813
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:18 GMT
server: cloudflare
etag: 0x8D84A3B568F6C60
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 0de50973-801e-012e-32d3-cc1e74000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6a5d306c09bbe8f7-MXP
expires: Sat, 06 Nov 2021 14:45:42 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 22ms
21ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1712142902403242&ev=Microdata&dl=https%3A%2F%2Ftrivia.corona.mx%2Fage-gate&rl=&if=false&ts=1635518743324&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Ganate%20la%20sudadera%20con%20m%C3%A1s%20brillo%20con%20esta%20trivia%20%7C%20Cerveza%20Corona%22%2C%22meta%3Adescription%22%3A%22Reg%C3%ADstrate%20con%20Cerveza%20Corona%20y%20participa%20de%20una%20trivia%20contrarreloj%2C%20podr%C3%A1s%20ganarte%20la%20sudadera%20con%20m%C3%A1s%20brillo%20%20%C2%A1Entra%20aqu%C3%AD%20y%20ent%C3%A9rate%20c%C3%B3mo%20participar!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1635518741821.1503394972&it=1635518741661&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 14:45:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 29 Oct 2021 14:45:43 GMT

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.corona.mx/	1970-01-20 07:03:56	Name: visid_incap_2671869 Value: xzl9Gei4Q6+dpPqnTPV//BQJfGEAAAAAQUIPAAAAAAAuK1dt+tHx66CTTB3aCuba
.corona.mx/	1969-12-31 23:59:59	Name: nlbi_2671869 Value: FcgGXKwF4EdAhmj2bIjzbQAAAAD0Lpc1kdbIHK7LtRe5FIfI
.corona.mx/	1969-12-31 23:59:59	Name: incap_ses_768_2671869 Value: gUSaYKn1NQF50fLAYnyoChUJfGEAAAAAKnVSk/o3LQl02ZyPR+4XBw==
.corona.mx/	1970-01-20 00:28:14	Name: _gcl_au Value: 1.1.1803987340.1635518742
trivia.corona.mx/	1969-12-31 23:59:59	Name: km_vs Value: 1
trivia.corona.mx/	1969-12-31 23:59:59	Name: sp_t Value: 1
trivia.corona.mx/	1969-12-31 23:59:59	Name: ki_t Value: 1
.corona.mx/	1970-01-20 15:49:50	Name: _ga Value: GA1.2.142271711.1635518742
.corona.mx/	1970-01-19 22:20:05	Name: _gid Value: GA1.2.1744594108.1635518742
.corona.mx/	1970-01-19 22:18:38	Name: _dc_gtm_UA-158126615-39 Value: 1
trivia.corona.mx/	1970-01-19 22:18:38	Name: ___utmvc Value: 6/j4fm4z8eGAfvxhFGJ5m8bXmrYBlQSM3q+zN1I4Ogh4lK2pTUjg2iW/dre75nJW5CfGmeBnieiV3GgKSs2sBnXYOr5cn2F99oQRBW+w4qLR4YK8A6B3SN2Us3uJHqukjnO9l3XdUEuJY4Nzn+HzskA2/Z6Qi5ve/6WMKOcpR0ZxpZtMo/B33qNv1W8gui9cyhdna9rrpWATKhsuMuyPqBlQJUXJY5BXywjE1nkdjns7RCggXXQ/exxz8Dz7NHaE6cK2KSnyuIi7rSzRNaBtTNQgwq96cJnge9TX43mPqazP+oHF52AgbxrGBJV/Ma5Y+UG7rJq1e+KEGDrCLi+nGRMvJDE5U7L8GnZJvPrpQbWmj1BMHP74d/bnTY3yt1w3u9N/BflajU6IfVuSvRnZBSg8fiipBUKqch110mwWAwNNNtMCm4PtuujDVI9e5fMAVtVwQq+6SywVHsF9Ic85xIW80/WS8n0xZigzR6iWhRB86Q6gIBS2CNhY8KbhXFcKa95J0mBz/Uh62+l4CCm/Mu0pI2/Rs2qc/kMDz4tj3vDLR6tE64DoTGwpf0+xiDXziHh3dOgvrwjqKYgc0Ni5HPh9Kj08dx2VUPhIfnpF5by30Gnm3acIbDbDDfLDjhLwgsiS5pjs+/F2b9MCY2uWAlHh+gb0ZZboQH4Vh0p6gBzuc4PsgH3q2S/qUYeDM9Pb26hNxS4lsDVDqyjIopF3qskNHZfWf36i4zZkj8dzuaLYcXbhpcD/g/sDFAL2dJje1elV97KfXLtj27MGl+sUce7zhgYwFunXhWJeCS3aTNTg01dZmhjbVUs2Ckoq5IAcjO9PcI7VVTOaXYHKeK/3+UqKKOuBy9El6f12IPG6nvGjBIX9mKwc8F8+ibT+q2QI2vREEm50WMZj5hmQucHaF/zQuMIy13G8U/jrrJK+0TGNPnZfp+aSfzUemmlXLYFkJXKCuIntFBGODYZR4B9R2WgxN4v02n2W7VAOeG94agGarLt6SRWrd8WDBs5Vv7M0D2/a5TzkzzWAyiBwUgmOPfVwcXIO0FNr9nD3gCCNuPDbF+Do+PMVhcc6BDAabNTgCR/Jc9lQyEFqqLgl+a16aNWVO2bXrWWTSXA1zH4h1Ha9alMWE1VgsxgSOUfFlOhk/iBXG4ENL7EOeoKeh6tCuahzF6NvhpCCkTKCgtG6Un3CjBgNWFOvWyqjm6XkJSOmNuLNOg4HIZvvQk16yrdWh0ymReFETnGeOXU5ngNH/fREjAtXCtLZY6hQYHda9jYkM5vLNLuZVVx4c1AvhZZUieE0R1PBJ8r7FK8FCtKV+pQuItaPd0JIh/eeNL8b9mrNIAYt9J7SvbxL5PYBNdiNaGAoGggUvW2C/TuuAOFU8ow7YtHVGDT3d/AITNaTpj3+zRXYhWhKYw3n42LWPmETeb5HLGprNnMUv0tLNTXAgu7ZZj/xPgni1ow+e+Z5bWrMvVdndbepxl4Cku0t7TzDo1zlJGDjGIHzlu7qgbglEFbr7mjhTQ7dBzyZ+xy9jSl9rlfub+7Vv6/61wuPMQtGN/MktrXGsAwpbK88oNGpxooNUH0ST3YinwYUghcNEiSlsKz4GEC/DRJd3jL4WCjZYBqPccskwWivf2pAg9HZZ8HQTZGH4ny/p51TCZsIIBH0y9qfHugpXDx73O0i8Sq5pRtQGD/rqkmI2ZJ+hgV1N3hEqfyqFUY9jVH5MfPckQoz3//LC1t0wb4RYK3JeRqd27eoT3mwON9mOPwHLt7L9zUa6OkJ9pBISBSd1++xNWgnxxQc2vHSRPef5F5/k/1BE7+4b3s08R0f0lh+bMHBFH50mDG+Ov4qAqx+BQ7qCqUGHIgUoBUcdTGZK7fs/MotPw22bKl7CCx5MMZd9kTqcomQ3fGkF5CbJgSg8RmoFaI0O1s4R5bWd13gfbs4yOIzDBLYoOA6gG+Swg8zbDhluO5Md8ajdsGUH5P+jWoIlDJRpFg1uHyb4wzrZViBvovYZXIxKHq+wJMR89xhPyM4uULKUWLNZ5+Dr+dYgu5idXhKtywBurVOsMuEvpGLwHW7QH/Is+29nVDOIPEU6vCteq3x2/FG0kjEQwHqCG0pfFym+gbnRD9x9vGyhbayknFPtBuU0An3sTktGYvCF/ESsL61CZMfQ24W/zR0gUx4NV5NYFrfHwoLyspcI6FiwJPwErs1+ozS1KoGv6KqZz3okpun4OuHNTn8trrFbyg5nuv6rH8sndRvpxt6CrGQxEa5J5mlS3RQa0q9aCBVYUDi025ZtMsS/g0lGAJcuRNzMEveiKCRUxEIIRRC2z2Jguhxusn7ev+XI/A/k0LUBWfrJ5T9xEFxFyjv5DTIn37y2kCCeYvgD9vwW9qdCc3GVmhcdJOfhcSCLWXb4MjVdcrkpgJd6XST8PQ5NYXfOgXitl+Z+AsABxu4SRgVCQKx2oqwvcajNTobTDTT1yDYSd8NFhogrqTXLgWGKh0XGe9yNTc0xdA1+w0Wp2MIJrTHwHJd5qMB2c2oYw+LSOnU5wG76QtqpEn9cAvs1XRu+b3hC6B1ZLGu+Sb3UWL1SD9hEDXBMbv7lNwQ2Fkb8XTWXN+7Yvan9G6pNU/53wdz1fpjU3GznzVrIkQ56ftRLCTVV2OcLJZRx8Ts3apYt0ZjxnkWT4MVPz6O0RyO7EmCp8XkfwVMJU3XPQnSajC5LGRpZ2VzdD0xODQxNDAscz1hMTlkOWE3MjdmNzI4NjY3Njg4NDg5OTVhNTdlYTQ3ZThjODE4Njg3YWU5OTliOTk3ZjZiYWI3Zjg2NWI2MTgwN2E2YTdmNjc3YmFmNzE2ZQ==
.corona.mx/	1970-01-20 07:04:14	Name: _hjid Value: 4bb42869-f9db-49a2-86e9-bccf6028e229
.corona.mx/	1970-01-19 22:18:40	Name: _hjFirstSeen Value: 1
.corona.mx/	1970-01-20 00:28:14	Name: _fbp Value: fb.1.1635518741821.1503394972
trivia.corona.mx/	1970-01-19 22:18:38	Name: _hjIncludedInPageviewSample Value: 1
.corona.mx/	1970-01-19 22:18:40	Name: _hjAbsoluteSessionInProgress Value: 0
.facebook.com/	1970-01-20 00:28:14	Name: fr Value: 0SLqsF9kJxKuPKcOE..BhfAkV...1.0.BhfAkV.
.krxd.net/	1970-01-20 02:37:50	Name: _kuid_ Value: OczS4uWi
.corona.mx/	1970-01-20 15:49:50	Name: _ga_6NVP6SM5D6 Value: GS1.1.1635518741.1.1.1635518742.59

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
beacon.krxd.net
cdn.cookielaw.org
cdn.krxd.net
connect.facebook.net
consumer.krxd.net
fonts.googleapis.com
in.hotjar.com
onetrust.azureedge.net
rec.smartlook.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
trivia.corona.mx
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
13.227.220.29
13.227.220.6
13.227.220.61
151.101.194.133
151.101.66.133
2606:4700::6810:9540
2a00:1450:4001:800::2008
2a00:1450:4001:808::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:812::200a
2a00:1450:4001:828::200e
2a00:1450:400c:c06::9d
2a02:26f0:64::210:6bb9
2a02:6ea0:c700::10
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
45.60.34.211
52.17.176.161
99.80.125.216
08ba82bbd1bdeb2ecabd09b85c5e100cc140e697a053c18bdd86828b34399faf
0fa19f56f34196b65d0fe67a08dde10e9ebaa2561b774bb4e3148eba3483d437
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11b947e74a7ba8f1d433b84ab7a719799ec0662a9035a8b4a2ab4d7d1eb2d681
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
1f93261e6db2c54e59dd3384dbb44d59a47c0118c3526bec3a3e5f52925e5243
2b397001e5e20ae37177f1bc2c1cc4264f073ad6e73a7990dd07438cd890faa9
2e0bb280ba3c8ab6df25eee29daa421da74aba5f8a3415f847110bb0bf733891
2f834ff34a0db23a30ea44521c6e7f35f9c7d08d722676491f3cca26afba023d
319014ec1f2fed36df3bea88fb0858755417146541880ea972d7f09f2c02c1d9
394653b172e1eb8c527dba3151a9d40522d67cd0ce88f8a7097b4c3347e7080e
3aa46191c1457b179175c92ffcf42c21b1a87b6a8361174dcbb5f8364a46ecc1
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3bd288db9e2f83f7d5d3a67ded340af0cf6e246809394c983b92103e597d39dc
433ca6438dc25db0b8ebcd860c553afd59697aea1320e9a995a8b08107a42802
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
59427c3a73a99202fed04d0518feac7b4662d58843f25911a5b997698a337b32
5e4336b9b5499a0e67e91b4f5906a6cebc40b0dff6c0f78b91e0fb30d1c04d96
62aac9f7c4362d8ee08c673ba27c764606d124a1f058602c930551029c673c20
655af8466afc77bc277a60ddaaa71412de519148dc103e5feab5e83f3f10615d
69ae95b7f73e2899d0c398ed4fb9faba242bbec4d0a58b182e4dd0e7808f01ac
796de3160e42300058f3c1173318578ba291ac2280f7d90258719ca8c58605fc
7fcf0f73829d7d651743c45c212051f633aa8ad01fd9f80f70531be5343c182b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
890faf5c6a66e8f3ce44ac57a7575498865b99d5a6de3f9b34372d2e66f57a4d
950a479bf003bbb4e0f625bcfd24f3c5c003c88549b00765f15d696a921fee80
9d1a71851b9c575f7a08134336da7769a379f0db481b058bf45a82d60b7e2ddc
9ed148332e9c39425e8850cb37c23d08973b87882594682fb6daa2988895e766
a15649a254fed8c04fcc33fb4610260d934758fb06d9ff086b94def9a8a7be2a
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
b6bc051452fb86da395f36d6c3ff1806dbbd72577942d1a3356f01281c5aa54c
bf183933467ff43e06a2420c350bbda5da165be6c73d88e3e9d73f6749ba23c8
ccd58b8fcf67cc42e74bc33893e02d287f3eae0b645ccc5b28ccd6d4ae91ad26
cf84206330a0af671f564fe5b2834e83c8213905e332a25d6c9f6ee68358e82c
d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9
d5bfece4bb18cac1f35bf594a9feac345295142f3d3de0acb87341cc77325a7a
dd8bce41d0be6d4e5449bef910b493bcf872a4189a361451102996bfe0082f3a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9054eb8c22729134bfa5c6ed526e18816f0ef0abeab5c84edd8a7169c6d1dd3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

trivia.corona.mx Open in urlscan Pro 45.60.34.211 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

50 Requests

100 %HTTPS

60 %IPv6

14 Domains

20 Subdomains

20 IPs

5 Countries

1072 kBTransfer

2845 kBSize

19 Cookies

11 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

trivia.corona.mx Open in urlscan Pro
45.60.34.211 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

100 %
HTTPS

60 %
IPv6

14
Domains

20
Subdomains

20
IPs

5
Countries

1072 kB
Transfer

2845 kB
Size

19
Cookies

50 HTTP transactions
0 data transactions